ID: 34524
User updated by: zoom at atlas dot sk
Reported By: zoom at atlas dot sk
-Status: Feedback
+Status: Open
Bug Type: Session related
Operating System: WinXP
PHP Version: 5.1.0RC1
New Comment:
here is sniplet of my code that should authentificate user, rewrite
current session_id, assign some attribute to it and let him go to next
page.
//
session_start()
session_regenerate_id(true);
$sql = "INSERT INTO logins VALUES ('{$log_date}','{$IP['addr']}')";
$db->query($sql);
$_SESSION['userid'] = $uid;
$link = "Location: http://"; . $CONFIG['APP_HOST'] . "in/";
session_commit();
header($link);
// expected behaviour
1. rewrite session id (I use cookies to propagate SID) and keep current
attributes.
2. remove old session file from filesystem
3. insert 1 record into database
4. add new attribute into $_SESSION['uid']
5. redirect user to new page
// actual results
1. rewrite session id (cookie) and file
2. remove old session file (*randomly* error "Warning:
session_regenerate_id() [function.session-regenerate-id]: Session
object destruction failed in" occurs!)
3. 2 records are inserted into database (instead of one)
4. ok
5. if no error occured in point 2, then redirect is ok.
Used system is
WinXP - SP2
PHP5.1RC2 instaled in SAPI mode
Apache 2.0.53
Clients used: IE6, Firefox1.0.6
Previous Comments:
------------------------------------------------------------------------
[2005-09-16 12:01:12] [EMAIL PROTECTED]
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php
If you can provide more information, feel free to add it
to this bug and change the status back to "Open".
Thank you for your interest in PHP.
------------------------------------------------------------------------
[2005-09-16 11:59:38] zoom at atlas dot sk
Description:
------------
I use following order of code after users log-in, to regenerate session
id.
session_start()
...checking values...
...assigning values into $_SESSION
session_regenerate_id(true)
...inserting into database, date and IP of log event.
session_commit()
header() redirect into another page to show private content.
----
interesting thing is, that every time I run this script I get 2!
inserts into database - as there were 2 logins occured.
I use IE6 and FF and have also *random* problems with session_destroy()
function.
In debugging process I uncovered this above.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=34524&edit=1
