From: proteus at proteusworld dot com
Operating system: Linux (might be Windows too)
PHP version: Irrelevant
PHP Bug Type: Session related
Bug description: Variables read from $_SESSION loose their values when using HTTP
Description:
------------
I found a strange (to me at least) behaviour with sessions when using
HTTPS.
Let's say that $_SESSION["message"] contains "old_message". Take the
following code:
$old_message = $_SESSION["message"];
$_SESSION["message"] = "new message";
echo "The message was: ".$old_message;
Now, over HTTP you would get the expected output ("old_message"). But over
HTTPS the output will contain "new_message".
You can use session_unregister("message") if you want $old_message to
preserve its value, but this means you can't set anymore a new value for
$_SESSION["message"].
--
Edit bug report at http://bugs.php.net/?id=29626&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29626&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29626&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=29626&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=29626&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=29626&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=29626&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=29626&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=29626&r=support
Expected behavior: http://bugs.php.net/fix.php?id=29626&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=29626&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=29626&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=29626&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29626&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=29626&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=29626&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=29626&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=29626&r=float
