php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #76540 session_start() fails if headers already sent
Submitted: 2018-06-28 09:56 UTC Modified: 2018-06-28 17:00 UTC
Votes:1
Avg. Score:1.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: tony at marston-home dot demon dot co dot uk Assigned:
Status: Not a bug Package: Session related
PHP Version: 7.2.7 OS: Windows 10
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tony at marston-home dot demon dot co dot uk
New email:
PHP Version: OS:

 

 [2018-06-28 09:56 UTC] tony at marston-home dot demon dot co dot uk 
Description:
------------
When running a script in CLI mode I cannot open a new session if any headers have already been sent. According to bug #28923 the original message concerned the session cookie, but cookies are only used when running the script in a browser. If I am running in CLI mode there is no browser, so cookies should be irrelevant, which means that session_start() should not fail.

Test script:
---------------
<?
flush();
session_start();
echo "here";
?>


Expected result:
----------------
Do not get warning.

Actual result:
--------------
session_start(): cannot start session when headers already sent

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-06-28 10:04 UTC] krakjoe@php.net
-Status: Open +Status: Not a bug
 [2018-06-28 10:04 UTC] krakjoe@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
 [2018-06-28 10:33 UTC] spam2 at rhsoft dot net 
if(PHP_SAPI !== 'cli' && headers_sent() === false)
{
 session_start();
}
 [2018-06-28 10:38 UTC] tony at marston-home dot demon dot co dot uk 
Excuse me, but this *IS* a bug. When running PHP in CLI mode the use of cookies is irrelevant. They are only relevant when running PHP through a browser. When the script starts in CLI mode the $_COOKIE array is empty, and any cookies that are created are lost when the script terminates as they cannot be passed on to another script. The check for headers/cookies already sent can therefore be safely skipped when running in CLI mode.
 [2018-06-28 10:42 UTC] spam2 at rhsoft dot net 
yes it's a bug in your code and/or config

"session.use_cookies = 1" don't make any sense within a CLI script as well as session_start() at all in most cases
 [2018-06-28 17:00 UTC] tony at marston-home dot demon dot co dot uk 
You are correct. "session.use_cookies = 0" did the trick.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 03 10:01:33 2025 UTC