php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #36737 session changes unsaved with register_long_arrays off
Submitted: 2006-03-14 19:00 UTC Modified: 2006-03-28 01:00 UTC
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: morriss at r-can dot com Assigned:
Status: No Feedback Package: Session related
PHP Version: 5.1.2 OS: Windows Server 2003
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2006-03-14 19:00 UTC] morriss at r-can dot com
Description:
------------
I'm using the ISAPI filter in IIS6.
With register_long_arrays off, the session variables are not always saved.  

Note that in my example, I found that assigning $sv=$_SESSION; always breaks it, but my webpage only does assignments like $sv=$_SESSION['idx'] yet is still broken.

setting "register_long_arrays = On" in php.ini fixes the problem.

Reproduce code:
---------------
<head><title>test.php</title></head>
<html>
   <body>
      <?php
         session_start();
         $sv = $_SESSION;  //broken!
         //$sv['idx'] = $_SESSION['idx'];  //ok!

         if (isset($_SESSION['idx']))
            $i = $_SESSION['idx'] + 1;
         else
            $i = 0;

         $_SESSION['idx'] = $i;
         session_write_close();	
         echo '<p>SESSION START: '.$sv['idx'].'</p>';	
         echo '<p>SESSION END: '.$_SESSION['idx'].'</p>';	
      ?>
      <a href="test.php">test</a>
   </body>
</html>

Expected result:
----------------
SESSION START: n
SESSION END: n+1

(after clicking link)

SESSION START: n+1
SESSION END: n+2

Actual result:
--------------
SESSION START: n
SESSION END: n+1
(does not change even after clicking link. Note that older session data is kept, if idx=3 when requesting the test page, then n=3)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-03-20 23:22 UTC] tony2001@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5.1-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.1-win32-latest.zip


 [2006-03-28 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2007-01-10 08:44 UTC] tom dot bartak at gmail dot com
Hello,

I have the same problem on Linux. Calling 'session_write_close' with 'register_long_arrays = Off' in php.ini will save session data incomplete. With 'register_long_arrays = On' the data is saved completely.

Linux: 2.6.16
PHP: 5.2.0
Apache: 2.0.59

Reproduce code:
file: session.php
<?php

$systems = array();
$systems['sys1'] = array('par1' => 'val1', 'par2' => 'val2');

session_set_cookie_params ( 0 , '/' , '' , FALSE );
session_start();
setcookie( 'origin' , 'localhost' , 0 , '/' );

$_SESSION = array_merge( $systems , $_SESSION );

$_SESSION['user']['login'] = 'user02';

session_write_close();
var_dump($_SESSION);
echo '<a href="read_session.php">Continue</a>';
?>

file: read_sesssion.php
<?php

session_start();

var_dump($_SESSION);

?>


Session file bad
login|s:6:"user02";

Session file good
sys1|a:2:{s:4:"par1";s:4:"val1";s:4:"par2";s:4:"val2";}user|a:1:{s:5:"login";s:6:"user02";}
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 00:01:28 2024 UTC