ID: 44080 Updated by: [EMAIL PROTECTED] Reported By: k dot mcmanus at gre dot ac dot uk Status: Feedback Bug Type: Session related Operating System: Solaris and Windows PHP Version: 5.2.5 New Comment:
See also bug #10599 and bug #33705 Previous Comments: ------------------------------------------------------------------------ [2008-02-15 13:41:42] [EMAIL PROTECTED] Ah yes..that empty link definately will cause problems. I guess Mozilla based browsers are more strict in this, IE is known to allow pretty much any crap. :) I tested your page using FF and having Firebug installed, and it does 2 requests for index.php. For example this bug page only shows 1 request. This is not really any PHP bug just how decent browsers behave. You shouldn't have empty links like that around anyway. ------------------------------------------------------------------------ [2008-02-15 04:28:13] k dot mcmanus at gre dot ac dot uk Since posting my ever helpful sysops have moved http://cms-stu-iis.gre.ac.uk/mk05/session/index.php to PHP 5.2.5 and I have recently installed 5.2.5 onto Apache 2.2.8 The bug still manifests. I am not sure why jani asks for session settings as the sessions work correctly in all browsers other than Moz and work but incorrectly in all Moz browsers, but if it helps these can be found at http://staffweb.cms.gre.ac.uk/~mk05/info.php http://stuweb.cms.gre.ac.uk/~mk05/info.php http://cms-stu-iis.gre.ac.uk/mk05/info.php I am slightly puzzled as to how this bug has lived so long as it is causing dreadful problems for my poor students. As to the underlying mechanism... I think, but don't know, and I am not terribly confident but... Perhaps Moz clients send an HTTP GET request for register.php when they encounter the empty href attribute in the <link> element. This would overwrite the SESSION entries causing them to lose their value, which is what we see. Although if this is happening then why do we not see Undefined index warnings raised by the POST variables not existing (which is what you see if you GET register.php). ------------------------------------------------------------------------ [2008-02-13 18:02:53] [EMAIL PROTECTED] You're not using PHP 5.2.5 in any place? I'd suggest upgrading first. And then check what your session.* settings are in your php.ini file. (or rather from the phpinfo(); output) ------------------------------------------------------------------------ [2008-02-13 17:51:47] svenne at krap dot dk for me the bug creeps up in old, stable code that suddently doesn't work any more. as original poster said, IE works fine, FF does not. The bug is also not present in konqueror (kde browser) nor epiphany (gnome browser) As OP said, strings entered to the session object (in my case indirectly via some custom classes) are kept, values from database seems kept, values from queries (GET/POST) are dropped. My server runs Linux (Gentoo, mostly stable) ------------------------------------------------------------------------ [2008-02-09 02:43:02] k dot mcmanus at gre dot ac dot uk Description: ------------ I have EXACTLY the same files on 2 different Apache (Solaris) servers and an IIS server. The example works correctly with IE5.5, 6 and 7 and Opera 9 clients but with Firefox (2.0.0.12 or 2.0.0.11) or Mozilla (1.7.10) clients. Yes, cookies are on in the clients and I have tried restarting the clients and tried several client machines. Please feel free to try the examples... PHP 4.3.10 on Apache http://staffweb.cms.gre.ac.uk/~mk05/session/index.php PHP5.0.5 on Apache http://stuweb.cms.gre.ac.uk/~mk05/session/index.php PHP5.2.3 on IIS http://cms-stu-iis.gre.ac.uk/mk05/session/index.php When you reach activate.php $_SESSION has remembered literals but has forgotten variable values. I am at a loss to explain why it refuses to work in Moz clients. I am am even more confused at to why commenting out the line <link href="" rel="stylesheet" type="text/css"/> in register.php fixes the problem. I am not at all clear as to whether the problem lies with Mozilla or PHP. The fact that it affects such a range of versions of both PHP and Mozilla is also mystifying. I cannot imaging what possible mechanism could cause this effect. Reproduce code: --------------- http://staffweb.cms.gre.ac.uk/~mk05/session/index.php.txt http://staffweb.cms.gre.ac.uk/~mk05/session/register.php.txt http://staffweb.cms.gre.ac.uk/~mk05/session/activate.php.txt These are links not copies so you see exactly the same source. Expected result: ---------------- 3 stage process index.php -> register.php -> activate.php (you don't need to fill in the forms, just press the buttons) form input from index.php is posted to register.php in register.php the POST data is copied into $_SESSION together with a string literal in activate.php the session values are printed Actual result: -------------- in activate.php the session has lost the values of the variables but not the value of the literal - only with Mozilla/Firefox browsers ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=44080&edit=1
