php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #20425 session file cleared after execution of header("location ...
Submitted: 2002-11-14 05:03 UTC Modified: 2002-11-15 04:40 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: guerrini at dada dot it Assigned:
Status: Not a bug Package: Session related
PHP Version: 4.2.3 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: guerrini at dada dot it
New email:
PHP Version: OS:

 

 [2002-11-14 05:03 UTC] guerrini at dada dot it 
After execution of header("Location:otherfile.php?".SID);
the session file previously created does not contain all the items posted by a form.

My configuration:
Linux RH6.2 (tested also RH7.2 and RH 7.3)
Apache 1.3.27
PHP 4.2.3 compiled as a CGI
 './configure' '--enable-shared' '--with-system-regex' '--with-gd=/usr/local' '--enable-ftp' '--with-mysql' '--enable-track-vars' '--with-ttf=/usr' '--enable-gd-native-ttf' '--with-jpeg-dir' '--with-png-dir' '--with-zlib' '--enable-force-cgi-redirect' '--enable-dbase' '--with-config-file-path=/usr/local/apache/conf'
register_globals=1
session_trans_sid=1 (tested also =0)

I have 2 files index.php and lib1.inc
When I start index.php a session file is created (under /tmp) and contains the variable name ( !sessione| ).
When I post the form (in index.php), the session file under /tmp does not get updated.
If I comment out the line header("Location:otherfile.php?".SID); instead, the session file is updated with the values posted by the form.
It behaves as if execution of header("location ... cleared the session file.
These are the files involved:

LIB1.INC
<?
session_start();
session_register("sessione");
[....other functions here ....]
function SessioneUtente($fusern,$fpassw,$fnome,$fcognome,$fpriv,$femail)
{
     global $sessione;
     $sessione[nome]=$fnome;
     $sessione[cognome]=$fcognome;
     $sessione[username]=$fusern;
     $sessione[password]=$fpassw;
     $sessione[priv]=$fpriv;
     $sessione[email]=$femail;
     $sessione[loggato]=true;
}
?>
############################################

INDEX.PHP

<?
include("lib1.inc");
$messaggio="";
if (isset($azione) && $azione=="vai")
{
   if(empty($logon[username]) || empty($logon[password]))
     $messaggio.="devi riempire tutti i campi";
     //DEFINISCO l'ARRAY CU che conterr? i dati utente (username,password,priv, ecc.)
     $cu=checkUser( $logon[username], $logon[password]);
   if(!empty($logon[password]) && $logon[password]!=$cu[password])
       $messaggio .= "utente o password errati, riprova";

   if ($messaggio=="")
     {
   
SessioneUtente($cu[username],$cu[password],$cu[nome],$cu[cognome],$cu[priv],$cu[email]);
    header("Location:otherfile.php?".SID);
     }
}

?>
<html>
<head>
  <title>login</title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
  <meta name="GENERATOR" content="Quanta Plus">
</head>
<body>
<?
if($messaggio!="")
echo $messaggio;
?>
<form action="<?echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="azione" value="vai">

<div align=center>
<table border=1 cellpadding=0 cellspacing=0>
<tr>
  <td colspan=2>
  Login
  </td>
</tr>
<tr>
  <td>
  Username
  </td>
  <td>
  <input type="text" name="logon[username]" value="<?echo $logon[username]; ?>">
  </td>
</tr>

<tr>
  <td>
  Password
  </td>
  <td>
  <input type="password" name="logon[password]" maxlength=8>
  </td>
</tr>
<tr>
  <td align=right colspan=2>
  <input type="submit" value=accedi>
  </td>
</tr>
</table>
</div>
</form>
</body>
</html>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-11-14 08:41 UTC] novell at kiruna dot se 
You will find some useful information here: 2nd comment on http://www.php.net/manual/en/function.session-register.php
 [2002-11-14 09:09 UTC] iliaa@php.net 
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.

A number of mistakes in your script are likely causes of your script not to working.
1) Instead of session_register("sessione"); add variables to the session in this fassion $_SESSION['sessione'] = 'value';
2) $sessione[nome]=$fnome; is wrong, what's 'none', it probably should be $sessione['nome']=$fnome;, no?
3) Your location header is wrong for 2 reasons, 1st you are using relatives pathes, always a BAD idea and your header("Location:otherfile.php?".SID); is missing a space between Location: and otherfile.
4) Use session_id() and not SID to retrieve the session id.
 [2002-11-14 10:50 UTC] guerrini at dada dot it 
Ok, I corrected the errors as missing single quote and missing space between location and otherfile.php. 
The fact that induced me to think to a PHP bug, is that these same scripts work fine on 2 different server with same configuration (php+apache) as my local one.

Thanks, stefano
 [2002-11-15 04:38 UTC] guerrini at dada dot it 
Maybe it won't be a bug, but I wonder what it is.
I have fixed my problem by simply, recompiling PHP as a module
Now everything works fine again.
Thanks, Stefano
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Dec 03 08:00:02 2025 UTC