ID: 35076
Updated by: [EMAIL PROTECTED]
Reported By: vincent_f40 at hotmail dot com
-Status: Open
+Status: Bogus
Bug Type: Session related
Operating System: Linux RHEL4, 2.6.9-11.ELsmp
PHP Version: 5CVS-2005-11-05 (snap)
New Comment:
Please ask your administrator to check the httpd access log and compare
the times there with the error time here.
This is not a PHP bug.
Previous Comments:
------------------------------------------------------------------------
[2005-11-06 00:14:14] vincent_f40 at hotmail dot com
Hi Sniper,
Thank you for your reply.
I have no idea what IS passed to the server(what can be passed?). I am
just somehow getting these errors appearing arround 2-3 times a hour.
Nothing more it says...(just as I copy and pasted the error down here)
Also nothing about the session_id... As you can see in the error I copy
and pasted.
We use cookies for the sessions(we do not use session id in the
link)...dont know if there is a way to hack our service in this
way...with some random session_id...but then I should see these errors
appear a lot more I guess...
Any clue ? Do I need to switch to a more verbose error logging...
Thanks,
Vince
------------------------------------------------------------------------
[2005-11-05 23:29:55] [EMAIL PROTECTED]
So what IS passed to server when this happens? What is the session id?
Are you sure someone just isn't trying to hack your service with some
random generated ID's and just doesn't know that some chars are not
allowed?
------------------------------------------------------------------------
[2005-11-05 21:58:26] vincent_f40 at hotmail dot com
file: config.inc
<?php
$conf['session_name'] = "somename";
$conf['session_init'] = "session_init.inc";
$conf['domain'] = ".domain.com";
?>
file: session_init.inc
<?php
function a(){
some code
}
session_name($conf['session_name']);
session_start();
if else statements
if (!$_COOKIE['wid']) {
setcookie("wid", $_GET['wid'], time()+(3600 * 24 *365), "/" ,
$conf['domain']);
}
?>
file: index.php
<?php
require_once("config.inc");
require_once($conf['session_init']);
html webpage code
?>
I am not able to reproduce the error. The error just appears sometimes
in the log files...But basicly this is the setup.
Some pages we use frames...but I guess that should not be a problem.
Thanks,
Vince
------------------------------------------------------------------------
[2005-11-05 19:23:23] vincent_f40 at hotmail dot com
Hi Sniper,
Downloaded the latest PHP from your link. Installed it with the option:
--without-pear.
Everything installed Ok.
But the errors keep appearing...any ideas?
Thanks,
Vince
------------------------------------------------------------------------
[2005-11-05 12:42:41] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php5-win32-latest.zip
And ignore the PEAR errors. (just add --without-pear to your configure
line)
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/35076
--
Edit this bug report at http://bugs.php.net/?id=35076&edit=1
