Description:
------------
If session lifetime is set to other than 0 (i.e. other than expire at end of session), then this is not honoured in Firefox (1.0.2), but is in other browsers (tested in IE6, Opera 7.54, Mozilla 1.8)

Cookies set with setcookie() with non-default lifetimes expire fine.

However, manually setting a cookie with the session cookie name (i.e. setcookie("PHPSESSID", ...)) with a lifetime causes the same problems as using the session functions.


Running on Apache 2.0.52, and using original php.ini-dist settings. (Also tested in PHP 5.0.4 release)

Reproduce code:
---------------
<?php
/*
 * Note: this code assumes server time is the same as user
 * time (e.g. run from localhost).
 */

session_set_cookie_params(30);
session_start();

setcookie("test", "foo", time() + 30, "/");

/*
 * uncommenting this line and commenting out the session
 * functions produces the same problem.
 */
// setcookie("PHPSESSID", "foo", time() + 30, "/");

print_r($_COOKIE);
?>




Expected result:
----------------
In Firefox, after loading the page produced by the above code, viewing Tools->Options->Privacy->View Cookies, the list shows two cookies for the page, "test" and "PHPSESSID". They should both be shown to expire 30 seconds after the page was loaded (this behaviour can be observed in Mozilla via Tools->Cookie Manager->Manage Stored Cookies).

If the page is refreshed after more than 30 seconds, the print_r() statement should show an empty array.

Actual result:
--------------
"test" is shown as expiring 30 seconds after the page was loaded, however "PHPSESSID" is shown as expiring "at end of session".

When refreshed after more than 30 seconds, the print_r() statement still shows the existence of $_COOKIE["PHPSESSID"]. This only occurs in Firefox (out of the browsers listed above).