From: lassial at hotmail dot com
Operating system: win2k
PHP version: 4.3.8
PHP Bug Type: Session related
Bug description: session_start() launches new session everytime
Description:
------------
With 4.3.8 win32 full bundle on Apache 1.3.xx
after upgrading from 4.2.3
Problem:
New session is initiated every time when session_start() is run. It sends
user a new cookie ignoring the old one, which has been successfully
delivered.
It seems that the built-in support will not correctly detect the cookie,
althoug session_name() shows correctly the name of the id, that has been
set earlier.
Changing the session cookie lifetime doesn't make any difference. I
haven't tried with sticking to original session name set in the php.ini
php.ini:
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name MYD MYD
session.referer_check 1 1
session.save_handler files files
session.save_path c:\temp\php c:\temp\php
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
Reproduce code:
---------------
iniset("session.auto_start","0");
iniset("session.use_cookies","1");
iniset("session.cookie_lifetime",$mySessionLifetime);
session_name($mySessionName);
// check that the previously set SID cookie
// carries an id
echo "1: ".session_name().$_COOKIE[$mySessionName]
session_start();
// now, if everything went nicely, id would stay just the same
echo "2: ". session_name().session_id();
Expected result:
----------------
session id, as printed out in 1 and 2 should be the same, but it is not.
Degrading back to 4.2.3 removed this problem.
Actual result:
--------------
New session is started, looking at \temp\php shows that all the files for
each session initiated still exist (although that is only an effect of
this problem, as the sessions don't get killed from php properly and are
to gc for later).
Looking at the browser, PHP attempts to change the cookie content
everytime a request is made to session driven pages under cookie domain.
Session can't be continued at all.
--
Edit bug report at http://bugs.php.net/?id=30240&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=30240&r=trysnapshot4
Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=30240&r=trysnapshot50
Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=30240&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=30240&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=30240&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=30240&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=30240&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=30240&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=30240&r=support
Expected behavior: http://bugs.php.net/fix.php?id=30240&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=30240&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=30240&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=30240&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=30240&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=30240&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=30240&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=30240&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=30240&r=float
MySQL Configuration Error: http://bugs.php.net/fix.php?id=30240&r=mysqlcfg
