[PHP-DEV] Bug #15158 Updated: Session get replaced when moving to other domain
ID: 15158 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Open +Status: Bogus Bug Type: Session related Operating System: RH7.1 PHP Version: 4.1.1 New Comment: Cookie will not be sent if domain is changed. = NOT a bug. (If it does, it's serious privacy flaw... ) If you are interested in cross domain session, phpbuilder.com had an article about it. Previous Comments: [2002-01-22 05:34:17] [EMAIL PROTECTED] in My 4.0.6 php.ini cookie_domain = in My 4.1.1 php.ini cookie_domain = Worked very well through all the 4.0.x ver untill the 4.1.1 ( didnt checked the 4.1.0 ) [2002-01-22 05:24:20] [EMAIL PROTECTED] Please check your session.cookie_domain setting (php.ini directive). [2002-01-22 05:17:40] [EMAIL PROTECTED] When I move from www.domain.com to secure.domain.com with the PHPSESID in the URL the session from the previous domain continue to work in the new one until the first inner link that does not have the PHPSESID is clicked. When such link is clicked ( or submitted ) the session_start/register initiate new session to the domain and forget about the old session. This behavior started after I upgraded to 4.1.1 from 4.0.6. IMHO In 4.0.6 the session was accepted for the domain ( as default ) after PHPSESID was delivered but in 4.1.1 its not. -- Edit this bug report at http://bugs.php.net/?id=15158edit=1 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] Bug #15158 Updated: Session get replaced when moving to other domain
ID: 15158 Updated by: jan Reported By: [EMAIL PROTECTED] Old Status: Open Status: Feedback Bug Type: Session related Operating System: RH7.1 PHP Version: 4.1.1 New Comment: Please check your session.cookie_domain setting (php.ini directive). Previous Comments: [2002-01-22 05:17:40] [EMAIL PROTECTED] When I move from www.domain.com to secure.domain.com with the PHPSESID in the URL the session from the previous domain continue to work in the new one until the first inner link that does not have the PHPSESID is clicked. When such link is clicked ( or submitted ) the session_start/register initiate new session to the domain and forget about the old session. This behavior started after I upgraded to 4.1.1 from 4.0.6. IMHO In 4.0.6 the session was accepted for the domain ( as default ) after PHPSESID was delivered but in 4.1.1 its not. Edit this bug report at http://bugs.php.net/?id=15158edit=1 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] Bug #15158 Updated: Session get replaced when moving to other domain
ID: 15158 User updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Old Status: Feedback Status: Open Bug Type: Session related Operating System: RH7.1 PHP Version: 4.1.1 New Comment: in My 4.0.6 php.ini cookie_domain = in My 4.1.1 php.ini cookie_domain = Worked very well through all the 4.0.x ver untill the 4.1.1 ( didnt checked the 4.1.0 ) Previous Comments: [2002-01-22 05:24:20] [EMAIL PROTECTED] Please check your session.cookie_domain setting (php.ini directive). [2002-01-22 05:17:40] [EMAIL PROTECTED] When I move from www.domain.com to secure.domain.com with the PHPSESID in the URL the session from the previous domain continue to work in the new one until the first inner link that does not have the PHPSESID is clicked. When such link is clicked ( or submitted ) the session_start/register initiate new session to the domain and forget about the old session. This behavior started after I upgraded to 4.1.1 from 4.0.6. IMHO In 4.0.6 the session was accepted for the domain ( as default ) after PHPSESID was delivered but in 4.1.1 its not. Edit this bug report at http://bugs.php.net/?id=15158edit=1 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]