Bug #15856 Updated: session_destroy() - hangs php4ts.dll - memory leak

Sat, 09 Mar 2002 04:12:39 -0800 

 ID:               15856
 Updated by:       [EMAIL PROTECTED]
 Reported By:      [EMAIL PROTECTED]
 Status:           Open
 Bug Type:         Session related
-Operating System: Windows 98
+Operating System: Windows 98 Windows 2000
-PHP Version:      4.1
+PHP Version:      4.1.1
 New Comment:

This Bug is even tested and reproduceable in Windows 2000 environment


Previous Comments:
------------------------------------------------------------------------

[2002-03-06 05:06:07] [EMAIL PROTECTED]

Hope last feedback help.

------------------------------------------------------------------------

[2002-03-04 10:44:30] [EMAIL PROTECTED]

Only the login function that is capsuled in the class. called on one
page the session start is before the constructor of the class...
if the login failed it passes the session_destroy...
the do login function is called after a post form...
hope that helps..

what do you mean with caps....
---


function doLogin($pseudo,$pw){
    global $s_userAuthorisation;
    global $s_loginRetries;
    if ($this->DEBUG) { echo "<br> doLogin($pseudo,$pw)";}
    $loginOk=false;
    $s_userData=array();
    if (!isset($s_loginRetries)){
      session_register("s_loginRetries");
      $s_loginRetries=0;
     }
   // count the retris
   $s_loginRetries++;
   // check pseudo
   $userid=$this->getUserIdFromPseudo($pseudo);
   if ($userid==0) {
      if ($s_loginRetries<3) {
         // nothing to do as no timeout to set
         if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;}
         $this->ErrorMsg="Login inkorrekt";
      }
      else
         {
        $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte
Loginversuche";
        if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte
Loginversuche";}
        flush();
        sleep(10);
        $s_loginRetries=0;
     }
   }
   // pseudo exist so check the login
   else{
    // perform the login check
    $qstring = "select * ";
    $qstring = $qstring." from ".$this->tablename;
    $qstring = $qstring." where vch_pseudo ='".$pseudo."' ";
    $qstring = $qstring." and vch_pw ='".$pw."' ";
    $qstring = $qstring." and ".$this->activeRecord;
    $queryst = sprintf($qstring);
    $this->query($queryst);
   // only one row allowed
   if ($this->num_Rows()!=0) {
       while($this->next_record()) {
         $loginOk=true;
         if ($this->DEBUG) {
           echo "DOLOGINQUERYRESULT<br>";
           echo "sUserId:".$this->f("i_id")." <br>";
           echo "sSalutationId" .$this->f("i_salutation_id")." <br>";
           echo "sUserName" . $this->f("vch_pseudo")." <br>";
           echo "sUniqueId". $this->f("vch_unique")." <br>";
           echo "sEmail". $this->f("vch_email")." <br>";
           echo "sFirstName". $this->f("vch_first_name")." <br>";
           echo "sLastName". $this->f("vch_last_name")." <br>";
           echo "sLastLogin". $this->f("dt_last_login")." <br>";
           echo "sLoginSince". date("H:i:s")." <br>";


         }
         $s_userAuthorisation=array("sUserId" =>$this->f("i_id"),
                           "sSalutationId"
=>$this->f("i_salutation_id"),
                           "sUserName" => $this->f("vch_pseudo"),
                           "sUniqueId" => $this->f("vch_unique"),
                           "sEmail" => $this->f("vch_email"),
                           "sFirstName" => $this->f("vch_first_name"),
                           "sLastName" => $this->f("vch_last_name"),
                           "sLastLogin" => $this->f("dt_last_login"),
                           "sLoginSince" => date("H:i:s"));
         session_register("s_userAuthorisation");
         if ($this->DEBUG) {
          echo "<br>Login ok ".$s_loginRetries;}
         $this->lastLoginDateTime=$this->f("dt_last_login");
         $this->loggedInPseudo=$pseudo;
         $this->updateLastLoginDate($pseudo);
         $this->ErrorMsg="";
         $s_loginRetries=0;
         // put to member online
         $k=new Keepalive();
        
$k->updateUserLoggedIn(session_id(),$s_userAuthorisation["sUserName"],$s_userAuthorisation["sUserId"]);

         if ($this->DEBUG) { $this->displaySessionVars(); }


      }
   }
   else
      {
      // login failed
      // delete Session
      // here is the bug: HANGSPHP
session_destroy();

      // some security
      if ($this->DEBUG) { $this->displaySessionVars(); }

      if ($s_loginRetries<3) {
         // nothing to do as no timeout to set
         if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;}
         $this->ErrorMsg="Login inkorrekt";

      }
      else
         {
        $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte
Loginversuche";
        if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte
Loginversuche in Folge<br>";}
        flush();
        sleep(10);
        $s_loginRetries=0;
        }
     // secutity end
      $this->lastLoginDateTime="";
      $this->loggedInPseudo="";
      }
  }
  return $loginOk;
 }

------------------------------------------------------------------------

[2002-03-04 10:23:24] [EMAIL PROTECTED]

Can you provide a simple sample script?

P.S.: no I don't like caps :)

------------------------------------------------------------------------

[2002-03-04 09:49:48] [EMAIL PROTECTED]

The PHP4TS.DLL hangs.. sorry..

------------------------------------------------------------------------

[2002-03-04 09:48:19] [EMAIL PROTECTED]

I use output buffering at a page start,
if I start a session and do session_destory(),e.g.
authentication failure, the the dll hangs with an win32 page fault.
I use PHP as CGI on an apache on an wamp system.

The Session Destroy is capsuled in an loginclass,


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=15856&edit=1

Reply via email to