php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #16980 session_start() somtimes ignores "session.use_cookies=1" in php.ini
Submitted: 2002-05-02 18:32 UTC Modified: 2002-07-24 06:22 UTC
Votes:8
Avg. Score:4.6 ± 0.7
Reproduced:7 of 7 (100.0%)
Same Version:4 (57.1%)
Same OS:3 (42.9%)
From: php at lowgradepain dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 4.2.0 OS: Linux 2.2.20
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php at lowgradepain dot com
New email:
PHP Version: OS:

 

 [2002-05-02 18:32 UTC] php at lowgradepain dot com 
It appears that the first script I hit on a site where session_start() is invoked causes the ?PHPSESSID=xxxxx in the URL, even though my php.ini file specifies:
  session.use_cookies = 1

After that first page, the session continues to work but the URL no longer contains the PHPSESSID parameter.

This has not been the case in previous installations of PHP on the same server.  I just recently upgraded from 4.1.1 to 4.2.0 and this issue began.

php config line:
./configure' '--with-apache=../apache_1.3.23' '--prefix=/usr/local/pkg/php-4.2.0' '--enable-sysvsem' '--enable-sysvshm' '--with-imap=../imap-2001.BETA.SNAP-0106252013' '--with-pgsql=/usr/local/pgsql' '--enable-trackvars' '--disable-debug'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-24 06:22 UTC] hholzgra@php.net 
you have trans_sid feature enabled, so session ids are automaticly added unless a cookie is received

session.use_trans_sid=0 in php.ini or using ini_set() before session_start() switches this off
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jul 13 14:01:31 2025 UTC