php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #29322 Constant SID already defined with session_regenerate_id()
Submitted: 2004-07-22 11:41 UTC Modified: 2004-08-02 11:37 UTC
From: olivier dot bichler at laposte dot net Assigned: sas (profile)
Status: Not a bug Package: Session related
PHP Version: 5CVS-2004-07-22 (dev) OS: Windows XP
Private report: No CVE-ID: None
View Developer Edit
 [2004-07-22 11:41 UTC] olivier dot bichler at laposte dot net 
Description:
------------
session_regenerate_id() destroy the false constant : it destroy the constant sid in lower case instead of the constant in upper case...

In PHP sources :
/* if the SID constant exists, destroy it. */  zend_hash_del(EG(zend_constants), "sid", sizeof("sid"));

should maybe be

/* if the SID constant exists, destroy it. */  zend_hash_del(EG(zend_constants), "SID", sizeof("SID"));

(file session.c)

(Please excuse me for my bad english ;-))

Reproduce code:
---------------
<?php
define('sid', 'essai');

session_start();
session_regenerate_id();

echo SID."\n";
echo sid;
?>

Expected result:
----------------
jg9vejq8p3e15lfu34vbouc6j3
essai

Actual result:
--------------
Notice: Constant SID already defined in D:\essai.php on line 5

Notice: Use of undefined constant sid - assumed 'sid' in D:\essai.php on line 8
sid

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-08-02 11:02 UTC] derick@php.net 
Sascha, is he right?
 [2004-08-02 11:10 UTC] sas@php.net 
SID is not a CS constant.
 [2004-08-02 11:37 UTC] tony2001@php.net 
Sascha, but _empty_ SID constant is defined with 1 (i.e. CONST_CS).
See ext/session/session.c:1063
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Oct 24 15:00:01 2025 UTC