php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #36459 Incorrect adding PHPSESSID to links, which contains \r\n
Submitted: 2006-02-20 10:39 UTC Modified: 2006-02-28 15:47 UTC
From: muhtarov at oviont dot ru Assigned:
Status: Closed Package: Session related
PHP Version: 5.1.2 OS: Windows 2000 SP4
Private report: No CVE-ID:
 [2006-02-20 10:39 UTC] muhtarov at oviont dot ru
Description:
------------
There is problem while adding PHPSESSID to links, which contain \r\n after some attribute.

Part of my .htaccess file:

php_value session.use_trans_sid 1
php_value session.name "sid"


Reproduce code:
---------------
<a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2"
&sid=brvsemsd03-ynw9wn4
style="font: normal 9pt Times New Roman">test</a>

Expected result:
----------------
<a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2&sid=brvsemsd03-ynw9wn4"
style="font: normal 9pt Times New Roman">test</a>


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-02-20 15:25 UTC] mike@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc.

If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.


 [2006-02-21 09:27 UTC] muhtarov at oviont dot ru
<?php

/**
 * Bug #36459 Incorrect adding PHPSESSID to links, which contains \r\n
 *
 * @link    http://bugs.php.net/bug.php?id=36459
 * @charset ANSI
 */

error_reporting(E_ALL);
ini_set('session.use_trans_sid', 1);
ini_set('session.use_cookies', 0);
ini_set('session.name', 'sid');
session_start();

?>
<html>
  <head>
    <title>Bug #36459 Incorrect adding PHPSESSID to links, which contains \r\n</title>
  </head>
  <body>
    <p>See source html code</p>
    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2"
       style="font: normal 11pt Times New Roman">incorrect link</a><br />
    <br />
    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2" style="font: normal 11pt Times New Roman">correct link</a>
  </body>
</html>
 [2006-02-21 13:58 UTC] mike@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.1-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.1-win32-latest.zip

Works as expected for me.
 [2006-02-22 10:13 UTC] muhtarov at oviont dot ru
I used CVS snapshot.
The problem still exists.

For example, I have link:
<a href="/bug/?a=1&b=2"
   class="test">test</a>

Be attentive, after attribute "href" we have \r\n\x20.
It is important!
After parsing by PHP we have incorrect tag:

<a href="/bug/?a=1&b=2"
&sid=44hj6b9kp095tocn15hqog4l73
   class="test">test</a>

But should be:
<a href="/bug/?a=1&b=2&sid=44hj6b9kp095tocn15hqog4l73"
   class="test">test</a>

--
Rinat Nasibullin
 [2006-02-22 16:41 UTC] iliaa@php.net
With the latest PHP version your reproduce script results in the following (correct) output:

<html>
  <head>
    <title>Bug #36459 Incorrect adding PHPSESSID to links, which
contains \r\n</title>
  </head>
  <body>
    <p>See source html code</p>
    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2&sid=78111a67c95dcfc3569705b24296b243"
       style="font: normal 11pt Times New Roman">incorrect link</a><br
/>
    <br />
    <a href="/b2w/www/ru/adm/pages/?action=prev&rec_id=8&pid=2&sid=78111a67c95dcfc3569705b24296b243"
style="font: normal 11pt Times New Roman">correct link</a>
  </body>

 [2006-02-26 12:34 UTC] muhtarov at oviont dot ru
Can you download this file and repeat bug test?
Please, use only binary mode!
It's important to save \r\n newlines!

http://tanyshu.ru/download/index.php.gz  (412 bytes)
 [2006-02-28 15:47 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2011-09-26 23:28 UTC] tyrael@php.net
Automatic comment from SVN on behalf of tyrael
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=317363
Log: fix #49599, the eol-style is important here, as this is a regression test for #36459
 [2012-04-18 09:48 UTC] laruence@php.net
Automatic comment on behalf of tyrael
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d1d6911949a86139b6f8e14e02b2149e071c4aea
Log: fix #49599, the eol-style is important here, as this is a regression test for #36459
 [2012-07-24 23:39 UTC] rasmus@php.net
Automatic comment on behalf of tyrael
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d1d6911949a86139b6f8e14e02b2149e071c4aea
Log: fix #49599, the eol-style is important here, as this is a regression test for #36459
 [2013-11-17 09:36 UTC] laruence@php.net
Automatic comment on behalf of tyrael
Revision: http://git.php.net/?p=php-src.git;a=commit;h=d1d6911949a86139b6f8e14e02b2149e071c4aea
Log: fix #49599, the eol-style is important here, as this is a regression test for #36459
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 03:01:55 2014 UTC