ID: 15484 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Bogus +Status: Feedback Bug Type: Session related Operating System: win2k PHP Version: 4.1.1 New Comment:
To properly diagnose this bug, we need a backtrace to see what is happening behind the scenes. To find out how to generate a backtrace, please read http://bugs.php.net/bugs-generating-backtrace.php Once you have generated a backtrace, please submit it to this bug report and change the status back to "Open". Previous Comments: ------------------------------------------------------------------------ [2002-02-10 07:00:39] [EMAIL PROTECTED] "what i did": code's here: session_set_save_handler ('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy', 'sess_gc'); function sess_open() { return true;} function sess_close() { return true;} function sess_read() { return ""; } function sess_write() {} function ses_destroy() {} function sess_gc() {} session_start(); echo "program got here"; ;-------------- ok, the above program won't crash the apache but if i change: --> function sess_read() { return ""; } into: --> function sess_read() { return null; } "what i expected to happen" is: php `should` warnning me my returning isnot STRING, or keep running quietly "what happened" is: no response from apache and here why i report this bug: a server running 100 website, one of the custom(the one can upload/update php file for his site) is able to attact the server by using the above script, making `fool` of the server is the above info enough? :) ------------------------------------------------------------------------ [2002-02-10 06:18:12] [EMAIL PROTECTED] Not enough information was provided for us to be able to handle this bug. Please re-read the instructions at http://bugs.php.net/how-to-report.php If you can provide more information, feel free to add it to this bug and change the status back to "Open". ------------------------------------------------------------------------ [2002-02-10 06:04:07] [EMAIL PROTECTED] used session_set_save_handler(...."sess_read"....); and when session_start(); and also sess_read() returns _NONE_ string e.g. function sess_read() { } or function sess_read() { return false; } browser get no response from apache (should be crash) it should be strong enough :-) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=15484&edit=1
