PHP :: Bug #16417 :: session

Bug #16417

session_id() not working

Submitted:

2002-04-03 18:10 UTC

Modified:

2002-05-30 08:00 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

mike at indelible dot org dot uk

Assigned:

Status:

Closed

Package:

Session related

PHP Version:

4.1.1

OS:

WinXP/Win2K

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem: 25 - 14 = ?
Subscribe to this entry?

[2002-04-03 18:10 UTC] mike at indelible dot org dot uk

Using my own session id doesn't appear to work

<?php
session_id('mysess_'.md5(microtime()));
session_start();
?>

Causes Apache (1.3.22) to crash on Win2K/4.1.1 and produces "Warning: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (c:\\windows\\temp) in Unknown on line 0" on WinXP/4.2.0RC1

Without calling changing the session id, there are no problems

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-04-04 00:03 UTC] tonalsiren dot HATES-SPAM at hotmail dot com

You really don't have any reason to change the session id.

[2002-04-04 02:58 UTC] mike at indelible dot org dot uk

How do you know I don't have a reason to change the session id? :-)

Why claim to provide the functionality, then refuse to support it?

I *do* need to change the session id. It is unavoidable.

[2002-04-04 04:11 UTC] sander@php.net

Maybe you have to call session_id AFTER session_start()?
This is what the docs say:
"session_id() returns the session id for the current session. If id is specified, it will replace the current session id."
If the session hasn't been started yet, there's no session id to replace.
Does it work now?

[2002-04-04 04:20 UTC] mike at indelible dot org dot uk

No, it causes the same problem. I've tried it on Win2K/4.1.2, Win2K/4.2.0RC1 now too.

I don't see how you can reset the session_id after calling session start anyway. When session_start() is called, the SID constant is set, cookie sent to the client etc. You must have to set a custom session_id before this happens.

[2002-04-04 12:29 UTC] mike at indelible dot org dot uk

Aha! It appears that it is the underscore causing the problem.

[2002-04-04 12:51 UTC] derick@php.net

It should not matter if you use an underscore. Reopening.

Derick

[2002-04-04 19:18 UTC] sniper@php.net

In mod_files.c, starting at line 61 is function called
ps_files_valid_key() which checks the key for invalid
characters. It only allows a-z, A-Z and 0-9 chars.

[2002-05-30 08:00 UTC] mfischer@php.net

It's in fact a documentation problem, which is fixed now (will show up in a few days in the manual).

Additionally I've added an E_WARNING message if the file session handler encounters an invalid session id.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2023 The PHP Group All rights reserved.	Last updated: Fri Mar 31 17:03:40 2023 UTC