ID: 16408
Updated by: [EMAIL PROTECTED]
Reported By: sb at bpm dot ch
Status: Closed
Bug Type: Session related
Operating System: Windows NT (IIS) & AIX (Apache)
PHP Version: 4.1.1
New Comment:
FYI, hostnames with a _ in there are not even allowed. From Appendix 1
of RFC 882:
<domain> ::= <subdomain> | " "
<subdomain> ::= <label> | <subdomain> "." <label>
<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
<ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>
<let-dig-hyp> ::= <let-dig> | "-"
<let-dig> ::= <letter> | <digit>
<letter> ::= any one of the 52 alphabetic characters A through Z
in upper case and a through z in lower case
<digit> ::= any one of the ten digits 0 through 9
Previous Comments:
------------------------------------------------------------------------
[2003-12-10 07:30:17] sb at bpm dot ch
this issue can be closed now.
------------------------------------------------------------------------
[2003-12-10 07:28:54] sb at bpm dot ch
This problem occures only, if the hostname of the server contains an
"_" (underscore). We have changed the hostname now.
Stephan
------------------------------------------------------------------------
[2003-12-10 07:22:16] peter dot lerner at commerzbank dot com
If the session info is saved as a file, instead of a file called
sess_<cryptic session-id>, you will find a file named 'sess_null'.
-rw------- 1 myuid mygid 1535549 Dec 10 12:57 sess_null
I'm running php4.3.4 on apache2 on a solaris8 box.
Browser is Internet Explorer 6.0.2800.1106CO.
Session management troubles happen only with IE6, but runs fine with
e.g. Mozilla 1.5.
The problem is *very*critical* for us, because _every_ user who logs on
with an IE6 gets user permissions from the sess_null. sess_null could
be the admin's session.
Vice versa it's also a problem if the first user to create a sess_null
was not-privileged, and the subsequent admin logon is "castrated" to
the non-privileged level.
------------------------------------------------------------------------
[2002-07-10 01:00:05] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2002-05-03 13:01:31] jan dot vlcinsky at cad-programs dot com
I thing, you forgot to place quotes around variable name
Instead of
session_register(User); BAD
use
session_register("User"); OK
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/16408
--
Edit this bug report at http://bugs.php.net/?id=16408&edit=1
