php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #47610 Block access to session file.
Submitted: 2009-03-10 01:14 UTC Modified: 2009-03-10 10:18 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: lonelywolf at damagelab dot org Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.2.9 OS: Linux, Ubuntu 8.10
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
27 + 43 = ?
Subscribe to this entry?

 
 [2009-03-10 01:14 UTC] lonelywolf at damagelab dot org 
Description:
------------
Hello. A mistake is noticed when you try paying for the session while working with it at this point.
I'm from Russia, therefore, to explain through an interpreter is not the best option, I will show you some example code, and you can understand the result of work.

Reproduce code:
---------------
Example source code: http://www.damagelab.org/dl/scripts/phpbuginsession.zip

zip.php - test file for sleep on wrok with session.
ajax.php - interface for example testing, include 2 ajax query.
ajax.js - library for used ajax.php
log.txt - debug log with result in real-time working

Expected result:
----------------
He must show for every ajax request(ajax.php?do=status):
46:[00:26:46] work 2
47:[00:26:46] work 2
48:[00:26:46] work 2
49:[00:26:49] work 3


Actual result:
--------------
52:[00:26:52] end

This finding does not immediately, but only when the script is run for zip.php and the latest result.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-03-10 10:18 UTC] jani@php.net 
RTFM: http://php.net/session_write_close
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat May 04 09:01:32 2024 UTC