php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #21634 Passing PHPSESSID with POST when there's only one input in the form error
Submitted: 2003-01-14 09:18 UTC Modified: 2003-01-17 11:00 UTC
From: jsegura at cromosoma dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 4.3.0 OS: RH Linux 7.3
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jsegura at cromosoma dot com
New email:
PHP Version: OS:

 

 [2003-01-14 09:18 UTC] jsegura at cromosoma dot com
Hello!

I'm upgrading from PHP 4.1.2 to 4.3.0 and a strange thing is happening to me. I've got a form with one and only one input:

<form name="form1" method="post" action="somePage.php">
  <input type="hidden" name="PHPSESSID" value="{FILLED_WITH_TEMPLATE_POWER}">
</form>

When submitting the form, next page is unable to continue the session and I'm asked for a new login. Moreover, if I echo the session_id() result it contains a strange value like:

<some_session_id>PHPSESSID=<the_same_session_id> instead of a single session_id.

I'm not using enable-trans-sid and, the most surprising, works well if I add a second dummy input field in the form.

Can anyone help me?

Thanks in advance.
Joan.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-01-14 19:16 UTC] sniper@php.net
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.
 [2003-01-17 10:56 UTC] dmitri at netilla dot com
I am experiencing the same problem.  Here's the script:

------------------------------------------------------
<html>
<body>

<FORM method=post>
  <INPUT TYPE="text" NAME=value>
  <INPUT TYPE="submit" VALUE="submit"> 
</FORM>
        
</body> 
</html>

<?
error_log("value: $value");
?>
------------------------------------------------------

after form is submitted with input, say, XXX, here's what is written to error log:

value: XXXvalue=XXX

Changing the script to have more than one input value fixes the problem (value is set to XXX).

I am using apache 2.0.43 and PHP 4.3.0 (DSO).  Needless to say, I have register_globals set to "on".
 [2003-01-17 11:00 UTC] pollita@php.net
As I told you in IRC, and you ignored.... TRY A SNAPSHOT.

http://snaps.php.net


 [2003-01-17 12:03 UTC] dmitri at netilla dot com
Two points.

1. Do you mean to tell me that if this bug is fixed in
   a snapshot released _after_ 4.3.0, it has to be marked
   BOGUS under 4.3.0 bugs??

2. Latest snapshot does not fix the problem on my box.
   Release: 4.3.1-dev
   Build Date: Jan 17 2003 12:51:29
 [2003-01-20 09:44 UTC] dmitri at netilla dot com
I think this is the same bug as that described in bug report 18648 (filed back in July).
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sun Oct 20 09:01:26 2019 UTC