|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-04-16 02:18 UTC] giaym at hotmail dot com
[2006-04-16 07:59 UTC] tony2001@php.net
[2006-04-16 22:28 UTC] giaym at hotmail dot com
[2006-04-16 22:30 UTC] giaym at hotmail dot com
[2006-04-16 22:40 UTC] tony2001@php.net
|
|||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Jul 07 05:01:36 2025 UTC |
Description: ------------ Randomly, the cookies send back random values to the server, values different than those set the previous page load. I use session auto start on php.ini. PHP runs on Apache 2. Reproduce code: --------------- a, b, locka and lockb are cookies set with setcookie(<name>, <value>, 0, "/"); if($somevar == "lock") { echo "lock"; Set cookies locka and lockb with the values of cookies a and b respectively. } else if($somevar == "random") { echo "random"; Delete locka and lockb, and give a random value to a. } else { echo "none"; if(locka not set) Set random value to a. } if (b not set) Set random value to b. Enter pages in that order: www.domain.com/page/ www.domain.com/page/lock/ www.domain.com/page/random/ www.domain.com/page/lock/ (The if logic works, this is not a case of $somevar holding an incorrect value.) Expected result: ---------------- www.domain.com/page/ received cookies: none output: none sent cookies: a with value x; b with value y www.domain.com/page/lock/ received cookies: a with value x output: lock sent cookies: lock a = x; lock b = y www.domain.com/page/random/ received cookies: a with value x; b with value y; locka with value x; lockb with value y output: random sent cookies: delete lock a; delete lock b; a = z www.domain.com/page/lock/ received cookies: a with value z; b with value y output: lock sent cookies: lock a = z; lock b = y Actual result: -------------- Everything as expected except the last page load: The cookie received isn't a = z, it is a = q, I mean, another value. The server then sends "lock a = q" following the logic. PHPSESSID is received and reset on every page load. 1. HTTP Request Headers HTTP Request GET /page/ HTTP/1.1 User-Agent Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 HTTP Response Headers Set-Cookie PHPSESSID=3fo392aek7m274550d9oppqdo6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie a=3; path=/ Set-Cookie b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 2. (The request is as expected) HTTP Request Headers HTTP Request GET /page/lock/ HTTP/1.1 a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the values of a and b) HTTP Response Headers Set-Cookie locka=3; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/ 3.(The request is as expected) HTTP Request Headers HTTP Request GET /page/random/ HTTP/1.1 Cookie a=3; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; locka=3; lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We delete the locked values and set a random value for a, this case 2) HTTP Response Headers Set-Cookie locka=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie lockb=deleted; expires=Sat, 16-Apr-2005 01:33:24 GMT; path=/ Set-Cookie a=2; path=/ 4. (The request is not as expected, that value for 'a' had not even been used in the whole run -we are getting 1) HTTP Request Headers HTTP Request GET /page/lock/ HTTP/1.1 a=1; b=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52 (We lock the received values, this case 1) HTTP Response Headers Set-Cookie locka=1; path=/ Set-Cookie lockb=91-5-177-39-4-61-87-25-1-42-0-50-64-5-164-52; path=/