ID: 32802
Updated by: [EMAIL PROTECTED]
Reported By: ast at gmx dot ch
-Status: Assigned
+Status: Open
Bug Type: HTTP related
Operating System: *
PHP Version: 4.*, 5.*
Assigned To: sniper
Previous Comments:
------------------------------------------------------------------------
[2005-04-24 14:01:21] [EMAIL PROTECTED]
Reproduce script:
<?php
setcookie("TestCookie", "Value1", time()+3600, "/test/");
setcookie("TestCookie", "Value2", time()+3600, "/");
if (!isset($_COOKIE['TestCookie'])) {
header("Location: {$_SERVER['PHP_SELF']}");
exit();
}
echo '<pre>';
var_dump($_COOKIE);
var_dump($_SERVER['HTTP_COOKIE']);
echo '</pre>';
?>
------------------------------------------------------------------------
[2005-04-24 03:21:37] ast at gmx dot ch
Here is a fix for my application.
/**
* Fix the superglobal $_COOKIE to conform with RFC 2965
*
* We don't use $_COOKIE[$cookiename], because it doesn't conform
to RFC 2965 (the
* cookie standard), i.e. in $_COOKIE, we don't get the cookie with
the most specific path for
* a given cookie name, we get the cookie with the least specific
cookie path.
* This function does it exactly the other way around to conform
with the RFC.
*
* This function reevaluates the HTTP Cookie header and populates
$_COOKIE with the correct
* cookies.
*
* @static
*/
function fixCookieVars() {
if (isset($_SERVER['HTTP_COOKIE']) &&
!empty($_SERVER['HTTP_COOKIE'])) {
$allCookies = explode(';', $_SERVER['HTTP_COOKIE']);
/*
* Get rid of less specific cookies if multiple cookies with
the same
NAME
* are present. Do this by going from left/first cookie to
right/last
cookie.
*/
/* Reset the $_COOKIE array */
$_COOKIE = array();
/* Repopulate it, but now correctly */
foreach ($allCookies as $cookie) {
/* Split NAME [=VALUE], value is optional */
$cookie = explode('=', $cookie);
$key = preg_replace('|\s|', '', $cookie[0]);
$value = isset($cookie[1]) ? $cookie[1] : '';
if (!isset($_COOKIE[$key])) {
$_COOKIE[$key] = $value;
}
}
}
}
}
------------------------------------------------------------------------
[2005-04-24 00:43:04] ast at gmx dot ch
the bug report that was closed as bogus (sorry, forgot to add the link.
originally, i wanted to add a comment there, but you can't add comments
to bugs that are marked as "bogus".
http://bugs.php.net/bug.php?id=18337
obviously, this isn't "bogus", as php doesn't comply with the RFC 2965
(and all common browsers comply with this RFC concerning the order of
the cookies).
How to reproduce:
See Example 2 of RFC 2965:
2 cookies, with the same NAME, but a different PATH.
It's about the precedence of cookies. Cookies with a more specific path
have precedence over cookies with less specific paths.
See Example 2 of the RFC, it's nicely explained there.
------------------------------------------------------------------------
[2005-04-23 22:05:01] [EMAIL PROTECTED]
And can you please add a short example script which CLEARLY
demonstrates the problem. (I don't know why but I can't get multiple
cookies set with same name..)
------------------------------------------------------------------------
[2005-04-23 20:50:14] [EMAIL PROTECTED]
Exactly what bug did Ilia close? And why are you submitting a new
report if one exists already?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/32802
--
Edit this bug report at http://bugs.php.net/?id=32802&edit=1
