php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #78155 session_start doesn't create session
Submitted: 2019-06-13 08:09 UTC Modified: 2021-09-28 14:25 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: liangjian at oliveche dot com Assigned:
Status: Open Package: Session related
PHP Version: 7.2.19 OS: CentOS 7
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
28 - 11 = ?
Subscribe to this entry?

 
 [2019-06-13 08:09 UTC] liangjian at oliveche dot com 
Description:
------------
---
From manual page: https://php.net/function.session-start
---
Request A and B are sent from the same browser at the same time (A prior to B) and use the same cookie.
A destroys session and B writes session in sequence.
B is blocked on 'session_start' and resumes after A destroys the session, but it does not create session or save the session variables.



Test script:
---------------
request A:
        session_start();
        sleep(5);
        session_destroy();

request B:
        // B will be blocked by A on the session file
        session_start(); // !!!return ok but not session file!!!
        // resume until A destroys(releases) it. but no session file and the 'uid' cannot save.
        $_SESSION["uid"] = 1;
        


Expected result:
----------------
The session file exists and session variable 'uid' is saved.

Actual result:
--------------
No session file.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-09-28 14:25 UTC] cmb@php.net 
What happens: request A creates the session file, and locks it,
and then sleeps.  Now request B opens the file, but waits for it
to be unlocked.  When request A ends sleeping, it destroys the
file, so request B gets access, but the file is already unlinked,
so whatever is written to the file is effectively lost.

It seems to me that cannot be cleanly solved without having a
separate lock file.  Maybe document this issue instead?
 [2021-09-28 14:29 UTC] cmb@php.net 
Related To: Bug #69127
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 16 06:01:30 2024 UTC