php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #17663 setcookie only sets last of multiple cookies
Submitted: 2002-06-09 02:48 UTC Modified: 2002-07-01 17:54 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:0 (0.0%)
From: craig at bioware dot com Assigned:
Status: Closed Package: Apache2 related
PHP Version: 4.0CVS-2002-06-09 OS: RedHat 7.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: craig at bioware dot com
New email:
PHP Version: OS:

 

 [2002-06-09 02:48 UTC] craig at bioware dot com 
Hey...

Yes I know that this has been mentioned and *FIXED* before, but with Apache 2.0.36 and PHP 4.2.1 (and the latest CVS from tonight - STABLE-200206082100)...

It is STILL an issue.  We are trying to set 2 cookies on the same page, and the second is the only one created!

I've tried everything I can think of -- multiple apache & php versions -- no luck!

Please take another look at this...

Thanks,

Craig Miller

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-06-09 04:08 UTC] derick@php.net 
The STABLE snapshots are not from the development branch, so change is that it didn't make it in the 4_2 release branch. You might want to try a non-stable snapshot which are made from the latest development branch.

Derick
 [2002-06-20 07:22 UTC] red at tripany dot com 
Hi,
I've installed Apache 2.0.39 on Debian 2.2 and 2.4, which went fine. Then installing php 4.2.1, the configure goes fine,

./configure --prefix=/opt/php-4.2.1 --enable-force-cgi-redirect --enable-ftp --enable-magic-quotes --enable-bcmath --enable-calendar --enable-dbase --enable-dbx --enable-ftp --enable-gd-native-ttf --enable-mbstring --enable-track-vars --enable-ucd-snmp-hack --enable-sockets --enable-sysvsem --enable-sysvshm --enable-yp --enable-shared=PKGS --enable-debug --enable-memory-limit --with-zlib --with-gd --with-jpeg-dir=/usr/lib --with-tiff-dir=/usr/lib --with-png-dir=/usr/lib --with-mysql --with-snmp --with-apxs2=/opt/httpd-2.0.39/bin/apxs

It finds apache2 support, and suggests using apache2filter (which I think it should be doing)

 but the make gives an error:

gcc -I. -I/usr/local/src/php/php-4.2.1/sapi/apache2filter -I/usr/local/src/php/php-4.2.1/main -I/usr/local/src/php/php-4.2.1 -I/opt/httpd-2.0.39/include -I/usr/local/src/php/php-4.2.1/Zend -I/usr/local/include -I/usr/local/src/php/php-4.2.1/ext/mysql/libmysql -I/usr/include/ucd-snmp -I/usr/local/src/php/php-4.2.1/ext/xml/expat -D_REENTRANT -I/usr/local/src/php/php-4.2.1/TSRM -DTHREAD=1 -g -O2 -pthread -Wall -DZTS -c php_functions.c  -fPIC -DPIC -o php_functions.lo
php_functions.c:93: parse error
make[3]: *** [php_functions.lo] Error 1
make[3]: Leaving directory `/usr/local/src/php/php-4.2.1/sapi/apache2filter'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/local/src/php/php-4.2.1/sapi/apache2filter'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/src/php/php-4.2.1/sapi'
make: *** [all-recursive] Error 1

Now if I delete lines 92, 93 and 94 from sapi/apache2filter/php_functions.c which are:

#if !MODULE_MAGIC_AT_LEAST(20020506,0)
                ADD_STRING(boundary);
#endif

and then continue the make, it all seems to go fine. Make install copies everything to the right directory and doing a <? phpinfo() ?> shows that everything should be functioning neatly.

Now the problem!

When writing cookies to a client, sometimes the cookie will not be written and sometimes it will be - this behaviour is consistent in terms of site a will never write the cookies, but site b will always write the cookie! (see code below)

Never works
setcookie("netuser", $row["werknemer_ID"], time()+3600, "/");
setcookie["netlanguage", $row["row_lang"], time()+3600,"/");
setcookie["netlastlogin", $row["last_login"], time()+3600,"/");
$werknemer_ID=$HTTP_COOKIE_VARS["netuser"];

Always works
setcookie("user", $userID, time()+(3600*3), "/")
$userID=$HTTP_COOKIE_VARS["soluser"];

The only thing we've managed to figure out is that in the first example, we write to the cookie 3 times (using similar statements) and in the second example we only create the cookie once. Every time we write to the cookie again, it overwrites (deletes) the old cookies  and replaces it with the last cookie. So what you end up with, is the netlastlogin cookie, and netuser and netlanguage don't exist on the client harddrive. This used to work under php4.2.0!

Under apache 2.0.36 and php 4.2.0 compiled with the same settings, I never experienced this behaviour and I have no idea what's causing it! Any help is much appreciated!
 [2002-06-20 07:39 UTC] derick@php.net 
That error was fixed in CVS recently, but leaving this open because of the bad cookies
 [2002-06-20 11:45 UTC] red at tripany dot com 
Well after extensive testing, I have to conclude it's probably not a php
(alone) problem.
I have tried:
PHP ver.     Apache ver.    --enable-so    works?   error
---------------------------------------------------------
4.2.1            2.0.39             yes       no     yes
2.1              36                 yes       yes    no
2.0              39                 yes       no     yes
2.0              36                 no        no     yes
2.0              36                 yes       yes    no
4.0.3pl1         1.3.9              ?         yes    ?

(4.0.3pl1 is the standard debian package)
The rest of the 2.1 installations (with apache 39) don't work and give
errors, so there's some problem with the apxs interaction between php
and httpd 2.0.39. As php2.1.0 works with httpd 2.0.36 I'm now assuming
there was a change in the apxs of apache in the security fix version
which renders the multiple cookies unwriteable. I'll send this off to
apache as well.
Cheers
Robin
 [2002-06-20 11:47 UTC] red at tripany dot com 
The guys at apache maintain it's a php problem, something with HEAD or so (see apache bug # 10061) so I'm back here now... 

Grtz
Robin Edgar
 [2002-06-20 18:47 UTC] sniper@php.net 
http://snaps.php.net/php4-latest.tar.gz fixes this.
 [2002-06-24 06:35 UTC] red at tripany dot com 
yup, php4-200206240000 worked, but now without yp support... next bug Cheers
Robin
 [2002-06-28 01:24 UTC] jtrusty at kiva dot net 
Running apache 2.0.39 with php 4.2.2-dev (latest stable) compiled as module on winnt. Experiencing the same problem. Php refuses to set multiple cookies. If setting more than a single cookie in a row, only the last cookie gets set (if you're lucky). Is a fix for this on the way?
 [2002-06-28 01:26 UTC] derick@php.net 
[2002-06-20 18:47:50] sniper@php.net

http://snaps.php.net/php4-latest.tar.gz fixes this.

it doesn't say stable here, only fixed in the 4.3.0dev version.

Derick
 [2002-07-01 17:33 UTC] khristopher_klaich at nywd dot uscourts dot gov 
I just tried to install this on my red.hat 6.2 system with apache 2.0.39 installed and I get the following 

/usr/local/php4-200207011200/sapi/apache2filter/sapi_apache2.c: In function `php
_register_hook':
/usr/local/php4-200207011200/sapi/apache2filter/sapi_apache2.c:567: incompatible
 type for argument 3 of `ap_register_output_filter'
/usr/local/php4-200207011200/sapi/apache2filter/sapi_apache2.c:567: too many arg
uments to function `ap_register_output_filter'
/usr/local/php4-200207011200/sapi/apache2filter/sapi_apache2.c:568: incompatible
 type for argument 3 of `ap_register_input_filter'
/usr/local/php4-200207011200/sapi/apache2filter/sapi_apache2.c:568: too many arg
uments to function `ap_register_input_filter'
make: *** [sapi/apache2filter/sapi_apache2.lo] Error 1

This happened on the make.....what now?
 [2002-07-01 17:54 UTC] sniper@php.net 
You need the latest CVS version of Apache2 too.
(2.0.40)

Apache2 (and support for it in PHP) are really experimental
still. You're better of with apache 1.3.26 anyway.

--Jani
 [2003-06-03 08:41 UTC] ben at galactic-tales dot de 
I just have trouble with this issue using both the newest PHP and Apache2-release (4.3.2 / 2.0.46).

Only the first of multiple cookies gets set.
Any ideas?
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 12:01:27 2024 UTC