ID: 8989 Updated by: sniper Reported By: [EMAIL PROTECTED] Old Status: Open Status: Feedback Bug Type: Session related Operating System: Windows NT 4 SP5(IIS4)/2000 SP2 PHP Version: 4.0.6 New Comment:
Latest RC build can be found here: http://phpuk.org/~james/php-4.1.0RC3-win32.zip And I can not reproduce this in Linux with latest CVS. --Jani Previous Comments: ------------------------------------------------------------------------ [2001-11-19 12:56:00] [EMAIL PROTECTED] Is there any way to obtain the latest PHP release candidates in binary form for the Windows platform? I would like to test the latest RC for this bug, but I forgot that the PHP site doesn't provide binaries for RCs, and I unfortunately do not have the dev tools needed under Windows to compile the source. Otherwise, I will only be able to test the next version when it is released. ------------------------------------------------------------------------ [2001-11-18 13:34:59] [EMAIL PROTECTED] You can find the example script I provided in the posting to this problem dated [2001-06-26 12:36:01], but here is the relevant portion to save you time: Note PHP v4.x has always been able to initially create a session variable. The challenge is NOT within a single page that the problem arises. The problem, described both here and in an earlier problem (#5493), is the maintenance of session variables BETWEEN pages. So... 1. Create the file page1.php as follows: __________________________________________________ <? session_start(); if (!$PHPSESSID) { $userid=100; $firstaccess=time(); $lastaccess=time(); session_register("userid"); session_register("firstaccess"); session_register("lastaccess"); } $lastaccess = time(); ?> <HTML> <HEAD> <TITLE>Page 1</TITLE> </HEAD> <BODY> This is page 1.<br> <? echo "\$PHPSESSID = '$PHPSESSID'<br>"; echo "\$userid = '$userid'<br>"; echo "\$firstaccess = '$firstaccess'<br>"; echo "\$lastaccess = '$lastaccess'<p>"; ?> <A HREF="page2.php">Page 2</A>.<p> </BODY> </HTML> __________________________________________________ 2. Create files page2.php, page3.php, & page4.php, copying the code above. The only changes that need to be made are to change * the <TITLE> for each file (optional really) * the one line reading "This is page 1" (also optional really, but both help you to see the page transitions), and * the <A HREF> tag (this is important) so that essentially the links cause PAGE1.PHP -> PAGE2.PHP -> PAGE3.PHP -> PAGE4.PHP -> PAGE1.PHP thus creating a loop that cycles around the 4 pages. 3. Make sure the PHP.INI file is properly configured to store session files (for this example, \InetPub\sessions). Then either open a Command Prompt to this directory or use Explorer (whatever suits you). 4. Serving these files from IIS (say \InetPub\wwwroot), load page1.php. 5. Look in the session directory. You should see a session file created. Note its size (60 bytes in this case). 6. Now start clicking on the link on page1.php. This will load page2.php, which shows the current value of the session ID. Keep clicking on the links and keep watching the session directory. What you will find is that new session files are being created, session files that are 0 bytes and contain NOTHING. This is a serious problem, as it makes session management useless in PHP under Windows. As for the latest release candidate of PHP v4.1.0, I will download that as soon as I have some free time and see whether the issue has been resolved. Please note, as stated earlier in this problem, that this issue existed with earlier versions of PHP but was resolved up to v4.0.3pl1 (CGI version only). Then it resurfaced and has been part of PHP up and including v4.0.6. Due to this, I am still using PHP v4.0.3pl1 at this time. Also note that with the latest rash of IIS vulnerabilities, I am moving from IIS towards Apache. If I can, I will try to run the latest RC under both webservers. But thus far, since I tend to stick to the CGI version under Windows, the webserver used has made no difference. The issue exists under both IIS and Apache. ------------------------------------------------------------------------ [2001-11-18 01:21:49] [EMAIL PROTECTED] Please provide either a script to reproduce your problem with or grab the latest PHP 4.1.0 release candidate and test it yourself. Thanks for your help. ------------------------------------------------------------------------ [2001-08-23 12:30:16] [EMAIL PROTECTED] Any update on the PHP session problems in v4.0.4+? I've received several e-mails from people saying they're experiencing similar results, but apparently they can't post to this problem. Just curious. It's been a couple of months, so thought I'd ask. Also, any way for people to still get a copy of PHP v4.0.3pl1? I've had a few ask me, and noticed php.net only goes back to 4.0.4 now. ------------------------------------------------------------------------ [2001-07-02 15:01:16] [EMAIL PROTECTED] Configured Win2K/IIS5 for PHP v4.0.6 ISAPI module. Took appropriate steps to shutdown & restart server (net stop iisadmin, net start w3svc). Issue exists in ISAPI module as well. Then configured same box for PHP v4.0.3pl1 ISAPI module. Same problem exists there as well. The last version of PHP that performs sessions correctly under Windows is the v4.0.3pl1 CGI edition. If you can find others to validate that newer versions work properly using the script I provided, I'm open to suggestions. I had this issue under Windows NT4/IIS4, now still with Win2K/IIS5. I do not believe it to be an isolated case. If anyone else is reading this bug report experiencing similar problems, please post so the developers will know. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/?id=8989 Edit this bug report at http://bugs.php.net/?id=8989&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
