php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #22440 Bug with cookie in CGI not in ISAPI
Submitted: 2003-02-26 10:13 UTC Modified: 2003-05-18 22:46 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: garfield_fr at tiscali dot fr Assigned:
Status: Not a bug Package: CGI/CLI related
PHP Version: 4.3.2-dev OS: Windows 2000 pro SP3
Private report: No CVE-ID: None
View Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
28 + 20 = ?
Subscribe to this entry?

 
 [2003-02-26 10:13 UTC] garfield_fr at tiscali dot fr 
I don't know if it's a real bug but ....

Config :
Windows 2K pro + SP3
Serveur IIS
PHP 4.3.0
this is my php.ini (full version for testing purpose) :
[PHP]
cgi.force_redirect = 0
cgi.rfc2616_headers = 1
[Session]
session.save_handler = files
session.save_path = "C:\PHP\sessions\"

I'm trying to use PHPNuke 6.0.17 and I found this bug :
When you want to login under PHPNuke you enter your name/password. if your login is ok the script send a cookie and redirect to an URL (your personal page).
With PHP in CGI mode, no cookie are send/receive (?) to the browser (IE6 SP1) and you are not connect to PHPNuke BUT if PHP run in ISAPI mode the cookie is well receive by browser and you are connected to PHPNuke....

I don't test under Apache because I don't know how to run PHP in CGI mode under Apache, but Apache+PHP module work fine (W2K)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-02-26 10:23 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2003-02-26 10:46 UTC] garfield_fr at tiscali dot fr 
No change .... same problem ...
PHPNuke doesn't work with CGI but it works with ISAPI ...
 [2003-02-26 10:47 UTC] sniper@php.net 
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.
 [2003-02-27 05:53 UTC] davidfelton at codemasters dot com 
I've been experiencing a very similar/the same bug with IIS on windows 2000 and setting cookies using PHP as CGI.

How I set my cookies is as follows:

As there is a bug in IIS that prevents you from setting cookies in conjunction with Header("Location: ...") the filenames of the files that set cookies are preceded with 'nph-' as detailed here:

http://support.microsoft.com/default.aspx?scid=KB;en-us;q176113

so that I can send my own headers. This worked fine in PHP 4.2.3, now with PHP 4.3.2 It just doesn't work and headers are printed out to the screen. Code used is as follows:

function MySetCookie($CkyName, $CkyValue, $exp, $pth, $domain, $Secure)
			{
			$exp = gmstrftime("%A, %d-%b-%Y %H:%M:%S",$exp);
			return "Set-Cookie: Territory=$CkyValue; path=$pth; domain=$domain; expires=$exp";
			}

            $territory="EnglishUK";

		//go to the main page
		Header("HTTP/1.0 302 Redirect");
		Header("Location: http://www.mydomain.com/mainpage.php?territory=$territory");
		//set cookie		
		Header(MySetCookie("Territory",$territory,mktime(0,0,0,date("n"),date("j")+30),"/","mydomain.com",0));

(note this file needs to be saved as 'nph-index.php')

This is an issue with PHP and not ISS.

Thanks.
 [2003-02-27 06:11 UTC] davidfelton at codemasters dot com 
Have solved it:
I set cgi.rfc2616_headers in the php.ini to 1. I didn't know about this new setting.

Thanks.
 [2003-02-27 07:59 UTC] garfield_fr at tiscali dot fr 
I set cgi.rfc2616_headers = 1 ... and I have no change :(

and I can't modify my script because I do some tests to give PHP to customers ...
 [2003-02-27 08:54 UTC] sniper@php.net 
reclassified
 [2003-03-30 06:46 UTC] moriyoshi@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

This bug is likely fixed by a recent patch in CVS, so please try the latest cvs snapshot again.
 [2003-03-30 17:41 UTC] garfield_fr at tiscali dot fr 
I try using last CVS snapshot (30 mar 2003).
bug is still here !! setcookie() with header("location: ...") doesn't work ...(test with phpnuke 6.0.17, in login page)
 [2003-03-30 18:43 UTC] garfield_fr at tiscali dot fr 
this is a little page to test the bug :
if no cookie are set, click on "setCookie and header" link to set the cookie and redirect to other... cookie are not set !!
tested with 
PHP Version : 4.3.2-RC 
Build Date  : Mar 30 2003 09:11:32


<?php

function SetTheCookie(){
	setcookie("test","TestValue");
}
function set_redir(){
	SetTheCookie();
	header("Location: ".$_SERVER['PHP_SELF']."?op=other");
}
function delcookie(){
	setcookie("test","");	
}
?>
<html>
<head></head>
<body>
Test SetCookie function with Header("Location: ....") function...<br>
<a href="<?= $PHP_SELF; ?>?op=set">just setCookie</a><br/>
<a href="<?= $PHP_SELF; ?>?op=set_redir">setCookie and header("location:...")</a><br/>
<a href="<?= $PHP_SELF; ?>?op=delcookie">delete cookie("location:...")</a><br/>

<?php
echo "\$_GET : <br><xm>";var_dump($_GET);echo "</xmp><br>";

$op = $_GET['op'];
switch ($op){
	case "set" :
		SetTheCookie();
		break;
	case "set_redir" :
		set_redir();
		break;
	case "delcookie" :
		delcookie();
		break;
}
echo "\$_COOKIE : <br><xm>";var_dump($_COOKIE);echo "</xmp><br>";
?>
</body>
</html>
 [2003-05-01 20:21 UTC] sniper@php.net 
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.
 [2003-05-04 10:59 UTC] garfield_fr at tiscali dot fr 
I try with PHP 4.3.2 RC3 dev build date May 4 2003 10:14:20

The bug is still here !!
 [2003-05-18 22:46 UTC] shane@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

I don't know how it could have been 'fixed', this is an IIS issue due to MS's interpretation of the CGI spec and nothing we can do about it.  It has been this way forever.  As was posted before, you can see details at http://support.microsoft.com/default.aspx?scid=KB;en-us;q176113
 [2003-05-18 22:46 UTC] shane@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

I don't know how it could have been 'fixed', this is an IIS issue due to MS's interpretation of the CGI spec and nothing we can do about it.  It has been this way forever.  As was posted before, you can see details at http://support.microsoft.com/default.aspx?scid=KB;en-us;q176113
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Oct 25 23:00:01 2025 UTC