|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2003-01-22 11:49 UTC] msopacua@php.net
[2003-01-22 19:26 UTC] sniper@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Jul 13 03:01:32 2025 UTC |
The following script: <?php error_reporting(E_ALL); if(isset($_COOKIE[session_name()]) && !file_exists(session_save_path(NULL) . '/sess_' . session_id(NULL))) unset($_COOKIE[session_name()]); ini_set('session.use_only_cookies', TRUE); ini_set('session.cookie_lifetime', 7 * 24 * 3600); ini_set('session.gc_lifetime', 7 * 24 * 3600); session_start(); ?> <html> <body> <a href="<?php echo $_SERVER['PHP_SELF']; ?>?foo=<?php echo time(); ?>">refresh</a> <pre> <?php var_dump($_SESSION); ?> </pre> </body> </html> <?php $_SESSION['test'] = 'hi' . $_GET['foo']; ?> Creates warnings about illegal chars in the session id. However - there is no valid session here, as there is no valid cookie. It should send a new cookie instead, with a new generated session id. However - it sets an empty id: Set-Cookie: PHPSESSID=; expires=Wed, 29-Jan-2003 17:37:42 GMT; path=/ If I also unset $_SESSION, it doesn't change anything.