php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #16417 session_id() not working
Submitted: 2002-04-03 18:10 UTC Modified: 2002-05-30 08:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: mike at indelible dot org dot uk Assigned:
Status: Closed Package: Session related
PHP Version: 4.1.1 OS: WinXP/Win2K
Private report: No CVE-ID: None
 [2002-04-03 18:10 UTC] mike at indelible dot org dot uk
Using my own session id doesn't appear to work

<?php
session_id('mysess_'.md5(microtime()));
session_start();
?>

Causes Apache (1.3.22) to crash on Win2K/4.1.1 and produces "Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (c:\\windows\\temp) in Unknown on line 0" on WinXP/4.2.0RC1

Without calling changing the session id, there are no problems

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-04-04 00:03 UTC] tonalsiren dot HATES-SPAM at hotmail dot com
You really don't have any reason to change the session id.
 [2002-04-04 02:58 UTC] mike at indelible dot org dot uk
How do you know I don't have a reason to change the session id? :-)

Why claim to provide the functionality, then refuse to support it?

I *do* need to change the session id. It is unavoidable.
 [2002-04-04 04:11 UTC] sander@php.net
Maybe you have to call session_id AFTER session_start()?
This is what the docs say:
"session_id() returns the session id for the current session. If id is specified, it will replace the current session id."
If the session hasn't been started yet, there's no session id to replace.
Does it work now?
 [2002-04-04 04:20 UTC] mike at indelible dot org dot uk
No, it causes the same problem. I've tried it on Win2K/4.1.2, Win2K/4.2.0RC1 now too.

I don't see how you can reset the session_id after calling session start anyway. When session_start() is called, the SID constant is set, cookie sent to the client etc. You must have to set a custom session_id before this happens.
 [2002-04-04 12:29 UTC] mike at indelible dot org dot uk
Aha! It appears that it is the underscore causing the problem.
 [2002-04-04 12:51 UTC] derick@php.net
It should not matter if you use an underscore. Reopening.

Derick
 [2002-04-04 19:18 UTC] sniper@php.net
In mod_files.c, starting at line 61 is function called
ps_files_valid_key() which checks the key for invalid
characters. It only allows a-z, A-Z and 0-9 chars.


 [2002-05-30 08:00 UTC] mfischer@php.net
It's in fact a documentation problem, which is fixed now (will show up in a few days in the manual).

Additionally I've added an E_WARNING message if the file session handler encounters an invalid session id.
 
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sun Feb 05 18:03:43 2023 UTC