PHP :: Bug #21634 :: Passing PHPSESSID with POST when there's only one input in the form error

Bug #21634	Passing PHPSESSID with POST when there's only one input in the form error
Submitted:	2003-01-14 09:18 UTC	Modified:	2003-01-17 11:00 UTC
From:	jsegura at cromosoma dot com	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.3.0	OS:	RH Linux 7.3
Private report:	No	CVE-ID:	None

View Developer Edit

[2003-01-14 09:18 UTC] jsegura at cromosoma dot com

Hello!

I'm upgrading from PHP 4.1.2 to 4.3.0 and a strange thing is happening to me. I've got a form with one and only one input:

<form name="form1" method="post" action="somePage.php">
  <input type="hidden" name="PHPSESSID" value="{FILLED_WITH_TEMPLATE_POWER}">
</form>

When submitting the form, next page is unable to continue the session and I'm asked for a new login. Moreover, if I echo the session_id() result it contains a strange value like:

<some_session_id>PHPSESSID=<the_same_session_id> instead of a single session_id.

I'm not using enable-trans-sid and, the most surprising, works well if I add a second dummy input field in the form.

Can anyone help me?

Thanks in advance.
Joan.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-01-14 19:16 UTC] sniper@php.net

Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

[2003-01-17 10:56 UTC] dmitri at netilla dot com

I am experiencing the same problem.  Here's the script:

------------------------------------------------------
<html>
<body>

<FORM method=post>
  <INPUT TYPE="text" NAME=value>
  <INPUT TYPE="submit" VALUE="submit"> 
</FORM>
        
</body> 
</html>

<?
error_log("value: $value");
?>
------------------------------------------------------

after form is submitted with input, say, XXX, here's what is written to error log:

value: XXXvalue=XXX

Changing the script to have more than one input value fixes the problem (value is set to XXX).

I am using apache 2.0.43 and PHP 4.3.0 (DSO).  Needless to say, I have register_globals set to "on".

[2003-01-17 11:00 UTC] pollita@php.net

As I told you in IRC, and you ignored.... TRY A SNAPSHOT.

http://snaps.php.net

[2003-01-17 12:03 UTC] dmitri at netilla dot com

Two points.

1. Do you mean to tell me that if this bug is fixed in
   a snapshot released _after_ 4.3.0, it has to be marked
   BOGUS under 4.3.0 bugs??

2. Latest snapshot does not fix the problem on my box.
   Release: 4.3.1-dev
   Build Date: Jan 17 2003 12:51:29

[2003-01-20 09:44 UTC] dmitri at netilla dot com

I think this is the same bug as that described in bug report 18648 (filed back in July).

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Oct 27 17:00:01 2025 UTC