php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #55444 trans-sid enabled; PHPSESSID inserted after end of href on links
Submitted: 2011-08-17 22:33 UTC Modified: 2013-02-18 00:34 UTC
Votes:4
Avg. Score:4.0 ± 0.7
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:0 (0.0%)
From: fatman at crackmonkey dot us Assigned:
Status: No Feedback Package: Session related
PHP Version: Irrelevant OS: Ubuntu 10.04.3 LTS
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: fatman at crackmonkey dot us
New email:
PHP Version: OS:

 

 [2011-08-17 22:33 UTC] fatman at crackmonkey dot us
Description:
------------
In more detail, OS:
Linux 2.6.32-32-server x86_64 #62-Ubuntu SMP Wed Apr 20 22:07:43 UTC 2011 

PHP 5.3.2-1ubuntu4.9 with Suhosin-Patch (cli) (built: May  3 2011 00:45:52)

This is the standard PHP package from Ubuntu Lucid's "main" repo. I did not 
compile it. I have enabled the trans-
sid option.

When generating a long list of links, occasionally the trans-sid function will 
miss the end of the "href" 
attribute and add "?PHPSESSID=73...07" outside the closing double quote mark. 
eg:

<td><a href="index.php?
area=gallery&page=edit_photo&file=gallery_36.jpg&amp;PHPSESSID=73...07"><img 
src="images/edit.png" />gallery_36.jpg</a></td> 
...
<td><a href="index.php?area=gallery&page=edit_photo&file=gallery_37.jpg"?
PHPSESSID=73...07><img 
src="images/edit.png" />gallery_37.jpg</a></td> 

Note that since it is outside the quote mark, it is generated with a "?" instead 
of "&amp;". This reliably 
happens on the "gallery_37.jpg" link, and the "gallery_18.jpg" link, and a few 
others.

Test script:
---------------
The relevant loop:

      while ($row = mysql_fetch_assoc($result)) {
         $file = sanitise_html($row["filename"]);
         $title = sanitise_html($row["title"]);
?>
               <tr>
                  <td><a href="index.php?area=gallery&page=edit_photo&file=<?=$file?>"><img src="images/edit.png" /><?=$file?></a></td>
                  <td><?=$title?></td>
                  <td><a href="index.php?area=gallery&page=delete_photo&file=<?=$file?>"><img src="images/delete.png" /></a></td>
               </tr>
<?
      }

Expected result:
----------------
In the example above, I would expect:

&amp;PHPSESSID=73...07

to be added to the end of every link, in the proper place, *inside* the end of the 
href attribute.

Actual result:
--------------
On some links, the PHPSESSID appears *outside* the end of the href attribute. This 
causes the PHPSESSID not to be included in the link.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-08-22 14:05 UTC] kalle@php.net
Upgrade PHP first, we don't support 5.3.2 anymore
 [2011-08-22 14:07 UTC] kalle@php.net
-Status: Open +Status: Feedback
 [2011-08-22 14:07 UTC] kalle@php.net
(pressed Enter by accident)

... if the problem persists in 5.3.7 or the upcoming patch level release 5.3.8 then change the status of the bug back to Open
 [2011-11-16 19:49 UTC] dimitriy at remerov dot ru
Was able to reproduce on different installations on 5.3.6 and 5.3.5.
If I place link before broken one, then this new one becomes broken.

Unfortunately can't test in other versions due to complication installation.


Relevant part HTML (5th link is broken, but there are links before that HTML):

...					
<a href="a?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="b?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="c?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="d?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="e"?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae>

	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="f?PHPSESSID=c5e10c3bb9d776c7b618531d31bb44ae">
	abcdefghijkjlmopqrstuvwxyz
</a>
...
--------------

Relevant code:


// add start
if (strpos($url_item, 'translation') !== false) { // to make it around 17th link 
on page
	?>
<a href="<?= "a" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="<?= "b" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="<?= "c" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="<?= "d" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="<?= "e" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
<a href="<?= "f" ?>">
	abcdefghijkjlmopqrstuvwxyz
</a>
	<?php
}
// add end

----
 [2012-12-14 09:39 UTC] freynder at gmail dot com
Experienced the same issue in PHP 5.3.10. I have a long list of links and they 
look all correct except for 1. 

Code:
<a href="/admin/field/edit/params/id/<?= $field['field_id'] ?>/client/<?= $id ?
>" class="edit">Edit</a>

Result:
<a href="/admin/field/edit/params/id/632/client/32"?
PHPSESSID=gs0p9jd4er5fm1ojhg7tbq5m75 class="edit">Edit</a>
 [2013-02-18 00:34 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 18:01:31 2024 UTC