From: bobka at bigfoot dot com
Operating system: Linux
PHP version: 5.2.6
PHP Bug Type: Session related
Bug description: Serializing of ArrayIterator extended Objects
Description:
------------
This is a very special case.
If an object of class that extends ArrayIterator is saved in session data
and the class definition is not available in a later call, then the session
data gets corrupted.
Call the example code three times to see the bug.
Reproduce code:
---------------
<?php
// start session
session_start();
// display session data
echo "<pre>".print_r($_SESSION,true)."</pre><br>";
// already initialized?
if (!isset($_SESSION['first']))
{
// bug occures only if the class is not defined later
// and only if it extends ArrayIterator
class my_array extends ArrayIterator
{
}
$_SESSION['first'] = "The first entry is ok";
$t = new my_array();
// at least one member needed
$t[] = "this gets lost";
$_SESSION['killer'] = $t;
$_SESSION['this_is_going_to_be_messed_up'] = "The value of the entry is
ok";
$_SESSION['last'] = "The last entry is ok";
}
Expected result:
----------------
At first call:
Array
(
)
At second call:
Array
(
[first] => The first entry is ok
[killer] => __PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => my_array
[0] => this gets lost
)
[this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
At third call
Array
(
[first] => The first entry is ok
[killer] => __PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => my_array
[0] => this gets lost
)
[this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
Actual result:
--------------
At third call:
Notice: session_start() [function.session-start]: Unexpected end of
serialized data in test.php on line 3
Array
(
[first] => The first entry is ok
[killer] =>
[}this_is_going_to_be_messed_up] => The value of the entry is ok
[last] => The last entry is ok
)
--
Edit bug report at http://bugs.php.net/?id=45706&edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=45706&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=45706&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=45706&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=45706&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=45706&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=45706&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=45706&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=45706&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=45706&r=support
Expected behavior: http://bugs.php.net/fix.php?id=45706&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=45706&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=45706&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=45706&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=45706&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=45706&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=45706&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=45706&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=45706&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=45706&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=45706&r=mysqlcfg
