I've gotten complaints lately about session cookie headers showing up
on the webpage. I'm used to seeing CakePHP send out several copies of
the session cookie header but the pages generating the complaints are
sending out over 60 which I'm speculating my user's browsers are
choking on.
As the cake session code from about 1.2.1 on to the present has moved
around the code tree I see this chunk of code in the __startSession
function has largely remained the same.
if (headers_sent()) {
if (empty($_SESSION)) {
$_SESSION = array();
}
return false;
} elseif (!isset($_SESSION)) {
session_cache_limiter ("must-revalidate");
session_start();
header ('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND
DEM"');
return true;
} else {
session_start();
return true;
}
Does anybody know why is that last session_start() is there? I've
commented it out and my multiple headers go away. I can't think of a
good reason to keep it around. If $_SESSION is set, then there's no
need to call it. Am I wrong?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
