From: steveh at brendata dot co dot uk Operating system: NT4 SP6a PHP version: 4.3.2 PHP Bug Type: Session related Bug description: session cookie being incorrectly sent
Description: ------------ For session handling a cookie should be set as follows: <session name>=<session id> This was previously working, but since upgrading to 4.3.2 we now see cookies set as follows: <session id>=<session id> As a result sessions are not carried over and a new session is started for every access (i.e. no cookie called PHPSESSID or whatever is in the php.ini) Here's the relevant chunk of phpinfo output that demonstrates this. _SERVER["HTTP_COOKIE"] CookieProductID=94; a9c7fa405401e831e6ada0ee31f67ea3=a9c7fa405401e831e6ada0ee31f67ea3; caec00776094cd5017fa35e41162333b=caec00776094cd5017fa35e41162333b; 139632a02257356caa27c86256afcb70=139632a02257356caa27c86256afcb70; 0ba5beadf45c35245e67c1f67ffc70dc=0ba5beadf45c35245e67c1f67ffc70dc; b7f2e2e4a196a620f318f16034a8192b=b7f2e2e4a196a620f318f16034a8192b; 6ca2b668932e46c85528d399fad50541=6ca2b668932e46c85528d399fad50541; 913a5a99fa54ccd33b610b3f882d132d=913a5a99fa54ccd33b610b3f882d132d; a7c7085d672b5e885476dabdc096ca9f=a7c7085d672b5e885476dabdc096ca9f; 04a257bf48fef943fb1d4ed508970140=04a257bf48fef943fb1d4ed508970140; d269823ce913782241613e3791935d11=d269823ce913782241613e3791935d11; edc78b150437138fb1d14915a97dee87=edc78b150437138fb1d14915a97dee87; 50212bca7b517a57521305d72a6c43c9=50212bca7b517a57521305d72a6c43c9; 68c37f0103351348dd1e705847e2f6d3=68c37f0103351348dd1e705847e2f6d3; 78d96155c83ee77e3fc3b69731b428a4=78d96155c83ee77e3fc3b69731b428a4; e7b52247b003b85c04d942721879206a=e7b52247b003b85c04d942721879206a; f3d20ebc7068137eaa7b3461eab64d62=f3d20ebc7068137eaa7b3461eab64d62; c3940ed02170d481105849b74b6d3cb8=c3940ed02170d481105849b74b6d3cb8; e8109d59aca1442f4cd7fa5358410c30=e8109d59aca1442f4cd7fa5358410c30; 2a0f643e85d2b21003958bb47c2a2d4d=2a0f643e85d2b21003958bb47c2a2d4d Reproduce code: --------------- <?php session_start(); $_SESSION["FRED"]=1; echo session_id(); phpinfo(); ?> Expected result: ---------------- The same session id for each open, and PHPSESSID seen as a cookie in the headers. Actual result: -------------- Different session id's each time, and a growing list of <session id>=<session id> cookies. -- Edit bug report at http://bugs.php.net/?id=24169&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=24169&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=24169&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=24169&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=24169&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=24169&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=24169&r=support Expected behavior: http://bugs.php.net/fix.php?id=24169&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=24169&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=24169&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=24169&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=24169&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=24169&r=dst IIS Stability: http://bugs.php.net/fix.php?id=24169&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=24169&r=gnused
