|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #23681 Unclear error msg. when PHPSESSID manually deleted from URL by user
Submitted: 2003-05-18 10:41 UTC Modified: 2012-02-21 07:39 UTC
Avg. Score:4.8 ± 0.6
Reproduced:11 of 11 (100.0%)
Same Version:1 (9.1%)
Same OS:4 (36.4%)
From: php at lapage dot com Assigned: sas (profile)
Status: Closed Package: Session related
PHP Version: * OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: php at lapage dot com
New email:
PHP Version: OS:


 [2003-05-18 10:41 UTC] php at lapage dot com
Request for a better error msg.

If the user disables cookies and changes the URL to

Then the resulting Apache 1.3 error log reads:

PHP Warning:  session_start(): The session id contains illegal characters, valid characters are only a-z, A-Z and 0-9 in /zz/zzdomain/www/form.php on line 3

PHP Warning:  Unknown(): The session id contains illegal characters, valid characters are only a-z, A-Z and 0-9 in Unknown on line 0

PHP Warning:  Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp_php/zzdomainzz) in Unknown on line 0

  @$ct= ++$_SESSION['count'];
[$ct]<br><form method="get">
See hidden input<input type="submit" name="submit" value="Test"></form>
<a href="$PHP_SELF?foo=bar">See new href</a>


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-05-20 03:16 UTC]
I'm all for making this a notice instead, assigning to Sascha as he's the maintainer of ext/session.

 [2010-12-20 13:58 UTC]
-Package: Feature/Change Request +Package: Session related -Operating System: Linux +Operating System: * -PHP Version: 4.3.1 +PHP Version: *
 [2012-02-21 07:39 UTC]
-Status: Assigned +Status: Closed
 [2012-02-21 07:39 UTC]
This code has all been rewritten long ago and this issue is no longer present.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun May 26 16:01:29 2024 UTC