ID: 16810
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Closed
Bug Type: Session related
Operating System: Linux RedHat
PHP Version: 4.0CVS-2002-04-2
New Comment:
we are *not* generating fragments that are expected to identified by
their url. we are generating a (hidden) form input element with a name.
we expect the browser to submit the value of that element with the
associated name. setting an id is pointless. (and potentially *wrong*
if there is more than one form on the page, which means we'll have
created two fragments with the same id.)
Previous Comments:
------------------------------------------------------------------------
[2002-04-25 14:26:36] [EMAIL PROTECTED]
It should not be reversed.
The XHTML DTDs defines "id" as one of the core attributes (see
parameter entity "coreattrs") for most elements, including the input
element.
Section C.8 states "In XML, URI-references [RFC2396] that end with
fragment identifiers of the form "#foo" do not refer to elements with
an attribute name="foo"; rather, they refer to elements with an
attribute defined to be of type ID, e.g., the id attribute in HTML 4.
Many existing HTML clients don't support the use of ID-type attributes
in this way, so identical values may be supplied for both of these
attributes to ensure maximum forward and backward compatibility (e.g.,
<a id="foo" name="foo">...</a>)."
One of the features of XML (and therefore XHTML), is that anchor
elements are no longer the only elements addressable by a fragment
identifier. Note that section 3.2 states "When a user agent processes
an XHTML document as generic XML, it shall only recognize attributes of
type ID (e.g. the id attribute on most XHTML elements) as fragment
identifiers." So while "script.php#PHPSESSID" may sound like an
unlikely path, it is a legal one.
------------------------------------------------------------------------
[2002-04-25 13:05:18] [EMAIL PROTECTED]
note that this is not correct with regards to input elements. the name
attribute is only deprecated for the a, applet, form, frame, iframe,
img, and map elements. (see C.8 of the xhtml spec, and the dtds.)
in fact, reverting this part of the patch would be a good idea. we're
defining input element names here, not fragment identifiers.
------------------------------------------------------------------------
[2002-04-25 02:30:25] [EMAIL PROTECTED]
Fixed in CVS
------------------------------------------------------------------------
[2002-04-24 21:21:16] [EMAIL PROTECTED]
That output will become valid XHTML with the addition of an "id"
parameter for the input tag. Since "id" is XHTML's replacement for the
deprecated HTML "name" attribute, the usual method for making markup
backward-compatible is to use both "name" and "id" attributes, giving
the same value for both. For example:
<input type="hidden" name="PHPSESSID" id="PHPSESSID"
value="25ba3c5303803bb6914edff4d787b430" />
------------------------------------------------------------------------
[2002-04-24 21:05:22] [EMAIL PROTECTED]
This is the output with PHP 4.2.0:
---clip---
<form method="get"><input type="hidden" name="PHPSESSID"
value="25ba3c5303803bb6914edff4d787b430" />
See hidden input<input type="submit" name="submit" value="Test" />
</form>
<a
href="/ses.php?foo=bar&PHPSESSID=25ba3c5303803bb6914edff4d787b430">See
new href</a>
---clip---
Which part is not valid XHTML?
I have this set in my php.ini:
; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
arg_separator.output = "&"
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/16810
--
Edit this bug report at http://bugs.php.net/?id=16810&edit=1
