ID: 16043
Updated by: [EMAIL PROTECTED]
-Summary: $_SESSION can't use in PHP 4.1.2
Reported By: [EMAIL PROTECTED]
-Status: Open
+Status: Duplicate
Bug Type: Session related
Operating System: Windows XP
PHP Version: 4.1.2
Previous Comments:
------------------------------------------------------------------------
[2002-03-14 18:58:34] [EMAIL PROTECTED]
I can confirm this with w2ksp2 + apache 1.3.23
------------------------------------------------------------------------
[2002-03-14 15:58:47] [EMAIL PROTECTED]
Sample scripts to show symptoms.
The following script shows that NO session data is stored when you use
the new $_SESSION variables only as described in the PHP manual:
__________________________________________________
<html><head><title>Simple PHP Session Test</title></head>
<body>
Testing PHP Sessions...<p>
<?php
error_reporting(E_ALL);
session_start();
echo "Values at start of script:<br>";
foreach($_SESSION as $key => $value) {
echo "\$_SESSION['$key'] => '$value'<br>";
}
//Set/Increment Counter
if ( !array_key_exists('counter', $_SESSION) ) {
$_SESSION['counter'] = 0;
} else {
$_SESSION['counter']++;
}
echo "Values at end of script:<br>";
foreach($_SESSION as $key => $value) {
echo "\$_SESSION['$key'] => '$value'<br>";
}
?>
</body>
</html>
__________________________________________________
And the modified version of this script uses the older
$HTTP_SESSION_VARS variable along with session_register(), to show that
session_register() creates the initial instance of a session variable,
but no updates occur after that. This is the best I've been able to do
with sessions in 4.1.2, so it's pretty useless at this point.
__________________________________________________
<html><head><title>Simple PHP Session Test</title></head>
<body>
Testing PHP Sessions...<p>
<?php
error_reporting(E_ALL);
session_start();
echo "Values at start of script:<br>";
foreach($HTTP_SESSION_VARS as $key => $value) {
echo "\$HTTP_SESSION_VARS['$key'] => '$value'<br>";
}
//Set/Increment Counter
if ( !array_key_exists('counter', $HTTP_SESSION_VARS) ) {
$counter = 0;
session_register('counter');
} else {
$HTTP_SESSION_VARS['counter']++;
}
echo "Values at end of script:<br>";
foreach($HTTP_SESSION_VARS as $key => $value) {
echo "\$HTTP_SESSION_VARS['$key'] => '$value'<br>";
}
?>
</body>
</html>
__________________________________________________
P.S. For what it's worth, session files ARE created in the
session.save_path directory, but other than the latter script, the
files are always 0 bytes and completely empty. Hope this helps track
down the bug.
------------------------------------------------------------------------
[2002-03-14 14:37:56] [EMAIL PROTECTED]
Also applies to NT 4.0 (sp6a) both Module and CGI $_SESSION
and also $HTTP_SESSION_VARS are dead. From what I can tell
the sess files get created in tmp ok, however nothing ever
gets written to it.
------------------------------------------------------------------------
[2002-03-14 10:27:13] [EMAIL PROTECTED]
thank you for reply...
I test the $_SESSION use those 3 PHP file...
1.php
===============================
<?php
session_start();
echo '<a href=2.php>TEST</a>';
echo '<hr>SESSION<br>';
foreach($_SESSION as $k => $v)
echo "$k => $v<br>";
$_SESSION['a']='a';
?>
===============================
2.php
===============================
<?php
session_start();
echo '<a href=3.php>TEST</a>';
echo '<hr>SESSION<br>';
foreach($_SESSION as $k => $v)
echo "$k => $v<br>";
$_SESSION['b']='b';
?>
===============================
3.php
===============================
<?php
session_start();
echo '<a href=1.php>TEST</a>';
echo '<hr>SESSION<br>';
foreach($_SESSION as $k => $v)
echo "$k => $v<br>";
$_SESSION['c']='c';
?>
===============================
very simple...
I like use PHP 4.1.x new features($_GET, $_POST, $_SESSION... etc), so
I care about the $_SESSION can right work!
------------------------------------------------------------------------
[2002-03-13 20:33:36] [EMAIL PROTECTED]
Have the same issue running the following config:
* Windows 2000 SP2
* Apache 1.3.23 for Windows
* PHP 4.1.2 Apache SAPI module
Everything works fine with PHP 4.1.1 in place. Swapping in PHP 4.1.2,
sessions break. It appears possible to store session variables
INITIALLY using session_register(), but no updates to session variables
are ever stored in the session file.
Attempting to follow the PHP documentation and just use
$_SESSION--avoiding using session_register() altogether--does not work
at all. Attempting to create a session variable by doing something
like
________________________________________
<?php
// Use $HTTP_SESSION_VARS with PHP 4.0.6 or less
if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 0;
} else {
$_SESSION['count']++;
}
?>
________________________________________
as written in the documentation fails miserably. (Note the
documentation neglects the session_start() call, which I added since I
did not have autostart enabled.)
BACKGROUND:
Here is how I swapped 4.1.2 into place to test this (what I do whenever
a new release comes out now):
* All Internet-related info is stored under \InetPub
(holdover from my IIS days)
* Apache is configured to look in \InetPub\PHP\SAPI for
the PHP4APACHE.DLL file. All appropriate settings in
HTTPD.CONF file set for running PHP as module (vs. CGI).
* When a new PHP version is released, I
1. Download the .ZIP file
2. Decompress into \InetPub (in this case creating
\InetPub\php-4.1.2-Win32\)
3. Copy PHP4TS.DLL into .\SAPI directory so it is in the
the same directory with PHP4APACHE.DLL.
4. Compare new PHP.INI-DIST and PHP.INI-RECOMMENDED
against my %SYSTEMROOT%\PHP.INI file, and make
adjustments accordingly (like the new cgi. entries).
5. Shutdown Apache service.
6. Rename '\InetPub\PHP' to '\InetPub\PHP v4.1.1'
7. Rename '\InetPub\php-4.1.2-Win32' to '\InetPub\PHP'
8. Restart Apache service.
9. Test the new config by running a VER.PHP file which
contains
________________________________________
<?php
phpinfo();
?>
________________________________________
10. Run various test scripts to validate sessions, etc.,
looking at the session files created to make sure
variables are created/updated/etc.
Testing an old version against a new version is then simple. I simply
1. Shutdown Apache service.
2. Rename '\InetPub\PHP' to '\InetPub\PHP_version_in_use'
3. Rename '\InetPub\PHP_version_to_test' to '\InetPub\PHP'
4. Restart Apache service.
and run the same tests.
With the introduction of PHP 4.1.0, I have started changing my PHP test
scripts to make use of $_SESSION. If you would like, I can provide a
set that may help show what's going on (or not going on in this case).
In a nutshell, currently PHP v4.1.2 is useless for session management,
at least the Apache for Windows SAPI module. Due to the various
security concerns with CGIs, etc., I am hesitant to go back to that.
If I find time to test the CGI version, I'll post here.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/16043
--
Edit this bug report at http://bugs.php.net/?id=16043&edit=1
