Edit report at https://bugs.php.net/bug.php?id=23681&edit=1
ID: 23681
Updated by: ras...@php.net
Reported by: php at lapage dot com
Summary: Unclear error msg. when PHPSESSID manually deleted
from URL by user
-Status: Assigned
+Status: Closed
Type: Feature/Change Request
Package: Session related
Operating System: *
PHP Version: *
Assigned To: sas
Block user comment: N
Private report: N
New Comment:
This code has all been rewritten long ago and this issue is no longer present.
Previous Comments:
------------------------------------------------------------------------
[2003-05-20 03:16:52] der...@php.net
I'm all for making this a notice instead, assigning to Sascha as he's the
maintainer of ext/session.
Derick
------------------------------------------------------------------------
[2003-05-18 10:41:04] php at lapage dot com
Request for a better error msg.
If the user disables cookies and changes the URL to
http://domain.tld/form.php?PHPSESSID=
Then the resulting Apache 1.3 error log reads:
PHP Warning: session_start(): The session id contains illegal characters,
valid characters are only a-z, A-Z and 0-9 in /zz/zzdomain/www/form.php on line
3
PHP Warning: Unknown(): The session id contains illegal characters, valid
characters are only a-z, A-Z and 0-9 in Unknown on line 0
PHP Warning: Unknown(): Failed to write session data (files). Please verify
that the current setting of session.save_path is correct (/tmp_php/zzdomainzz)
in Unknown on line 0
<?php
session_start();
@$ct= ++$_SESSION['count'];
echo<<<EOF
[$ct]<br><form method="get">
See hidden input<input type="submit" name="submit" value="Test"></form>
<a href="$PHP_SELF?foo=bar">See new href</a>
EOF;
?>
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=23681&edit=1
