PHP :: Bug #15822 :: session variables disappear

Bug #15822	session variables disappear
Submitted:	2002-03-01 16:32 UTC	Modified:	2002-06-18 19:29 UTC
From:	php at bradandkristin dot com	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.1.2	OS:	Linux 2.2.19
Private report:	No	CVE-ID:	None

View Developer Edit

[2002-03-01 16:32 UTC] php at bradandkristin dot com

My web host recently upgraded to PHP 4.1.2.  At the same time, my user login scripts stopped working.  A session variable registered with session_register() is not holding its information when the page reloads.

Details:

I have a file included in every page that looks like:


class UserSession
{
var $user_id = 0;
var $username = "";
var $logged_in = false;
//other stuff elided
}

session_start();
global $user_session;
if (!session_is_registered("user_session"))
        {
        session_register("user_session");
        $user_session = new UserSession();
        }

function ProcessLogin($Username, $Password)
{
global $user_session;
//username and password are checked against DB contents
//if that's all good, get user row with mysql_fetch_array()
$user_session->user_id = $row[user_id];
$user_session->username = $row[user_name];
$user_session->logged_in = true;
//cookies are set and other stuff happens
}

When a page loads immediately after the user logs in, all is well, and the values in $user_session are all as I expect them to be.  Reloading the same page, though, causes $user_session to be set back to its default values.  Before the 4.1.2 upgrade, this worked fine.

I've stripped the code down almost to what I show above, and it still fails, so I'm pretty sure I'm not doing anything to stomp the values later in the page.  I double-checked that on the page reload, $user_session is still registered, and it appears to be.

The changelog at http://www.php.net/ChangeLog-4.php only goes up to version 4.1.1, so I couldn't tell if there was any change to session variable handling in 4.1.2.

Any thoughts?  All suggestions are appreciated.

Config line:
 './configure' '--with-mysql' '--with-apache=../apache_1.3.23' '--enable-track-vars' '--with-xml' '--enable-memory-limit=yes' '--enable-bcmath' '--with-gd=../gd-2.0.1' '--enable-gd-native-tt' '--enable-gd-imgstrttf' '--with-gdbm=/usr/include' '--enable-calendar' '--with-png-dir=/usr/lib' '--with-zlib-dir=/usr/include' '--with-freetype-dir=/usr/local/include/freetype2' '--with-jpeg-dir=/usr/local/lib' '--with-mcrypt' '--enable-trans-sid' '--with-sablot=/usr/local/lib' '--with-imap' '--enable-xslt' '--with-xslt-sablot' '--enable-sablot-errors-descriptive'

Host info:
Linux *.*.com 2.2.19-6.2.11 #1 Fri Oct 19 13:28:00 EDT 2001 i686 unknown

Server is latest stable Apache.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-03-02 02:16 UTC] yohgaki@php.net

It's known problem..... Session become read only.
Thanks for reporting but search reports first :)

[2002-03-04 13:27 UTC] php at bradandkristin dot com

I did.

I also checked the changelog, but it's still not updated for 4.1.2.

I also checked the session fn docs, but didn't see anything relevant in either the static documentation or the comments.

Perhaps the bug is marked as closed already?  I'm not sure I checked for closed bugs, but you didn't include the original bug number when telling me my entry was a duplicate, so I really have no idea what it was I missed on my first search.

If it's a known bug, is it slated to be fixed?  In 4.2.0?  Is there a work-around?  Again, my search for further information has left me dry.  Any pointer to a worthwhile starting point, even just the original bug #, would be far more useful than simply assuming I never bothered looking and telling me to buzz off.

[2002-03-06 16:04 UTC] i dot frank at sparrow-analytics dot de

I had exactly the same problem. (PHP 4.1.2 and Linux 2.2.16) 
Calling session_register(mySessVar) after session_start() seems to fix the problem - strange.

[2002-03-07 04:13 UTC] i dot frank at sparrow-analytics dot de

To call the session_register() after session_start() for every session-variable can't be a good solution of course because you have to get the values for your session-vars at every reload...

[2002-06-18 19:29 UTC] sniper@php.net

Thank you for taking the time to report a problem with PHP.
Unfortunately your version of PHP is too old -- the problem
might already be fixed. Please download a new PHP
version from http://www.php.net/downloads.php

If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Apr 18 05:01:28 2025 UTC