Session Data corrupted
Posted: Fri Jan 31, 2003 1:23 am
For development purposes I use local Intranet connections to IIS 5.1 on Windows XP Prof platform. Installation of PHP 4.2.2 had been done manually.
The problems occurs with CGI and ISAPI interface of the server:
Having started a session the Session ID is put in twice in the source sequence '...?<?=SID?>...' (Cookie + SID set !?).
After changing the page, the function session_id() gives the correct string, the test session_is_registered($name) says 'true', but the variable is 'undefined'.
First Page:
displays:
------------------------------------------------------------------------------------
test_index.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
session_is_registered ('test') = true (value='abcd')
next
------------------------------------------------------------------------------------
Second Page:
displays:
------------------------------------------------------------------------------------
test_start.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
HTTP_GET_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
HTTP_GET_VARS[ 'Var1' ] = 'YYY'
HTTP_COOKIE_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
Notice: Undefined variable: test in E:\...\test_start.php on line 23
session_is_registered ('test') = true (value='')
back
PHP Notice: Undefined variable: test in E:\...\test_start.php on line 23
------------------------------------------------------------------------------------
A file 'sess_PHPSESSID' has been created in Temp Folder of the server with correct data 'test|s:4:"abcd";'. The back button is coded without URL Replacement '<a href="test_index.php?&Var1=XXX">' (Cookie set !?).
If You go back again, the page displays:
------------------------------------------------------------------------------------
test_index.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
HTTP_GET_VARS[ 'Var1' ] = 'XXX'
HTTP_COOKIE_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
session_is_registered ('test') = true (value='abcd')
next
------------------------------------------------------------------------------------
Now the next button is coded without URL Replacement '<a href="test_start.php?&Var1=YYY">' (Cookie set !?). If You goon changing the pages this behavior keeps furthermore unchanged - one page sees/loads the session variables, the other one not, thus both pages know the PHPSESSID.
I have no idea how to fix this strange problem - possibly it's a matter of users and rights (IUSR_...).
Does anybody know, what to look for or what to do to clean this?
Hoping for useful hints
Achim
The problems occurs with CGI and ISAPI interface of the server:
Having started a session the Session ID is put in twice in the source sequence '...?<?=SID?>...' (Cookie + SID set !?).
After changing the page, the function session_id() gives the correct string, the test session_is_registered($name) says 'true', but the variable is 'undefined'.
First Page:
Code: Select all
<?
session_start();
$test='1234'; session_register('test');
$test='abcd';
?>
<HTML><HEAD><TITLE>Test session</TITLE></HEAD>
<BODY TEXT="#E0E0E0" LINK="#FFCC00" ALINK="#33FF00" VLINK="#FFCC00" bgcolor="#000000">
<br>
<u><i>test_index.php</i></u><br>
<br>
<?
print( "<i>session_id() = '".session_id()."'</i><br>\r\n" );
print( "<i>QUERY_STRING = '"
.((isset($QUERY_STRING))?$QUERY_STRING:'not set')."'</i><br>\r\n" );
if ($HTTP_POST_VARS)
while ( list ($key, $value) = each ($HTTP_POST_VARS) )
print( "<i>HTTP_POST_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
if ($HTTP_GET_VARS)
while ( list ($key, $value) = each ($HTTP_GET_VARS) )
print( "<i>HTTP_GET_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
if ($HTTP_COOKIE_VARS)
while ( list ($key, $value) = each ($HTTP_COOKIE_VARS) )
print( "<i>HTTP_COOKIE_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
print( "<i>session_is_registered ('test') = "
.((session_is_registered('test'))?'true':'false')
." (value='".$test."')</i><br>\r\n" );
?>
<br>
<a href="test_start.php?<?=SID?>&Var1=YYY"><b>next</b></a><br>
</BODY></HTML>------------------------------------------------------------------------------------
test_index.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
session_is_registered ('test') = true (value='abcd')
next
------------------------------------------------------------------------------------
Second Page:
Code: Select all
<?
session_start ();
?>
<html><head><title>Test session</title></HEAD>
<body TEXT="#E0E0E0" LINK="#FFCC00" ALINK="#33FF00" VLINK="#FFCC00" bgcolor="#000000">
<br>
<i><u>test_start.php</u></i><br>
<br>
<?
print( "<i>session_id() = '".session_id()."'</i><br>\r\n" );
print( "<i>QUERY_STRING = '"
.((isset($QUERY_STRING))?$QUERY_STRING:'not set')."'</i><br>\r\n" );
if ($HTTP_POST_VARS)
while ( list ($key, $value) = each ($HTTP_POST_VARS) )
print( "<i>HTTP_POST_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
if ($HTTP_GET_VARS)
while ( list ($key, $value) = each ($HTTP_GET_VARS) )
print( "<i>HTTP_GET_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
if ($HTTP_COOKIE_VARS)
while ( list ($key, $value) = each ($HTTP_COOKIE_VARS) )
print( "<i>HTTP_COOKIE_VARSї '".$key."' ] = '".$value."'</i><br>\r\n" );
print( "<i>session_is_registered ('test') = "
.((session_is_registered('test'))?'true':'false')
." (value='".$test."')</i><br>\r\n" );
?>
<br>
<a href="test_index.php?<?=SID?>&Var1=XXX"><b>back</b></a><br>
</body></html>------------------------------------------------------------------------------------
test_start.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
HTTP_GET_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
HTTP_GET_VARS[ 'Var1' ] = 'YYY'
HTTP_COOKIE_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
Notice: Undefined variable: test in E:\...\test_start.php on line 23
session_is_registered ('test') = true (value='')
back
PHP Notice: Undefined variable: test in E:\...\test_start.php on line 23
------------------------------------------------------------------------------------
A file 'sess_PHPSESSID' has been created in Temp Folder of the server with correct data 'test|s:4:"abcd";'. The back button is coded without URL Replacement '<a href="test_index.php?&Var1=XXX">' (Cookie set !?).
If You go back again, the page displays:
------------------------------------------------------------------------------------
test_index.php
session_id() = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
QUERY_STRING = 'not set'
HTTP_GET_VARS[ 'Var1' ] = 'XXX'
HTTP_COOKIE_VARS[ 'PHPSESSID' ] = 'fd78ae4d1ae9ad89583a6f7eb88a8213'
session_is_registered ('test') = true (value='abcd')
next
------------------------------------------------------------------------------------
Now the next button is coded without URL Replacement '<a href="test_start.php?&Var1=YYY">' (Cookie set !?). If You goon changing the pages this behavior keeps furthermore unchanged - one page sees/loads the session variables, the other one not, thus both pages know the PHPSESSID.
I have no idea how to fix this strange problem - possibly it's a matter of users and rights (IUSR_...).
Does anybody know, what to look for or what to do to clean this?
Hoping for useful hints
Achim