[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Closed
Status: Open
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS

Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





Previous Comments:
---

[2001-03-16 17:46:41] [EMAIL PROTECTED]
In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

--Jani


---

[2001-03-16 17:37:13] [EMAIL PROTECTED]
Since you are using the transparent session id feature, the obvious question is: Do 
you use forms with method=POST?

---

[2001-02-21 20:41:51] [EMAIL PROTECTED]
Problem:

For some reason PHP adds PHPSESSID to $HTTP_POST_VARS

At login, I use:
session_start():
$sid = session_id();
session_register("sid");
etc.

2 pages into the session the var PHPSESSID
appears as the first element in the post array.

My app has been been behaving until I started playing with
gc_probability in php.ini.

My identical dev website with identical code does not
reproduce this problem.

Config INFO:

Compile Directives:
'./configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' 
'--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' 
'--enable-trans-sid' '--enable-ftp'


php.ini session config:

[Session]
session.save_handler = files ;
session.save_path=/usr/local/session;   session.use_cookies   
= 0   ; session.name  = PHPSESSID  ;
session.auto_start= 0   ; session.cookie_lifetime=0   ;
   session.cookie_path =  /
session.serialize_handler = php ; session.gc_probability= 1 ; 
session.gc_maxlifetime= 1800; session.referer_check = ; 
session.entropy_length= 0   ; session.entropy_file  = ;  
session.entropy_length= 16
; session.entropy_file  = /dev/urandom
session.cache_limiter= nocache ; ; 
session.cache_expire  = 180 ; session.use_trans_sid = 1   ; 

[EOF]

---


Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Feedback
Status: Open
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS

Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





Previous Comments:
---

[2001-03-19 14:12:47] [EMAIL PROTECTED]
Both environments run same php.ini? Same version of PHP?
Same configure line used on building both PHP's?

--Jani


---

[2001-03-19 14:05:53] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-16 17:46:41] [EMAIL PROTECTED]
In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

--Jani


---

[2001-03-16 17:37:13] [EMAIL PROTECTED]
Since you are using the transparent session id feature, the obvious question is: Do 
you use forms with method=POST?

---

[2001-02-21 20:41:51] [EMAIL PROTECTED]
Problem:

For some reason PHP adds PHPSESSID to $HTTP_POST_VARS

At login, I use:
session_start():
$sid = session_id();
session_register("sid");
etc.

2 pages into the session the var PHPSESSID
appears as the first element in the post array.

My app has been been behaving until I started playing with
gc_probability in php.ini.

My identical dev website with identical code does not
reproduce this problem.

Config INFO:

Compile Directives:
'./configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' 
'--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' 
'--enable-trans-sid' '--enable-ftp'


php.ini session config:

[Session]
session.save_handler = files ;
session.save_path=/usr/local/session;   session.use_cookies   
= 0   ; session.name  = PHPSESSID  ;
session.auto_start= 0   ; session.cookie_lifetime=0   ;
   session.cookie_path =  /
session.serialize_handler = php ; session.gc_probability= 1 ; 
session.gc_maxlifetime= 1800; session.referer_check = ; 
session.entropy_length= 0   ; session.entropy_file  = ;  
session.entropy_length= 16
; session.entropy_file  = /dev/urandom
session.cache_limiter= nocache ; ; 
session.cache_expire  = 180 ; session.use_trans_sid = 1   ; 

[EOF]

---

The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Open
Status: Closed
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS


both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

Previous Comments:
---

[2001-03-19 14:13:42] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-19 14:12:47] [EMAIL PROTECTED]
Both environments run same php.ini? Same version of PHP?
Same configure line used on building both PHP's?

--Jani


---

[2001-03-19 14:05:53] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-16 17:46:41] [EMAIL PROTECTED]
In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

--Jani


---

[2001-03-16 17:37:13] [EMAIL PROTECTED]
Since you are using the transparent session id feature, the obvious question is: Do 
you use forms with method=POST?

---

The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Closed
Status: Open
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS

Woops!

No it still doesnt work.

Aaron.

Previous Comments:
---

[2001-03-19 14:16:04] [EMAIL PROTECTED]

both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

---

[2001-03-19 14:13:42] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-19 14:12:47] [EMAIL PROTECTED]
Both environments run same php.ini? Same version of PHP?
Same configure line used on building both PHP's?

--Jani


---

[2001-03-19 14:05:53] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-16 17:46:41] [EMAIL PROTECTED]
In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

--Jani


---

The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Feedback
Status: Closed
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS


both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

Previous Comments:
---

[2001-03-19 14:38:49] [EMAIL PROTECTED]
Stupid question: did you restart your apache after
adding that php.ini directive? And did your restart it 
like this:

./apachectl stop
./apachectl start

(I'm just guessing here.. :)

And does it work on your development environment or not?
(the 'no ill effects'?)

--Jani


---

[2001-03-19 14:24:42] [EMAIL PROTECTED]
Woops!

No it still doesnt work.

Aaron.

---

[2001-03-19 14:16:04] [EMAIL PROTECTED]

both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

---

[2001-03-19 14:13:42] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

[2001-03-19 14:12:47] [EMAIL PROTECTED]
Both environments run same php.ini? Same version of PHP?
Same configure line used on building both PHP's?

--Jani


---

The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS

2001-03-19 Thread aaron . lake 

ID: 9390
User Update by: [EMAIL PROTECTED]
Old-Status: Closed
Status: Open
Bug Type: *Session related
Description: PHPSESSID adds itself to $HTTP_POST_VARS

Jani,

That is correct,
I did explicitly stop and start the web server
(prod and dev) using the ./apachectl stop ... start.

Dev works fine.

Aaron.

Previous Comments:
---

[2001-03-19 14:39:43] [EMAIL PROTECTED]

both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

---

[2001-03-19 14:38:49] [EMAIL PROTECTED]
Stupid question: did you restart your apache after
adding that php.ini directive? And did your restart it 
like this:

./apachectl stop
./apachectl start

(I'm just guessing here.. :)

And does it work on your development environment or not?
(the 'no ill effects'?)

--Jani


---

[2001-03-19 14:24:42] [EMAIL PROTECTED]
Woops!

No it still doesnt work.

Aaron.

---

[2001-03-19 14:16:04] [EMAIL PROTECTED]

both production and development environments
are using identical versions and configurations 
of apache web server 1.3.14 and php 4.0.4 pl1,
php.ini config is also identical.

---

[2001-03-19 14:13:42] [EMAIL PROTECTED]
Thanx Jani,

As suggested:

In php.ini:

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

Remove the last setting, form=fakeentry.
(or if you don't have this directive in your php.ini,
add it without the last setting.)

when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using 
the POST method) contained
NO elements.

I added this directive to my identical development environment and noticed no ill 
effects.





---

The remainder of the comments for this report are too long.  To view the rest of the 
comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=9390


-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] PHP 4.0 Bug #9390: PHPSESSID adds itself to $HTTP_POST_VARS

2001-02-21 Thread aaron . lake 

From: [EMAIL PROTECTED]
Operating system: HP-UX 11.00
PHP version:  4.0.4pl1
PHP Bug Type: *Session related
Bug description:  PHPSESSID adds itself to $HTTP_POST_VARS

Problem:

For some reason PHP adds PHPSESSID to $HTTP_POST_VARS

At login, I use:
session_start():
$sid = session_id();
session_register("sid");
etc.

2 pages into the session the var PHPSESSID
appears as the first element in the post array.

My app has been been behaving until I started playing with
gc_probability in php.ini.

My identical dev website with identical code does not
reproduce this problem.

Config INFO:

Compile Directives:
'./configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' 
'--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' 
'--enable-trans-sid' '--enable-ftp'


php.ini session config:

[Session]
session.save_handler = files ;
session.save_path=/usr/local/session;   session.use_cookies   
= 0   ; session.name  = PHPSESSID  ;
session.auto_start= 0   ; session.cookie_lifetime=0   ;
   session.cookie_path =  /
session.serialize_handler = php ; session.gc_probability= 1 ; 
session.gc_maxlifetime= 1800; session.referer_check = ; 
session.entropy_length= 0   ; session.entropy_file  = ;  
session.entropy_length= 16
; session.entropy_file  = /dev/urandom
session.cache_limiter= nocache ; ; 
session.cache_expire  = 180 ; session.use_trans_sid = 1   ; 

[EOF]


-- 
Edit Bug report at: http://bugs.php.net/?id=9390edit=1



-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]