php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #76540 session_start() fails if headers already sent
Submitted: 2018-06-28 09:56 UTC Modified: 2018-06-28 17:00 UTC
Votes:1
Avg. Score:1.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: tony at marston-home dot demon dot co dot uk Assigned:
Status: Not a bug Package: Session related
PHP Version: 7.2.7 OS: Windows 10
Private report: No CVE-ID: None
View Developer Edit
 [2018-06-28 09:56 UTC] tony at marston-home dot demon dot co dot uk 
Description:
------------
When running a script in CLI mode I cannot open a new session if any headers have already been sent. According to bug #28923 the original message concerned the session cookie, but cookies are only used when running the script in a browser. If I am running in CLI mode there is no browser, so cookies should be irrelevant, which means that session_start() should not fail.

Test script:
---------------
<?
flush();
session_start();
echo "here";
?>


Expected result:
----------------
Do not get warning.

Actual result:
--------------
session_start(): cannot start session when headers already sent

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-06-28 10:04 UTC] krakjoe@php.net
-Status: Open +Status: Not a bug
 [2018-06-28 10:04 UTC] krakjoe@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
 [2018-06-28 10:33 UTC] spam2 at rhsoft dot net 
if(PHP_SAPI !== 'cli' && headers_sent() === false)
{
 session_start();
}
 [2018-06-28 10:38 UTC] tony at marston-home dot demon dot co dot uk 
Excuse me, but this *IS* a bug. When running PHP in CLI mode the use of cookies is irrelevant. They are only relevant when running PHP through a browser. When the script starts in CLI mode the $_COOKIE array is empty, and any cookies that are created are lost when the script terminates as they cannot be passed on to another script. The check for headers/cookies already sent can therefore be safely skipped when running in CLI mode.
 [2018-06-28 10:42 UTC] spam2 at rhsoft dot net 
yes it's a bug in your code and/or config

"session.use_cookies = 1" don't make any sense within a CLI script as well as session_start() at all in most cases
 [2018-06-28 17:00 UTC] tony at marston-home dot demon dot co dot uk 
You are correct. "session.use_cookies = 0" did the trick.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Jul 04 11:01:37 2025 UTC