[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Closed Status: Open Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. Previous Comments: --- [2001-03-16 17:46:41] [EMAIL PROTECTED] In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) --Jani --- [2001-03-16 17:37:13] [EMAIL PROTECTED] Since you are using the transparent session id feature, the obvious question is: Do you use forms with method=POST? --- [2001-02-21 20:41:51] [EMAIL PROTECTED] Problem: For some reason PHP adds PHPSESSID to $HTTP_POST_VARS At login, I use: session_start(): $sid = session_id(); session_register("sid"); etc. 2 pages into the session the var PHPSESSID appears as the first element in the post array. My app has been been behaving until I started playing with gc_probability in php.ini. My identical dev website with identical code does not reproduce this problem. Config INFO: Compile Directives: './configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' '--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' '--enable-trans-sid' '--enable-ftp' php.ini session config: [Session] session.save_handler = files ; session.save_path=/usr/local/session; session.use_cookies = 0 ; session.name = PHPSESSID ; session.auto_start= 0 ; session.cookie_lifetime=0 ; session.cookie_path = / session.serialize_handler = php ; session.gc_probability= 1 ; session.gc_maxlifetime= 1800; session.referer_check = ; session.entropy_length= 0 ; session.entropy_file = ; session.entropy_length= 16 ; session.entropy_file = /dev/urandom session.cache_limiter= nocache ; ; session.cache_expire = 180 ; session.use_trans_sid = 1 ; [EOF] --- Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Feedback Status: Open Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. Previous Comments: --- [2001-03-19 14:12:47] [EMAIL PROTECTED] Both environments run same php.ini? Same version of PHP? Same configure line used on building both PHP's? --Jani --- [2001-03-19 14:05:53] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-16 17:46:41] [EMAIL PROTECTED] In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) --Jani --- [2001-03-16 17:37:13] [EMAIL PROTECTED] Since you are using the transparent session id feature, the obvious question is: Do you use forms with method=POST? --- [2001-02-21 20:41:51] [EMAIL PROTECTED] Problem: For some reason PHP adds PHPSESSID to $HTTP_POST_VARS At login, I use: session_start(): $sid = session_id(); session_register("sid"); etc. 2 pages into the session the var PHPSESSID appears as the first element in the post array. My app has been been behaving until I started playing with gc_probability in php.ini. My identical dev website with identical code does not reproduce this problem. Config INFO: Compile Directives: './configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' '--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' '--enable-trans-sid' '--enable-ftp' php.ini session config: [Session] session.save_handler = files ; session.save_path=/usr/local/session; session.use_cookies = 0 ; session.name = PHPSESSID ; session.auto_start= 0 ; session.cookie_lifetime=0 ; session.cookie_path = / session.serialize_handler = php ; session.gc_probability= 1 ; session.gc_maxlifetime= 1800; session.referer_check = ; session.entropy_length= 0 ; session.entropy_file = ; session.entropy_length= 16 ; session.entropy_file = /dev/urandom session.cache_limiter= nocache ; ; session.cache_expire = 180 ; session.use_trans_sid = 1 ; [EOF] --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Open Status: Closed Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. Previous Comments: --- [2001-03-19 14:13:42] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-19 14:12:47] [EMAIL PROTECTED] Both environments run same php.ini? Same version of PHP? Same configure line used on building both PHP's? --Jani --- [2001-03-19 14:05:53] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-16 17:46:41] [EMAIL PROTECTED] In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) --Jani --- [2001-03-16 17:37:13] [EMAIL PROTECTED] Since you are using the transparent session id feature, the obvious question is: Do you use forms with method=POST? --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Closed Status: Open Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS Woops! No it still doesnt work. Aaron. Previous Comments: --- [2001-03-19 14:16:04] [EMAIL PROTECTED] both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. --- [2001-03-19 14:13:42] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-19 14:12:47] [EMAIL PROTECTED] Both environments run same php.ini? Same version of PHP? Same configure line used on building both PHP's? --Jani --- [2001-03-19 14:05:53] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-16 17:46:41] [EMAIL PROTECTED] In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) --Jani --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Feedback Status: Closed Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. Previous Comments: --- [2001-03-19 14:38:49] [EMAIL PROTECTED] Stupid question: did you restart your apache after adding that php.ini directive? And did your restart it like this: ./apachectl stop ./apachectl start (I'm just guessing here.. :) And does it work on your development environment or not? (the 'no ill effects'?) --Jani --- [2001-03-19 14:24:42] [EMAIL PROTECTED] Woops! No it still doesnt work. Aaron. --- [2001-03-19 14:16:04] [EMAIL PROTECTED] both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. --- [2001-03-19 14:13:42] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- [2001-03-19 14:12:47] [EMAIL PROTECTED] Both environments run same php.ini? Same version of PHP? Same configure line used on building both PHP's? --Jani --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390 Updated: PHPSESSID adds itself to $HTTP_POST_VARS
ID: 9390 User Update by: [EMAIL PROTECTED] Old-Status: Closed Status: Open Bug Type: *Session related Description: PHPSESSID adds itself to $HTTP_POST_VARS Jani, That is correct, I did explicitly stop and start the web server (prod and dev) using the ./apachectl stop ... start. Dev works fine. Aaron. Previous Comments: --- [2001-03-19 14:39:43] [EMAIL PROTECTED] both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. --- [2001-03-19 14:38:49] [EMAIL PROTECTED] Stupid question: did you restart your apache after adding that php.ini directive? And did your restart it like this: ./apachectl stop ./apachectl start (I'm just guessing here.. :) And does it work on your development environment or not? (the 'no ill effects'?) --Jani --- [2001-03-19 14:24:42] [EMAIL PROTECTED] Woops! No it still doesnt work. Aaron. --- [2001-03-19 14:16:04] [EMAIL PROTECTED] both production and development environments are using identical versions and configurations of apache web server 1.3.14 and php 4.0.4 pl1, php.ini config is also identical. --- [2001-03-19 14:13:42] [EMAIL PROTECTED] Thanx Jani, As suggested: In php.ini: url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" Remove the last setting, form=fakeentry. (or if you don't have this directive in your php.ini, add it without the last setting.) when i added this conf. directive and bounced the web server, $HTTP_POST_VARS (using the POST method) contained NO elements. I added this directive to my identical development environment and noticed no ill effects. --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=9390 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP 4.0 Bug #9390: PHPSESSID adds itself to $HTTP_POST_VARS
From: [EMAIL PROTECTED] Operating system: HP-UX 11.00 PHP version: 4.0.4pl1 PHP Bug Type: *Session related Bug description: PHPSESSID adds itself to $HTTP_POST_VARS Problem: For some reason PHP adds PHPSESSID to $HTTP_POST_VARS At login, I use: session_start(): $sid = session_id(); session_register("sid"); etc. 2 pages into the session the var PHPSESSID appears as the first element in the post array. My app has been been behaving until I started playing with gc_probability in php.ini. My identical dev website with identical code does not reproduce this problem. Config INFO: Compile Directives: './configure' '--prefix=/../../php_prod' '--with-config_file_path=/../../php_prod/lib' '--with-oci8' '--with-apache=/../../apache_prod' '--enable-track-vars' '--enable-trans-sid' '--enable-ftp' php.ini session config: [Session] session.save_handler = files ; session.save_path=/usr/local/session; session.use_cookies = 0 ; session.name = PHPSESSID ; session.auto_start= 0 ; session.cookie_lifetime=0 ; session.cookie_path = / session.serialize_handler = php ; session.gc_probability= 1 ; session.gc_maxlifetime= 1800; session.referer_check = ; session.entropy_length= 0 ; session.entropy_file = ; session.entropy_length= 16 ; session.entropy_file = /dev/urandom session.cache_limiter= nocache ; ; session.cache_expire = 180 ; session.use_trans_sid = 1 ; [EOF] -- Edit Bug report at: http://bugs.php.net/?id=9390edit=1 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]