php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27550 session_name doesn't fail or compensate for illegal white space
Submitted: 2004-03-10 10:42 UTC Modified: 2004-03-10 13:35 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: whelan at nexserver dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 4.3.4 OS: Windows XP
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: whelan at nexserver dot com
New email:
PHP Version: OS:

 

 [2004-03-10 10:42 UTC] whelan at nexserver dot com
Description:
------------
if it contains a space, you get a new session_id on every page calling session_start(). I believe php should either fail and return an error or compensate for the space. It shouldn't just not work correctly.

Reproduce code:
---------------
session_name('New Session');
session_start();

Expected result:
----------------
It should maintain the same session id for each session with the same session name.

Actual result:
--------------
It will create a new session id for each time this is called.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-03-10 13:23 UTC] sniper@php.net
RTFM

 [2004-03-10 13:31 UTC] whelan at nexserver dot com
This is definately a problem with php. It is either an illegal parameter, or it should be handled as if it were a correct parameter. It does neither at this time. It will not maintain a session of a name with a space in it. You're saying it should start a new session with a new session id every time it encounters a session with the same name, so it doesn't maintain the session variables? This doesn't make any sense.
 [2004-03-10 13:35 UTC] derick@php.net
No, he said "RTFM":

http://nl2.php.net/manual/en/function.session-name.php says:

 The session name references the session id in cookies and URLs. It should contain only alphanumeric characters; it should be short and descriptive (i.e. for users with enabled cookie warnings).
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 31 23:01:28 2024 UTC