|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2007-08-21 23:10 UTC] g dot schuster at laxit dot com
[2007-08-22 09:05 UTC] jani@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu May 16 23:01:30 2024 UTC |
Description: ------------ Keeping track of the session ID fails due to refere_check when a link is clicked even if session.refere_check is disabled in the global AND in the local config. phpinfo() correctly states session.referer_check=0 for both global and local config. If you add the URL parameters (NOT the session id parameters!) to the URL and hit "Enter" everything works fine because, in my case, FireFox doesn't send a referer. Problem can be solved if ini_set('session.referer_check', FALSE); is set in the script. Reproduce code: --------------- http://www.laxit.com/tmp_files/phpbug/session_bug.html http://www.laxit.com/tmp_files/phpbug/phpinfo.html Expected result: ---------------- Session keeps state and doesn't check for referer if session.referer_check=0 Actual result: -------------- session_id($_REQUEST[session_name()]); session_start(); creates a new session because it doesn't respect the session.refere_check=0