Bug #15856 Updated: session_destroy() - hangs php4ts.dll - memory leak

Wed, 03 Apr 2002 06:37:03 -0800 

 ID:               15856
 Updated by:       [EMAIL PROTECTED]
 Reported By:      [EMAIL PROTECTED]
-Status:           Open
+Status:           Feedback
 Bug Type:         Session related
 Operating System: Windows 98 Windows 2000
 PHP Version:      4.1.1
 New Comment:

What is session save handler? files?


Previous Comments:
------------------------------------------------------------------------

[2002-03-09 07:30:16] [EMAIL PROTECTED]

This Bug is even tested and reproduceable in Windows 2000 environment

------------------------------------------------------------------------

[2002-03-06 05:06:07] [EMAIL PROTECTED]

Hope last feedback help.

------------------------------------------------------------------------

[2002-03-04 10:44:30] [EMAIL PROTECTED]

Only the login function that is capsuled in the class. called on one
page the session start is before the constructor of the class...
if the login failed it passes the session_destroy...
the do login function is called after a post form...
hope that helps..

what do you mean with caps....
---


function doLogin($pseudo,$pw){
    global $s_userAuthorisation;
    global $s_loginRetries;
    if ($this->DEBUG) { echo "<br> doLogin($pseudo,$pw)";}
    $loginOk=false;
    $s_userData=array();
    if (!isset($s_loginRetries)){
      session_register("s_loginRetries");
      $s_loginRetries=0;
     }
   // count the retris
   $s_loginRetries++;
   // check pseudo
   $userid=$this->getUserIdFromPseudo($pseudo);
   if ($userid==0) {
      if ($s_loginRetries<3) {
         // nothing to do as no timeout to set
         if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;}
         $this->ErrorMsg="Login inkorrekt";
      }
      else
         {
        $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte
Loginversuche";
        if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte
Loginversuche";}
        flush();
        sleep(10);
        $s_loginRetries=0;
     }
   }
   // pseudo exist so check the login
   else{
    // perform the login check
    $qstring = "select * ";
    $qstring = $qstring." from ".$this->tablename;
    $qstring = $qstring." where vch_pseudo ='".$pseudo."' ";
    $qstring = $qstring." and vch_pw ='".$pw."' ";
    $qstring = $qstring." and ".$this->activeRecord;
    $queryst = sprintf($qstring);
    $this->query($queryst);
   // only one row allowed
   if ($this->num_Rows()!=0) {
       while($this->next_record()) {
         $loginOk=true;
         if ($this->DEBUG) {
           echo "DOLOGINQUERYRESULT<br>";
           echo "sUserId:".$this->f("i_id")." <br>";
           echo "sSalutationId" .$this->f("i_salutation_id")." <br>";
           echo "sUserName" . $this->f("vch_pseudo")." <br>";
           echo "sUniqueId". $this->f("vch_unique")." <br>";
           echo "sEmail". $this->f("vch_email")." <br>";
           echo "sFirstName". $this->f("vch_first_name")." <br>";
           echo "sLastName". $this->f("vch_last_name")." <br>";
           echo "sLastLogin". $this->f("dt_last_login")." <br>";
           echo "sLoginSince". date("H:i:s")." <br>";


         }
         $s_userAuthorisation=array("sUserId" =>$this->f("i_id"),
                           "sSalutationId"
=>$this->f("i_salutation_id"),
                           "sUserName" => $this->f("vch_pseudo"),
                           "sUniqueId" => $this->f("vch_unique"),
                           "sEmail" => $this->f("vch_email"),
                           "sFirstName" => $this->f("vch_first_name"),
                           "sLastName" => $this->f("vch_last_name"),
                           "sLastLogin" => $this->f("dt_last_login"),
                           "sLoginSince" => date("H:i:s"));
         session_register("s_userAuthorisation");
         if ($this->DEBUG) {
          echo "<br>Login ok ".$s_loginRetries;}
         $this->lastLoginDateTime=$this->f("dt_last_login");
         $this->loggedInPseudo=$pseudo;
         $this->updateLastLoginDate($pseudo);
         $this->ErrorMsg="";
         $s_loginRetries=0;
         // put to member online
         $k=new Keepalive();
        
$k->updateUserLoggedIn(session_id(),$s_userAuthorisation["sUserName"],$s_userAuthorisation["sUserId"]);

         if ($this->DEBUG) { $this->displaySessionVars(); }


      }
   }
   else
      {
      // login failed
      // delete Session
      // here is the bug: HANGSPHP
session_destroy();

      // some security
      if ($this->DEBUG) { $this->displaySessionVars(); }

      if ($s_loginRetries<3) {
         // nothing to do as no timeout to set
         if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;}
         $this->ErrorMsg="Login inkorrekt";

      }
      else
         {
        $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte
Loginversuche";
        if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte
Loginversuche in Folge<br>";}
        flush();
        sleep(10);
        $s_loginRetries=0;
        }
     // secutity end
      $this->lastLoginDateTime="";
      $this->loggedInPseudo="";
      }
  }
  return $loginOk;
 }

------------------------------------------------------------------------

[2002-03-04 10:23:24] [EMAIL PROTECTED]

Can you provide a simple sample script?

P.S.: no I don't like caps :)

------------------------------------------------------------------------

[2002-03-04 09:49:48] [EMAIL PROTECTED]

The PHP4TS.DLL hangs.. sorry..

------------------------------------------------------------------------

The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
    http://bugs.php.net/15856

-- 
Edit this bug report at http://bugs.php.net/?id=15856&edit=1

Reply via email to