php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #6837 Incorrect behaviour of echo with trans-sid enabled end session_start()
Submitted: 2000-09-21 18:32 UTC Modified: 2000-10-02 20:35 UTC
From: keks at rbcmail dot ru Assigned:
Status: Closed Package: Session related
PHP Version: 4.0 Latest CVS (21/09/2000) OS: RedHat 6.2, 2.2.16
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2000-09-21 18:32 UTC] keks at rbcmail dot ru 
This small example
<?
session_start();
echo "<html><body>";
$href="bugs.php.net";
echo "<a href='$href'>bugs.php.net</a>";
echo "</body></html>";
exit;
?>
produces a bit unexpected output.
Notice additional double quotes aroud link string.
I think it's the problem of URL parser used while --enable-trans-sid, since without session_start() its output is normal.

*** START OF OUTPUT ***
<html><body>
<a href="'bugs.php.net'? PHPSESSID=5e3faeaf95fd83a2df2288b804a55604">bugs.php.net
</a>
</body></html>
*** END OF OUTPUT ***

PHP was compiled with following options
Apache is 1.3.12
--with-gd \
--with-calendar \
--enable-track-vars \
--enable-trans-sid \
--with-config-file-path=/etc

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-09-21 18:36 UTC] keks at rbcmail dot ru 
Also, parser add double quotes around any HTML elements, not only links.
For example echo "<input type=text value='$myvalue'>"
produces output like this
<input type="text" value="'value'">
 [2000-09-30 02:19 UTC] sas@php.net 
I've added single quotes support a couple of days ago. Please try again.
 [2000-10-02 20:35 UTC] keks at rbcmail dot ru 
It works just fine.
Now I have no core dumps while trans SID enabled and quotes, both singl and double, also handled in a rigth way.
Thank you !
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 13:01:30 2024 UTC