php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #65795 session_start() returns TRUE if session fails to start
Submitted: 2013-10-01 07:32 UTC Modified: 2021-06-09 11:53 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: interrobang at noicq dot org Assigned: cmb (profile)
Status: Closed Package: memcached (PECL)
PHP Version: Irrelevant OS: Debian Squeeze
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: interrobang at noicq dot org
New email:
PHP Version: OS:

 

 [2013-10-01 07:32 UTC] interrobang at noicq dot org
Description:
------------
session_start(); returns TRUE if PHP configured to use mamcached instead of session files and memcached is down/not reachable.

Package php5-cgi:
PHP 5.3.3-7+squeeze17

Package memcached:
Version: 1.4.5-1

Package php5-memcached:
Version: 1.0.2-1+squeeze2

PHP config:
session.save_handler = memcached
session.save_path = "localhost:11211"

Test script:
---------------
$r = session_start();var_dump($r);die();

Expected result:
----------------
bool(false)
Warning: Unknown: Failed to write session data (memcached). Please verify that the current setting of session.save_path is correct (localhost:11211) in Unknown on line 0

Actual result:
--------------
bool(true)
Warning: Unknown: Failed to write session data (memcached). Please verify that the current setting of session.save_path is correct (localhost:11211) in Unknown on line 0


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-10-01 17:39 UTC] aharvey@php.net
-Package: *General Issues +Package: memcached
 [2016-04-04 21:20 UTC] woolardfa at appstate dot edu
additionally, the when configured to used memcached for a session store, the session_start() method will return true when the attempt to add the "lock" value has timed out due to collision (retries are exhausted), and return an empty $_SESSION superglobal. When session_write_close() is called, the second page request then clobbers the session data that was present and being used by the first page request.
 [2021-06-09 11:53 UTC] cmb@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
 [2021-06-09 11:53 UTC] cmb@php.net
The memcached bug tracker is now on Github[1].  If this is still
an issue with the current memcached version, please report there.

[1] <https://github.com/php-memcached-dev/php-memcached/issues>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 18:02:35 2024 UTC