From: [EMAIL PROTECTED] Operating system: PHP version: Irrelevant PHP Bug Type: Documentation problem Bug description: Promoting possible unsecure coding practices
Description: ------------ In the setcookie() description there is the following paragraph: Cookies names can be set as array names and will be available to your PHP scripts as arrays but separate cookies are stored on the users system. Consider explode() or serialize() to set one cookie with multiple names and values. This should be fixed according to the example below... Reproduce code: --------------- --- Expected result: ---------------- Cookies names can be set as array names and will be available to your PHP scripts as arrays but separate cookies are stored on the users system. Consider explode() to set one cookie with multiple names and values. It is not recommended to use serialize() for this purpose, because it can result in security holes. Actual result: -------------- Cookies names can be set as array names and will be available to your PHP scripts as arrays but separate cookies are stored on the users system. Consider explode() or serialize() to set one cookie with multiple names and values. -- Edit bug report at http://bugs.php.net/?id=33688&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=33688&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=33688&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=33688&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=33688&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=33688&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=33688&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=33688&r=needscript Try newer version: http://bugs.php.net/fix.php?id=33688&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=33688&r=support Expected behavior: http://bugs.php.net/fix.php?id=33688&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=33688&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=33688&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=33688&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=33688&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=33688&r=dst IIS Stability: http://bugs.php.net/fix.php?id=33688&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=33688&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=33688&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=33688&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=33688&r=mysqlcfg
