php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #16408 session handling does not work with IE6
Submitted: 2002-04-03 04:16 UTC Modified: 2003-12-10 10:05 UTC
Votes:3
Avg. Score:4.3 ± 0.9
Reproduced:2 of 2 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (50.0%)
From: sb at bpm dot ch Assigned:
Status: Closed Package: Session related
PHP Version: 4.1.1 OS: Windows NT (IIS) & AIX (Apache)
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: sb at bpm dot ch
New email:
PHP Version: OS:

 

 [2002-04-03 04:16 UTC] sb at bpm dot ch 
In IE6 we have on some PCs the problem that the session data will not saved:

First page:

session_start();
$User = "root";
session_register(User);

Second page:

session_start();
echo "$User";

Now nothing will displayed...   :-(

This Problem occures only in IE6 an never in IE5.x

Stephan

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-04-03 09:46 UTC] yohgaki@php.net 
Hmm. I use IE6+Linux/Apache and I don't have problem.
Could you look into packets using sniffer? and see if there is any difference with IE6 and IE5.

Ehtereal works on a lot of platforms and very easy to use.
http://www.ethereal.com/
 [2002-05-03 13:01 UTC] jan dot vlcinsky at cad-programs dot com 
I thing, you forgot to place quotes around variable name
Instead of 
session_register(User); BAD
use
session_register("User"); OK
 [2002-07-10 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2003-12-10 07:22 UTC] peter dot lerner at commerzbank dot com 
If the session info is saved as a file, instead of a file called sess_<cryptic session-id>, you will find a file named 'sess_null'.

-rw-------   1 myuid mygid 1535549 Dec 10 12:57 sess_null

I'm running php4.3.4 on apache2 on a solaris8 box.
Browser is Internet Explorer 6.0.2800.1106CO.

Session management troubles happen only with IE6, but runs fine with e.g. Mozilla 1.5.

The problem is *very*critical* for us, because _every_ user who logs on with an IE6 gets user permissions from the sess_null. sess_null could be the admin's session.

Vice versa it's also a problem if the first user to create a sess_null was not-privileged, and the subsequent admin logon is "castrated" to the non-privileged level.
 [2003-12-10 07:28 UTC] sb at bpm dot ch 
This problem occures only, if the hostname of the server contains an "_" (underscore). We have changed the hostname now.

Stephan
 [2003-12-10 07:30 UTC] sb at bpm dot ch 
this issue can be closed now.
 [2003-12-10 10:05 UTC] derick@php.net 
FYI, hostnames with a _ in there are not even allowed. From Appendix 1 of RFC 882:

<domain> ::=  <subdomain> | " "

      <subdomain> ::=  <label> | <subdomain> "." <label>

      <label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]

      <ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>

      <let-dig-hyp> ::= <let-dig> | "-"

      <let-dig> ::= <letter> | <digit>

      <letter> ::= any one of the 52 alphabetic characters A through Z
      in upper case and a through z in lower case

      <digit> ::= any one of the ten digits 0 through 9
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 11:01:30 2024 UTC