|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2007-08-21 23:10 UTC] g dot schuster at laxit dot com
[2007-08-22 09:05 UTC] jani@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2026 The PHP GroupAll rights reserved. |
Last updated: Sat Mar 21 05:00:01 2026 UTC |
Description: ------------ Keeping track of the session ID fails due to refere_check when a link is clicked even if session.refere_check is disabled in the global AND in the local config. phpinfo() correctly states session.referer_check=0 for both global and local config. If you add the URL parameters (NOT the session id parameters!) to the URL and hit "Enter" everything works fine because, in my case, FireFox doesn't send a referer. Problem can be solved if ini_set('session.referer_check', FALSE); is set in the script. Reproduce code: --------------- http://www.laxit.com/tmp_files/phpbug/session_bug.html http://www.laxit.com/tmp_files/phpbug/phpinfo.html Expected result: ---------------- Session keeps state and doesn't check for referer if session.referer_check=0 Actual result: -------------- session_id($_REQUEST[session_name()]); session_start(); creates a new session because it doesn't respect the session.refere_check=0