php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #4495 trans-sid failure on forms
Submitted: 2000-05-18 05:20 UTC Modified: 2000-05-18 11:08 UTC
From: jamestkirkiii at hotmail dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.0 Release Candidate 2 OS: FreeBSD 4.0
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jamestkirkiii at hotmail dot com
New email:
PHP Version: OS:

 

 [2000-05-18 05:20 UTC] jamestkirkiii at hotmail dot com 
I've compiled PHP4 RC2 with --enable-trans-sid, and PHP4 RC2 correctly appends the session stuff for normal <a href... tags, but doesn't do it to <form action=... tags.  Another minor quirk/annoyance is for self-editable sites, when the code comes up in a <textarea> tag, if it has any embedded href's which references pages within the site, it appends the session info to them.

<form method="post" action="page.php">
<textarea cols="75" rows="20" name="content" wrap="off">
<a href="pageview.php?action=view&pageid=26&parentid=25&PHPSESSID=0cad334cada0fbcc8d181c68b05c2896" class="normal">Link</a></textarea>

Notice it appends the session info to a link embeded in a textarea tag.

BTW, thanks for the AWESOME product!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-05-18 11:08 UTC] joey at cvs dot php dot net 
PHP should not add the sid to the action of a form, at least,
not one using the POST method...I guess some would argue
on whether on not to do it under GET.

In either case, just add an <input type="hidden"> to get the 
desired effect
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Feb 05 06:01:32 2025 UTC