php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80906 session.use_cookies = false still require not sent headers
Submitted: 2021-03-25 14:01 UTC Modified: 2021-03-25 15:28 UTC
Votes:2
Avg. Score:2.0 ± 1.0
Reproduced:0 of 0 (0.0%)
From: sailormax at inbox dot lv Assigned:
Status: Open Package: Session related
PHP Version: 8.0.3 OS: Any
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
24 + 25 = ?
Subscribe to this entry?

 
 [2021-03-25 14:01 UTC] sailormax at inbox dot lv
Description:
------------
If try to setup session-functions to work without cookies, they still doesn't work when headers have already been sent

Test script:
---------------
<?
  print "foo";
  ini_set("session.use_cookies", 0);
  session_name("myname");
?>

Expected result:
----------------
foo


if user turn off "session.use_cookies", php has not to check headers in ini_set() and in any session-functions.

Actual result:
--------------
foo
Warning: ini_set(): Session ini settings cannot be changed after headers have already been sent in D:\foo.php on line 3

Warning: session_name(): Session name cannot be changed after headers have already been sent in D:\foo.php on line 4

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-03-25 14:07 UTC] rtrtrtrtrt at dfdfdfdf dot dfd
you simply change the setting way too late
 [2021-03-25 15:28 UTC] cmb@php.net
I'd rather make session.use_cookies mandatory, than making the
session handling more complex to support this scenario.
 [2021-07-09 08:09 UTC] sailormax at inbox dot lv
PHP has possibility to setup own handles for work with sessions => he can change it work to solution without cookies => we need session-functions without any checks.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Sep 19 12:03:36 2021 UTC