PHP :: Bug #16627 :: SID is empty

Bug #16627

SID is empty

Submitted:

2002-04-16 03:31 UTC

Modified:

2002-04-23 22:01 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

michael dot hockerts at fonetix dot de

Assigned:

Status:

Closed

Package:

Session related

PHP Version:

4.2.0

OS:

Linux 2.4.10

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	michael dot hockerts at fonetix dot de
New email:
PHP Version:		OS:

New Comment:

[2002-04-16 03:31 UTC] michael dot hockerts at fonetix dot de

<?php
  session_start();
  if ( SID != session_name() . '=' . session_id() ) echo 'shit'; else echo 'my fault';
?>



'./configure' '--with-apxs2=/usr/httpd/sbin/apxs' '--with-mysql' '--with-gd' '--with-jpeg-dir=/usr' '--with-png-dir=/usr/lib' '--with-zlib=yes' '--with-xml' '--with-ttf' '--with-ftp' '--enable-trans-sid' '--enable-track-vars' '--enable-magic-quotes' '--enable-ftp' '--with-config-file-path=/etc/httpd2' '--with-sybase=/usr/freetds' '--with-pdflib=/usr/local' '--with-gettext'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-04-16 05:03 UTC] hholzgra@php.net

afair SID is only defined when no session cookie was received?

[2002-04-16 05:31 UTC] michael dot hockerts at fonetix dot de

With enabled cookies, it works, but I would have to change the congiguration of 1400 clients to allow cookies.

Cookies are not enabled in my configuration:

session.auto_start		Off
session.cache_expire		180
session.cache_limiter		nocache
session.cookie_domain		no value
session.cookie_lifetime		0
session.cookie_path		/
session.cookie_secure		Off
session.entropy_file		no value
session.entropy_length		0
session.gc_maxlifetime		1440
session.gc_probability		1
session.name			SESSID
session.referer_check		no value
session.save_handler		files
session.save_path		/tmp
session.serialize_handler	php
session.use_cookies		Off
session.use_trans_sid		0

its the same php.ini I used in 4.1.2 and lower.
I also tried the php.ini-dist from RC4

[2002-04-16 05:33 UTC] michael dot hockerts at fonetix dot de

With enabled cookies, it works, but I would have to change the configuration of 1400 clients to allow cookies.

Cookies are not enabled in my serverconfiguration:

session.auto_start		Off
session.cache_expire		180
session.cache_limiter		nocache
session.cookie_domain		no value
session.cookie_lifetime		0
session.cookie_path		/
session.cookie_secure		Off
session.entropy_file		no value
session.entropy_length		0
session.gc_maxlifetime		1440
session.gc_probability		1
session.name			SESSID
session.referer_check		no value
session.save_handler		files
session.save_path		/tmp
session.serialize_handler	php
session.use_cookies		Off
session.use_trans_sid		0

its the same php.ini I used in 4.1.2 and lower.
I also tried the php.ini-dist from RC4

[2002-04-23 21:59 UTC] mmichael at audiogalaxy dot com

We are getting the same error.  It works fine on php 4.1.2, but 4.2.0 blows up.  We do not have sessions trans ID enabled, but I noticed the configuration script no longer recognizes trans-sid.  Not everybody has cookies and php 4.2.0 appears to break sessions for people w/o cookies.

[2002-04-23 22:01 UTC] sniper@php.net

This is fixed in CVS and the fix will be in PHP 4.2.1.

--Jani

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Aug 15 17:00:02 2025 UTC