ID: 23354
Comment by: avermapub at yahoo dot com
Reported By: bill dot macallister at prideindustries dot com
Status: Closed
Bug Type: Session related
Operating System: Linux 2.4.18-27.7.xsmp
PHP Version: 4-STABLE-200304281330
New Comment:
That's the frustrating part of using PHP. The very basic things are
buggy
and unreliable. I am trying to use 4.3.1 and sessions variable don't
get set in session_set_save_handler(...). Well, that's the price of
the
free software, I suppose.
Previous Comments:
------------------------------------------------------------------------
[2003-05-30 14:31:49] gary at akos dot net
This problem still exists in the release
version of 4.3.2 put up recently. I cant
test without register_globals on but it
seeems that *not* using session_register(),
(ie working directly with $_SESSION) will
cause desync of the $_SESSION object. I am
using only the stock php session handler.
------------------------------------------------------------------------
[2003-05-28 15:48:35] downsize at edwardsconsultants dot com
I have been able to reproduce a SESSION (I believe to be the same bug)
error with the following test case:
using a GET request (example: $_GET['some_name'], setup any variable
assigning it some value (I tested string, array, and int) then
serialize the variables into the SESSION. Submit a form and I loose
the Session vars. sample code:
if(isset($_GET['some_var'])){
//..validate some_var
//..I used it to query a db and now I have some data
$some_data = "test";
$data_array = array("some_data" => $some_data);
$test_int = 6510864;
$_SESSION['test1'] = serialize($some_data);
$_SESSION['test2'] = serialize($data_array);
$_SESSION['test3'] = $test_int; //no serialize necessary
echo '<form method="post" action="somefile.php">
<input type="submit" name="testing" value="testing">
</form>';
}
if you were to use that code with phpv4.3.1 in a page that you arrived
at from a GET request, then submit a POST to another page, var_dump the
$_SESSION to find it empty.
I changed my GET request to POST (not what I wanted to do since I have
to setup a form with buttons as opposed to href's) and I successfully
retain my SESSION vars.
In both cases I use the variable *before* I register it.
later,
downsize
------------------------------------------------------------------------
[2003-05-23 11:23:24] bill dot macallister at prideindustries dot com
While the test case that caused this failure was solved with RC4 we are
stilling seeing an intermittent problem with session information
disappearing. Unfortunately we cannot reproduce the problem at will
and see it once or twice is several hundred accesses to this
application. We are working on getting more details, but at this point
that looks like a slow process. I just wanted to let you know in case
you notice something that might be causing this.
Thanks again for you efforts,
Bill
------------------------------------------------------------------------
[2003-05-18 11:50:28] [EMAIL PROTECTED]
Fix will be in PHP 4.3.2.
------------------------------------------------------------------------
[2003-05-17 17:40:06] bill dot macallister at prideindustries dot com
Looks like that fixed the problem. Initial tests are good.
Thanks a lot,
Bill
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23354
--
Edit this bug report at http://bugs.php.net/?id=23354&edit=1
