|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2000-10-03 03:04 UTC] waldschrott@php.net
[2000-10-28 23:42 UTC] sniper@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Mon May 06 08:01:33 2024 UTC |
Hi folks, In version 4.0.1pl2 the functions "session_destroy" and "session_unregister" do not work as expected. If I for example want to destroy unused session data and - after starting a session - try to delete this session there is not reaction (i.e. unlinking the session file). This function already does not work in earlier releases properly. So I unlink the file with a user function for destroying the session data. New in version 4.0.1pl2 is a bug in "session_unregister". While this works fine in the betas of php4 the latest version is unable to unregister session variables. Below you see the code, which is part of a class. This is the code that I used under php4rc2 and that always works fine until php4pl2: function Logout($login_url) { session_name("HCSESSION"); session_start(); $id = session_id(); $path = session_save_path(); # session_unregister("HCUSERNAME"); # session_unregister("HCLASTNAME"); # session_unregister("HCFIRSTNAME"); # session_unregister("HCMAILADDRESS"); # session_unregister("HCEDITMODE"); session_destroy(); unlink("$path/sess_$id"); if (trim($login_url)) { header("Location: $login_url"); exit; } return $id; } For the security of session handling I wood be glad if you can find a solution for this bug. Thanks a lot Klaus Habeck