ID: 25934
User updated by: php at webfreezer dot com
Reported By: php at webfreezer dot com
Status: Bogus
Bug Type: Session related
Operating System: SuSe Linux 8.1
-PHP Version: 4.3.3
+PHP Version: 4.3.4
New Comment:
This still happens in Version 4.3.4 which is now installed on the live
system.
What I do:
- ini_set(session settings...)
- session_start()
- accessing the session values via $_SESSION
- I donīt use sesson_register() and session_unregister()
- Post a form via GET -> error occurs? -> redirect via header() with
attached SID -> display page -> PHP ignores given sessionID
- URL e.g.
error.php?e=noresults_city&qid=1&sessionID=92f9dcf7a0d89eaa2b0bc8f2e4dfd460&token=d03d28781b196bd362b9aeb7844e8e85
- session_id() however is different from "$_GET[session_name()]" then
- The error occurs everytime a new session is used (e.g. accessing the
website and submitting the form for the first time int the session)
I found at least a workaround for that:
// Auto-Reset to correct session data
$sn=session_name();
if($_GET[$sn] != session_id())
{
$sessionSavePath=ini_get("session.save_path");
$oldSessionContent=file_get_contents($sessionSavePath."/sess_".$_GET[$sn]);
session_decode($oldSessionContent);
}
If the error occurs it is now fixed on-the-fly.
This works _everytime_ when the error occurs.
As I said before the session file exists, it is readable and can be
accessed without any problems, so itīs no wonder this workaround works.
Previous Comments:
------------------------------------------------------------------------
[2003-11-03 13:49:08] [EMAIL PROTECTED]
As you don't give an example script we have to assume that you're just
doing something wrong. This works just fine for me.
------------------------------------------------------------------------
[2003-11-03 06:41:08] php at webfreezer dot com
Additional note:
"DOMAINNAME" in session.save_path is just the concealed domain name.
------------------------------------------------------------------------
[2003-11-03 06:39:24] php at webfreezer dot com
This is an excerpt of ini_get_all vardumpīed:
[session.auto_start] array(3) => {
[global_value] string(1) => "0"
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.bug_compat_42] array(3) => {
[global_value] string(1) => "1"
[local_value] string(1) => "1"
[access] int(7) =>
}
[session.bug_compat_warn] array(3) => {
[global_value] string(1) => "1"
[local_value] string(1) => "1"
[access] int(7) =>
}
[session.cache_expire] array(3) => {
[global_value] string(2) => "60"
[local_value] string(3) => "180"
[access] int(7) =>
}
[session.cache_limiter] array(3) => {
[global_value] string(7) => "nocache"
[local_value] string(7) => "nocache"
[access] int(7) =>
}
[session.cookie_domain] array(3) => {
[global_value] string(0) => ""
[local_value] string(0) => ""
[access] int(7) =>
}
[session.cookie_lifetime] array(3) => {
[global_value] string(1) => "0"
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.cookie_path] array(3) => {
[global_value] string(1) => "/"
[local_value] string(1) => "/"
[access] int(7) =>
}
[session.cookie_secure] array(3) => {
[global_value] string(0) => ""
[local_value] string(0) => ""
[access] int(7) =>
}
[session.entropy_file] array(3) => {
[global_value] string(0) => ""
[local_value] string(0) => ""
[access] int(7) =>
}
[session.entropy_length] array(3) => {
[global_value] string(1) => "0"
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.gc_divisor] array(3) => {
[global_value] string(3) => "100"
[local_value] string(3) => "100"
[access] int(7) =>
}
[session.gc_maxlifetime] array(3) => {
[global_value] string(4) => "1440"
[local_value] string(4) => "1440"
[access] int(7) =>
}
[session.gc_probability] array(3) => {
[global_value] string(1) => "1"
[local_value] string(1) => "1"
[access] int(7) =>
}
[session.name] array(3) => {
[global_value] string(9) => "PHPSESSID"
[local_value] string(9) => "sessionID"
[access] int(7) =>
}
[session.referer_check] array(3) => {
[global_value] string(0) => ""
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.save_handler] array(3) => {
[global_value] string(5) => "files"
[local_value] string(5) => "files"
[access] int(7) =>
}
[session.save_path] array(3) => {
[global_value] string(4) => "/tmp"
[local_value] string(44) => "/var/www/DOMAINNAME/temp/sessions"
[access] int(7) =>
}
[session.serialize_handler] array(3) => {
[global_value] string(3) => "php"
[local_value] string(3) => "php"
[access] int(7) =>
}
[session.use_cookies] array(3) => {
[global_value] string(1) => "1"
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.use_only_cookies] array(3) => {
[global_value] string(1) => "0"
[local_value] string(1) => "0"
[access] int(7) =>
}
[session.use_trans_sid] array(3) => {
[global_value] string(1) => "0"
[local_value] string(1) => "0"
[access] int(6) =>
}
------------------------------------------------------------------------
[2003-10-29 19:58:00] [EMAIL PROTECTED]
Could you please show all your session related INI values after any
ini_set() or session_set_cookie_params() that your script normally
makes.
------------------------------------------------------------------------
[2003-10-22 06:01:14] php at webfreezer dot com
Sorry, ini_set("session.name", "sessionID") is called before, NOT
ini_set("session-name"...
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/25934
--
Edit this bug report at http://bugs.php.net/?id=25934&edit=1
