ID: 45706
User updated by: bobka at bigfoot dot com
Reported By: bobka at bigfoot dot com
Status: Open
-Bug Type: Documentation problem
+Bug Type: Session related
Operating System: Linux
PHP Version: 5.2.6
New Comment:
The bug is somewhere in "php" or "php_bin" serialize_handler that is
used to serialize _SESSION
Previous Comments:
------------------------------------------------------------------------
[2008-08-06 08:38:06] bobka at bigfoot dot com
To define the class before session_start is the usual case. But if two
applications use the same session data, where one part of session data
is shared between applications and other are used exclusively, you don't
have to include *all* class definitions in each application. In this
case the part of session data, that is not defined, should be preserved
and not corrupted, shouldn't it?
------------------------------------------------------------------------
[2008-08-04 12:51:07] [EMAIL PROTECTED]
The class has to be defined before session_start() call.
Documentation for session seems to lack this little note..
------------------------------------------------------------------------
[2008-08-04 12:20:45] bobka at bigfoot dot com
Description:
------------
This is a very special case.
If an object of class that extends ArrayIterator is saved in session
data and the class definition is not available in a later call, then the
session data gets corrupted.
Call the example code three times to see the bug.
Reproduce code:
---------------
<?php
// start session
session_start();
// display session data
echo "<pre>".print_r($_SESSION,true)."</pre><br>";
// already initialized?
if (!isset($_SESSION['first']))
{
// bug occures only if the class is not defined later
// and only if it extends ArrayIterator
class my_array extends ArrayIterator
{
}
$_SESSION['first'] = "The first entry is ok";
$t = new my_array();
// at least one member needed
$t[] = "this gets lost";
$_SESSION['killer'] = $t;
$_SESSION['this_is_going_to_be_messed_up'] = "The value of the entry
is ok";
$_SESSION['last'] = "The last entry is ok";
}
Expected result:
----------------
At first call:
Array
(
)
At second call:
Array
(
[first] => The first entry is ok
[killer] => __PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => my_array
[0] => this gets lost
)
[this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
At third call
Array
(
[first] => The first entry is ok
[killer] => __PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => my_array
[0] => this gets lost
)
[this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
Actual result:
--------------
At third call:
Notice: session_start() [function.session-start]: Unexpected end of
serialized data in test.php on line 3
Array
(
[first] => The first entry is ok
[killer] =>
[}this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=45706&edit=1
