ID: 9502
User Update by: [EMAIL PROTECTED]
Status: Bogus
Bug Type: *Session related
Operating system: server: BSDI BSD/OS 4.1 Kernel #
PHP Version: 4.0.4pl1
Description: IE5.5 SP1: New browser instances displaying same session id

I get the same session id's when I open up DIFFERENT instances of IE.  So, 
start->Programs->Internet Explorer

Previous Comments:

[2001-06-14 23:24:54] [EMAIL PROTECTED]
Of course you get same session id's. Cookies are 
shared between new windows opened from same browser.


[2001-02-28 16:36:33] [EMAIL PROTECTED]
My browser:
IE 5.50.4522.1800  Update Version:; SP1;

When running the script below on different instances of my browser I get the SAME 
session id appear.  This does not occur in IE5.0 or Netscape 4.6/4.73 (i.e., I get the 
expected behaviour of different session ids appearing).
Please can someone investigate this since it appears to be a very serious security 

Many Thanks

        //Start the session.
        //This must be called before
        //sending any content.

        //Register a couple of variables

        //Set variable based on form input
        if($inputName != "")
                $Name = $inputName;
        //Increment counter with each page load
<TITLE>Listing 7.6</TITLE>
        //print diagnostic info
        print("<B>Diagnostic Information</B><BR>n");
        print("Session Name: " . session_name() . "<BR>n");
        print("Session ID: " . session_id() . "<BR>n");
        print("Session Module Name: " . session_module_name() . "<BR>n");
        print("Session Save Path: " . session_save_path() . "<BR>n");
        print("Encoded Session:" . session_encode() . "<BR>n");
        if($Name != "")
                print("Hello, $Name!<BR>n");
        print("You have viewed this page $Count times!<BR>n");
        //show form for getting name
        print("<FORM ACTION="$SCRIPT_NAME?".SID."" METHOD="POST">");    
        print("<INPUT TYPE="text" NAME="inputName" VALUE="$Name"><BR>n");
        print("<INPUT TYPE="submit" VALUE="Change Name"><BR>n");        
        // added by dk (n.b. $SCRIPT_NAME is apache environment variable)
        print("script_name:  " . $SCRIPT_NAME . "<BR>n");
        print("SID:  " . SID . "<BR>n");
        // ----------------------------------------------
        //use a link to reload this page
        print("<A HREF="$SCRIPT_NAME?".SID."">Reload</A><BR>n");


Full Bug description available at:

PHP Development Mailing List <>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to