ID: 25894 Comment by: pweis at pweis dot com Reported By: tom at scl dot co dot uk Status: Bogus Bug Type: Session related Operating System: Linux 2.4.18 PHP Version: 4.3.3 New Comment:
I just stumbled over the same problem. PHP sends a Set-Cookie header every time a page is requested. This might make some sense for lifetime > 0, but definitely not for lifetime == 0. This is especially annoying for users that don't accept cookies automatically. Right now, they have to accept a new cookie for every page. Previous Comments: ------------------------------------------------------------------------ [2003-10-17 09:35:43] tom at scl dot co dot uk I appologise, deleting the cookie is possible but it is still both pointless pointless & annoying to be sending a cookie every time with "session" cookies. ------------------------------------------------------------------------ [2003-10-17 08:57:33] [EMAIL PROTECTED] Bullshit, I just wrote a logout function in which I delete the cookie and it works just fine. ------------------------------------------------------------------------ [2003-10-17 08:55:56] tom at scl dot co dot uk Since when? This never used to be the case in previous versions of PHP, at least not with session cookies which have a lifetime of 0 anyway so why would it matter, I have never used pesistent cookies with php native sessions so I don't know how they behave but maybe I should have pointed out originally that I am using session cookies. This also makes it impossible to delete the cookie! And for people with browsers set to warn before recieving a cookie it is a major irritation having to go through the warning dialog on every page hit. This change has cause quite a substantial amount of my code to break and I'm sure I can be the only person experiencing problems with these changes. ------------------------------------------------------------------------ [2003-10-17 08:33:02] [EMAIL PROTECTED] This is by design. Cookie lifetime would not work very well otherwise. ------------------------------------------------------------------------ [2003-10-17 05:32:08] tom at scl dot co dot uk Description: ------------ The session_start() function seems to be sending the session cookie to the browser every time, even if the browser has already got a cookie and has submitted it to the script. This, along with being a pretty pointless thing to do, also makes it imposible to delete a session cookie after the session_start() has been called as all the browsers I have tried this with seem to ignore a request to delete a cookie if the same cookie has been set before hand in the same request. Reproduce code: --------------- <?php session_start(); ?> Expected result: ---------------- The cookie would be sent to the browser the first time you run the script but all following requests should not send a cookie to the browser because it has already got it. Actual result: -------------- A cookie is sent to the browser one every request for the page. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25894&edit=1
