ID: 14080
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Analyzed
Bug Type: Session related
Operating System: FreeBSD 4.4
PHP Version: 4.2.0-dev
New Comment:
still active, see also Bug #14991
Previous Comments:
------------------------------------------------------------------------
[2001-12-19 22:54:20] [EMAIL PROTECTED]
PHP Version updated
------------------------------------------------------------------------
[2001-11-19 12:47:17] [EMAIL PROTECTED]
I got the same problem.
Tryed with 4.2.0-dev.
------------------------------------------------------------------------
[2001-11-16 05:56:15] [EMAIL PROTECTED]
I came across the bug described in Bug-ID #8311 with 4.03pl1
on our old Server, so I transfered it to the new Server running 4.0.6
and the behaviour is nearly the same.
This:
<?php
session_start();
$somevar = "<a href=\"javascript:;\"
onClick=window.open(\"/hardware/somevar.php?hinfoid=".$somevar_id."\",\"chgti\",\"location=0,directories=0,status=0,menubar=0,scrollbars=0,toolbar=0,width=450,height=470\");>Badlink</a>";
echo $somevar;
?>
produces this:
<a href="javascript:;"
onClick="window.open(""/hardware/somevar.php?hinfoid=","chgti","location=0,directories=0,status=0,menubar=0,scrollbars=0,toolbar=0,width=450,height=470");>Badlink</a>
Without the session, the Output is normal, both with 4.0.3pl1 and
4.06.
The only difference is that 4.0.6 does a few less quotes than
4.0.3pl1.
Trans-SID is enabled, PHP is running as an Apache-Module
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=14080&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
