Bug #55267 [Opn]: session_regenerate_id fails after header sent even if session.use_cookies = 0

Fri, 22 Jul 2011 09:27:38 -0700 

Edit report at https://bugs.php.net/bug.php?id=55267&edit=1

 ID:                 55267
 User updated by:    jesse dot hallam at gmail dot com
 Reported by:        jesse dot hallam at gmail dot com
-Summary:            session_regenerate_id fails after header sent even
                     if ini.use_cookies = 0
+Summary:            session_regenerate_id fails after header sent even
                     if session.use_cookies = 0
 Status:             Open
 Type:               Bug
 Package:            Session related
 Operating System:   Linux
 PHP Version:        5.3.6
 Block user comment: N
 Private report:     N

 New Comment:

Correcting summary so as not to suggest an invalid ini setting is being used.


Previous Comments:
------------------------------------------------------------------------
[2011-07-22 12:00:53] jesse dot hallam at gmail dot com

Description:
------------
When unit testing session-related code in a CLI environment, appropriate PHP 
ini settings combined with passing false to session_cache_limiter can allow 
sessions to be started even if output has been already sent.

Unfortunately, session_regenerate_id() fails unconditionally even when no 
cookie headers would have been sent:

// session.c, session_regenerate_id
if (SG(headers_sent)) {
    php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot regenerate session id - 
headers already sent");
    RETURN_FALSE;
}

// session.c, php_session_reset_id
if (PS(use_cookies) && PS(send_cookie)) {
    php_session_send_cookie(TSRMLS_C);
    PS(send_cookie) = 0;
}

Is this just an oversight? Or intentional?

Test script:
---------------
<?php
ini_set( 'session.use_cookies', 0 );
ini_set( 'session.use_only_cookies', 0 );
ini_set( 'session.use_trans_id', 1 );

// Don't send headers!
session_cache_limiter( false );

echo 'test';

// Succeeds
session_start();

// Fails
session_regenerate_id();
?>

Expected result:
----------------
No warnings or errors.
Output: 
test

Actual result:
--------------
testPHP Warning:  session_regenerate_id(): Cannot regenerate session id - 
headers already sent in /home/jesse.hallam/tmp/session_test.php on line 15
PHP Stack trace:
PHP   1. {main}() /home/jesse.hallam/tmp/session_test.php:0
PHP   2. session_regenerate_id() /home/jesse.hallam/tmp/session_test.php:15



------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=55267&edit=1

Reply via email to