ID: 21306
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Session related
Operating System: linux
PHP Version: 4.3.0
New Comment:
This appears (in our case anyway) to be triggered by the use of an
"exit" statement in the session_set_save_handler session_write
function. We had a benign error in our custom session_write function
(caused by the session data not changing when it was writing out)..
this caused an error message to be written to a log file, and then the
"exit;" statement. In PHP 4.2, this exit apparently caused no problems
but now it generates this seemingly unrelated error message.
Incidently, because this message is generated at the time of
session_write (rather than during actual content generation) it also
caused an interaction with ob_gzhandler (gzip compression) such that
blank pages were being served up.. we had to disable ob_gzhandler to
even see the "A session is active..." messages.. This seems buggy to
me.
Previous Comments:
------------------------------------------------------------------------
[2003-01-27 20:12:46] [EMAIL PROTECTED]
I upgraded to 4.3.0 from 4.2.3 a couple weeks ago. I did not see this
problem at all until today, when I uploaded two minor changes to my web
site. We get several hundred thousand page views per day, and since
this upload we're getting 3-4 of this error per minute. So for most
page views it doesn't happen, but it's definitely happening frequently
and regularly.
The first change was to our error handler. We specifically trigger
errors using $php_errormsg if it exists (after the session is started),
so that we can catch stupid users who try to upload humongous images to
our site (we limit them to 40KB). Some bright young individual
uploaded a 476MB file ten times this morning, so we added some code
(three lines) to log the date, time, username, and file size. Here is
the code we added:
$fp = fopen("/tmp/big_images.log", 'a');
fwrite($fp, sprintf("%s: %s (%s KB)\n", date("Y-m-d H:i:s"),
$_SESSION['auth']->auth['username'], $kb));
fclose($fp);
While typing this, I made a change which seems to have fixed the
problem. I have a function called session_setup() which makes sure the
session id is unique, and call session_set_save_handler() or whatever
the name of that function is. The trigger_error mentioned above used
to be called after calling session_setup() in my authentication include
file. I moved it to inside the session_setup() function, after setting
the save_handler. For some reason, this fixed the problem.
Odd.
Perhaps this can help someone else somehow?
------------------------------------------------------------------------
[2003-01-05 16:03:24] [EMAIL PROTECTED]
Have a working installation of os-commerce in 4.2.3. Upgraded to 4.3.0,
and now I get the same error listed here.
All I want to do is confirm that this is NOT a script error. I'm not
going to dig through some code I didn't write to track this down.
Thanks
------------------------------------------------------------------------
[2003-01-01 10:11:39] [EMAIL PROTECTED]
note that, i don't even use one ini_set()
and the script is impossible to session_set_save_handler() twice;
seems php don't re-initize correctly, same as
http://bugs.php.net/bug.php?id=19292
but i'm just guessing
------------------------------------------------------------------------
[2002-12-31 02:52:19] [EMAIL PROTECTED]
i forgot to note that, this issue is random happend
i can't reproduce it, but my user trigger it and i saw errors in log
and my script is in production, it's too complex
i am not able to give full script
but my function look like:
function mysessionstart() {
if (session_id()) return
session_set_save_handler(
'_sess_open',
'_sess_close',
'_sess_read',
'_sess_write',
'_sess_destroy',
'_sess_gc'
);
session_start();
}
it works fine until get warnning in php-4.3.0
here the config is:
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
containing ids.
session.referer_check =
session.entropy_length = 0
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags =
"a=href,area=href,frame=src,input=src,form=fakeentry"
------------------------------------------------------------------------
[2002-12-31 02:27:43] [EMAIL PROTECTED]
THis is most likely not a bug, can you show us the script, and the
session.* settings in php.ini?
Derick
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/21306
--
Edit this bug report at http://bugs.php.net/?id=21306&edit=1
