PHP :: Bug #20798 :: use_trans_sid produces unvalid html

Bug #20798	use_trans_sid produces unvalid html
Submitted:	2002-12-03 14:56 UTC	Modified:	2002-12-04 07:52 UTC
From:	mikav at raketti dot net	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.2.3	OS:	RH7.2
Private report:	No	CVE-ID:	None

View Developer Edit

[2002-12-03 14:56 UTC] mikav at raketti dot net

When a PHP option session.use_trans_sid is set on, and user has cookies disabled, every URL in page is altered by PHP to include the SID in them.

However possible "amp"-signs in urls are not produced as valid html (according to w3c). Heres an example:

A page has a link similiar to:
-- HREF="/some.php?a=b&amp;c=d"
after adding SID it becomes:
-- HREF="/some.php?a=b&amp;c=d&SID=WHATEVER"

Should be:
-- HREF="/some.php?a=b&amp;c=d&amp;SID=WHATEVER"

am I right? Or didn't I just notice something?
And btw, bug search system doesn like &amp; as a search word, says that I'm a bad cracker :|

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-12-03 14:57 UTC] derick@php.net

Read your php.ini closely, and pay attention to the arg_seperator.output setting.

Not a bug -> bogus

[2002-12-04 07:34 UTC] mikav at raketti dot net

Woops, my fault. Havent noticed that before. Maybe &amp; should be default?

[2002-12-04 07:51 UTC] mail at razor dot dk

+1 from here. It wont break anything and complies with present standards.

[2002-12-04 07:52 UTC] derick@php.net

Search the archives, this is not going to happen until there are browsers which don't work without this.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Nov 06 17:00:01 2025 UTC