ID: 15884
Updated by: [EMAIL PROTECTED]
-Summary: session_unregister does not work when followed by
header("Location: ...")
Reported By: [EMAIL PROTECTED]
-Status: Feedback
+Status: Open
Bug Type: Session related
Operating System: Linux
PHP Version: 4.1.2
New Comment:
> You must provide short & complete script.
> It sounds like your bug to me.
Well this issue is very to reproduce so I thought providing a script
wont be necessary. Anyway the following set of scripts will expose the
bug.
Please note that including the session handler will not be necessary if
you are not running user-defined session handlers (php.ini setting)
An explanation on how to use the scripts is below
-----------------
file: include.php
<?
if (!$pgsql_session_table)
include("/path/to/pgsql_session_handler.php");
session_start();
?>
-----------------
file: t1.php
<?
include("include.php");
$myvar = "hello";
session_register("myvar");
?>
<A HREF="t2.php">t2</A>
-----------------
file: t2.php
<?
include("include.php");
echo "myvar: $myvar<BR>";
?>
<A HREF="t3.php">t3</A>
-----------------
file: t3.php
<?
include("include.php");
session_unregister("myvar");
header("Location: t2.php");
?>
<A HREF="t2.php">t2</A>
-----------------
Observed behaviour:
t1 registers $myvar and displays link to t2. Follow this link
t2 shows value of $myvar and displays link to t3. Follow this link
t3 unregisters $myvar and uses header("Location: ") to redirect you to
t2
t2 shows value of $myvar - it is still "hello"
The behaviour in the last step is incorrect - since $myvar was
unregistred, its value should have been deleted from the session but
obiously is not
When you comment out the line starting with "header" in t3.php and do
the first two steps above and then click the link t3 shows $myvar will
get unregistred properly. This is why the bug has the title
"session_unregister does not work when followed by header("Location:
...")"
btw: The reason for this is not the session-handler I use, php simply
does not call the "pgsql_session_write" function if session_unregister
is followed by a header("Location: ...") statement.
best regards,
Jochen
Previous Comments:
------------------------------------------------------------------------
[2002-03-06 03:04:01] [EMAIL PROTECTED]
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php
If you can provide more information, feel free to add it
to this bug and change the status back to "Open".
You must provide short & complete script.
It sounds like your bug to me.
------------------------------------------------------------------------
[2002-03-05 12:32:08] [EMAIL PROTECTED]
When followed by a
header("Location: ...");
statement session_unregister does not get properly executed.
Reproduce: Take any script that has a session_unregister in it, put a
header("Location: ...") under this statement, and see if unregistered
var gets deleted from session-storage (it does not)
Now put a session_write_close() in front of the header-statement and
watch it work properly.
If you have trouble reproducing this please don't hesitate to contact
me.
My setup:
User-Defined Session-Handler: pgsql_session_handler latest version
PHP compiled with:
./configure' '--with-mysql=/usr/local/mysql' '--with-pgsql'
'--with-ldap' '--enable-trans-sid' '--with-gd'
Exact same setup worked with php4.0.6, did not work after upgrade to
4.1.2
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=15884&edit=1
