php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47483 session_set_save_handler() without session_start() causes issues in IE7
Submitted: 2009-02-23 14:31 UTC Modified: 2009-03-09 01:00 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: watermark86 at gmail dot com Assigned:
Status: No Feedback Package: Session related
PHP Version: 5.2.8 OS: Ubuntu 8.04 x32
Private report: No CVE-ID: None
 [2009-02-23 14:31 UTC] watermark86 at gmail dot com
Description:
------------
Calling session_set_save_handler without calling session_start later will cause IE 7 to report that the website is having network problems.  The site will work in all other browsers, including IE8.  Disabled the great "Friendly HTTP errors" which lead to the same error.

Reproduce code:
---------------
class SessionManager {

	private $life_time;
	private $db;

	public function __construct() {
		// Read the maxlifetime setting from PHP
		$this->life_time = get_cfg_var("session.gc_maxlifetime");
		ini_set('session.gc_probability','1');

		// Register this object as the session handler
		session_set_save_handler( 
			array( &$this, "open" ), 
			array( &$this, "close" ),
			array( &$this, "read" ),
			array( &$this, "write"),
			array( &$this, "destroy"),
			array( &$this, "gc" )
		);
	}
   
	public function open() {
		global $dbhost, $dbuser, $dbpass, $dbname;
		//get a seperate connection for session management
		$this->db = new sql_db($dbhost, $dbuser, $dbpass, $dbname);
	}
	
	public function close() {
		//close the connection
		$this->db->close();
	}
	
	public function read($sessionid) {
		global $dbprefix;
		$this->cleanSQL($sessionid);
		$id = $this->db->query(
		"SELECT
			data
		FROM
			{$dbprefix}sessions
		WHERE
			sessionid='{$sessionid}'
			AND expire > UNIX_TIMESTAMP()
		");
		if( $this->db->numrows() == 0 ) return '';
		else {
			$row = $this->db->fetchrow(0,MYSQLI_ASSOC);
			return $row['data'];
		}
	}

	public function write($sessionid, $data) {
		global $dbprefix;
		$this->cleanSQL($sessionid);
		$this->cleanSQL($data);
		$time = time() + $this->life_time;
		$this->db->query(
		"REPLACE
			{$dbprefix}sessions
		(sessionid,data,expire)
		VALUES
		(
			'{$sessionid}',
			'{$data}',
			'{$time}'
		)
		");
		return TRUE;
	}
	
	public function destroy( $sessionid ) {
		global $dbprefix;
		$this->cleanSQL($sessionid);
		$this->db->query(
		"DELETE FROM
			{$dbprefix}sessions
		WHERE
			sessionid='{$sessionid}'
		");
		return true;
	}
	
	public function gc() {
		global $dbprefix;
		$this->db->query(
		"DELETE FROM
			{$dbprefix}sessions
		WHERE
			expire < UNIX_TIMESTAMP()
		");
         return true;
	}
	
	private function cleanSQL(&$var) {
		$var = mysql_real_escape_string($var);
	}
}

$sessionmanager = new SessionManager();
echo 'it works';

Expected result:
----------------
Will print "it works" in all browsers.

Actual result:
--------------
Prints "it works" in all browsers except IE7 (Unknown if IE6 is affected.)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-03-01 22:00 UTC] jani@php.net
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.



 [2009-03-09 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 27 03:01:28 2024 UTC