php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #65795 session_start() returns TRUE if session fails to start
Submitted: 2013-10-01 07:32 UTC Modified: 2021-06-09 11:53 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: interrobang at noicq dot org Assigned: cmb (profile)
Status: Closed Package: memcached (PECL)
PHP Version: Irrelevant OS: Debian Squeeze
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: interrobang at noicq dot org
New email:
PHP Version: OS:

 

 [2013-10-01 07:32 UTC] interrobang at noicq dot org
Description:
------------
session_start(); returns TRUE if PHP configured to use mamcached instead of session files and memcached is down/not reachable.

Package php5-cgi:
PHP 5.3.3-7+squeeze17

Package memcached:
Version: 1.4.5-1

Package php5-memcached:
Version: 1.0.2-1+squeeze2

PHP config:
session.save_handler = memcached
session.save_path = "localhost:11211"

Test script:
---------------
$r = session_start();var_dump($r);die();

Expected result:
----------------
bool(false)
Warning: Unknown: Failed to write session data (memcached). Please verify that the current setting of session.save_path is correct (localhost:11211) in Unknown on line 0

Actual result:
--------------
bool(true)
Warning: Unknown: Failed to write session data (memcached). Please verify that the current setting of session.save_path is correct (localhost:11211) in Unknown on line 0


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2013-10-01 17:39 UTC] aharvey@php.net
-Package: *General Issues +Package: memcached
 [2016-04-04 21:20 UTC] woolardfa at appstate dot edu
additionally, the when configured to used memcached for a session store, the session_start() method will return true when the attempt to add the "lock" value has timed out due to collision (retries are exhausted), and return an empty $_SESSION superglobal. When session_write_close() is called, the second page request then clobbers the session data that was present and being used by the first page request.
 [2021-06-09 11:53 UTC] cmb@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
 [2021-06-09 11:53 UTC] cmb@php.net
The memcached bug tracker is now on Github[1].  If this is still
an issue with the current memcached version, please report there.

[1] <https://github.com/php-memcached-dev/php-memcached/issues>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 02:01:29 2024 UTC