ID: 8184
Updated by: sniper
Old-Status: Feedback
Status: Closed
Bug Type: *Session related
Assigned To: 

No feedback.


Previous Comments:

[2000-12-11 05:29:14] [EMAIL PROTECTED]
I don't understand something here. Do you really want the
session to be destroyed on each page call? What's the point
in such a "session" anyway then? Could you please explain?


[2000-12-09 12:34:17] [EMAIL PROTECTED]

A part of my php.ini looks like this:
session.gc_probability    = 100
session.gc_maxlifetime    = 0
session.cache_limiter     = nocache
session.use_cookies       = 0
session.auto_start        = 0 
session.use_trans_sid     = 1
session.cookie_lifetime   = 0

The situation:
the client cuts the URL of the actual page to the clipboard (the URL contains the 
session-id) and close the browser.
The session file becomes garbage and it will be collected at the next session call - I 
However, when the client opens the browser and pastes the URL into the address line - 
and there isn't any other session call from another client - PHP lets him in.
If the URL does not contain the session-id everything works fine: the garbage 
collector collects all of the garbage.

Summary: if the session_start() gets session-id by GET parameter or by a cookie, it 
doesn't check whether the session file is garbage or not.

I think it's a minor security bug.

Zoltan Eles


Full Bug description available at:

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to