php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #8855 session_start should return also FALSE
Submitted: 2001-01-23 12:18 UTC Modified: 2010-11-19 00:30 UTC
From: sivasubraj at lycosmail dot com Assigned: jani (profile)
Status: Closed Package: Session related
PHP Version: 4.0.4 OS: Linux Mandrake 7.2
Private report: No CVE-ID: None
 [2001-01-23 12:18 UTC] sivasubraj at lycosmail dot com
I feel that the feature I am going to describe is desirable for security reasons: 
The function session_start should return FALSE when the GET (or cookie) requests to resume a non-esistent phpsession. 

If there is already a (quick) way to prevent resuming non-esistent or closed phpsessions, please let me know, else please, add the feature to the TODO list.
(I've set session_cache_limiter('private') and I *don't* want to set it to 'nocache').
Many thanks
Siva

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-19 00:30 UTC] jani@php.net
-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: jani
 [2010-11-19 00:30 UTC] jani@php.net
Since 5.3.0 session_start() returns FALSE if starting fails.
 [2010-11-19 00:30 UTC] jani@php.net
-Package: *General Issues +Package: Session related
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 15:01:29 2024 UTC