ID: 47395 Comment by: tdtwisteruk at hotmail dot com Reported By: tdtwisteruk at hotmal dot com Status: Feedback Bug Type: Session related Operating System: linux PHP Version: 5.2CVS-2009-02-15 (CVS) New Comment:
Yes you are actually right. It is fixed on the csv repository. Sorry I bother you. Next time I will check better. Previous Comments: ------------------------------------------------------------------------ [2009-02-16 09:00:40] tdtwisteruk at hotmail dot com No the actual test was done in php 5.2.8. ------------------------------------------------------------------------ [2009-02-15 21:44:19] scott...@php.net Pretty sure I fixed this in December, did you really test a CVS snapshot? http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.44&r2=1.417.2.8.2.45&pathrev=PHP_5_2&view=patch ------------------------------------------------------------------------ [2009-02-15 19:51:42] tdtwisteuk at hotmail dot com It appears that the browser behavior I mention earlyer was caused by domain=localhost attribute, even though I run the page from localhost. Anyway the cookie expirtion date is different from the session expiration. To fix this change line 1119 in ext/session/session.c to date_fmt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, t, 0 TSRMLS_CC); ------------------------------------------------------------------------ [2009-02-15 15:18:44] tdtwisteuk at hotmail dot com The problem appear to be related with the bugfix #31583. quoting NEWS "Fixed bug #31583 (php_std_date() uses short day names in non-y2k_compliance mode). (mike at php dot net)" The php_std_date function is used to form the session date instead of the strcpy_gmt() in the session.c file ------------------------------------------------------------------------ [2009-02-15 14:58:33] tdtwisteruk at hotmal dot com Description: ------------ The problem appear to be the wrong formating of the expiration date that cause meny browsers to ignore the session cookie. I think I have manage to track the bug. It appears to be on the file /ext/session/session.c line 1119. I am currently working on a patch. It should be trivial. Reproduce code: --------------- session_set_cookie_params( $lifetime, $path, $domain, $isSecure, $httponly ); session_start(); Expected result: ---------------- frontend=90b770550657dbe845656805a1e9bfe0; expires=Sun, 15-Feb-09 15:53:53 GMT; path=/magento; domain=localhost; HttpOnly Actual result: -------------- frontend=90b770550657dbe845656805a1e9bfe0; expires=Sunday, 15-Feb-09 15:53:53 GMT; path=/magento; domain=localhost; HttpOnly ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=47395&edit=1
