ID: 27158 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Open +Status: Wont fix Bug Type: Session related Operating System: WinXP SP1 and FreeBSD 4.9 PHP Version: 4.3.4 New Comment:
There is too much room for error with that approach. Supporting this syntax properly would be too slow. Previous Comments: ------------------------------------------------------------------------ [2004-02-05 10:02:18] [EMAIL PROTECTED] Description: ------------ If you have an anchor, whose href is comprised ONLY of HTML entities - a common spam bot deterrent now - the SID is placed after the & from the first entity, breaking the URI. Also, if the entities are decoded to "mailto:" links, the SID should not be appended at all... Is it possible to decode before trying to add the SID and then re-HTMLentities? Reproduce code: --------------- <?php session_start(); ?> // Link to mailto:[EMAIL PROTECTED] <a href="mailto:davey@php.net">davey@php.net</a> // Link to http://php.net <a href="http://php.net">php.net</a> Expected result: ---------------- <a href="mailto:davey@php.net">davey@php.net</a> <a href="http://php.net?PHPSESSID=SID">php.net</a> Actual result: -------------- <a href="&?PHPSESSID=d4030b2d6c97a1425c49071bf8b2ab5a#109;ailto:davey@php.net">davey@php.net</a> <a href="&?PHPSESSID=d4030b2d6c97a1425c49071bf8b2ab5a#104;ttp://php.net">php.net</a> ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=27158&edit=1