php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #19972 Sessiondata randomly gets lost, possibly due to invalid session cookie
Submitted: 2002-10-18 03:44 UTC Modified: 2003-03-13 12:15 UTC
Votes:4
Avg. Score:4.5 ± 0.9
Reproduced:4 of 4 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (25.0%)
From: ivo at ibuildings dot nl Assigned:
Status: No Feedback Package: Session related
PHP Version: 4.2.2 OS: Redhat Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ivo at ibuildings dot nl
New email:
PHP Version: OS:

 

 [2002-10-18 03:44 UTC] ivo at ibuildings dot nl 
I'm experiencing the random loss of sessiondata. (The same symptoms as in bug #19029 and in the comments of bug #19022).

While investigating this problem, I found out that the sessioncookie contains this value:

HTTP_COOKIE          = 1; PHPSESSID=f1faf3374d562e8738f64e7e7e030972;
pollvoted[1]=1;  (... some other data left out for privacy reasons);
PHPSESSID=842be4994a9c424fd7d4f9f8049aadc9

There are two different PHPSESSID cookies!

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-18 05:48 UTC] yohgaki@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip
 [2002-10-18 06:09 UTC] ivo at ibuildings dot nl 
I wish I could, but it's a productionserver on which this occurs. Installing a snapshot for this site is too dangerous. Is there a patch for just this specific issue that I might try on our current source?
 [2002-10-18 09:18 UTC] iliaa@php.net 
There is no patch because the session code has undergone major changes and revisions since the 4.2.2 release. Your best bet is to try to problematic code on a development server and see if the latest version of PHP still has this bug.
 [2002-11-10 18:23 UTC] sniper@php.net 
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 [2003-03-07 03:50 UTC] ivo at ibuildings dot nl 
The problem persists with PHP 4.3. 

I've reconfigured some settings, and the cookie being sent is ok now, however, still the session data gets lost every once in a while. The strange thing is, if I look at the session file that got written, all data is there..
 [2003-03-07 03:57 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

And update the Version on this report to 4.3.2 if this happens with the snapshot too.
 [2003-03-13 12:15 UTC] sniper@php.net 
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 16 09:01:28 2024 UTC