ID: 43451 Updated by: [EMAIL PROTECTED] Reported By: mg at memedia dot de -Status: Open +Status: Feedback Bug Type: Session related Operating System: GNU/Debian 4.0 PHP Version: 5.2.5 New Comment:
Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi Previous Comments: ------------------------------------------------------------------------ [2007-11-29 15:09:51] mg at memedia dot de Description: ------------ A customer was forwarded to me on the phone today, telling me she would see the customer area of another customer on our online-shop. That's was indeed very surprising. The site uses no client side cookies, except the one form the php session management. Anyway, she got on our site by typing in the URL into the address bar, no injections and stuff. Moreover i found out that she was not the only one with the "problem". >From 12:14:28 to 13:57:36 i count about 10 different IP adresses with different browsers in our logs that used ONE session (d28b9616a3013ef6441f8e4383d7e05b). The session must have been loaded multiple times, because we put that data also in our db-based user-tracking. It seems the session was started different times with the same SessionID. There was no session id given by URL or cookie. People came according to the referer from different sites. As i said we use the PHP session managment. There are about 20-30 people most of the time online. Not every one was affected. The file itself (under /var/lib/php5) seems to be ok. We're using the distribution from dotdeb.org on our servers. Any clues where the problem could hang? Is it Apache or PHP? How ist the has for the session file created? I guess i will add an IP-referer and Browser User Agent check first to avoid the problem in future. Reproduce code: --------------- -- ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=43451&edit=1
