PHP issue on FreeBSD
From: Michael R. Wayne (wayne_at_staff.msen.com)
Date: 05/25/04
- Previous message: exim_at_scms.waikato.ac.nz: "Rejected: Hi"
- Next in thread: Andrew Karjagin: "Re: PHP issue on FreeBSD"
- Reply: Andrew Karjagin: "Re: PHP issue on FreeBSD"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: freebsd-isp@freebsd.org Date: Tue, 25 May 2004 14:00:05 -0400
I'm mentioning this here becasue the PHP list seems not to have a
clue and I had someone test this on both Mac and Linux and it works
OK there.
I updated a jail running on FreeBSD 4.8 from Apache 1.3.26 PHP 4.1.2
to Apache 1.3.31 PHP 4.3.6 and sessions broke. All the gory details
are included below from a post I made to the PHP list. I'm looking
for ideas as to how to debug this, ANY clues would be appreciated.
/\/\ \/\/
Session support worked fine in 4.1.2. It's broken in 4.3.4 and 4.3.6.
The relevant session variables are:
Session Support enabled (as per phpinfo)
session.auto_start On or Off (makes no difference)
session.use_cookies Off <- not using cookies
session.name PHPSESSID
session.use_trans_sid Off (trans_sid worked with forms in 4.1.2)
session.gc_maxlifetime 1440
Other things people have asked about:
url_rewriter.tags a=href,area=href,frame=src,input=src,form=fakeentry
Environment
FreeBSD 4.8, Apache/1.3.31 (Unix) PHP/4.3.6 mod_ssl/2.8.17 OpenSSL/0.9.7d
The session directory is writable and the files are getting properly
written to that directory as shown below.
I invoke the script from a browser and see the following:
Stage:0 SessionID: 509012dd5633cba355c270f3934d1201
_______ [Submit]
Stage:1 SessionID: 509012dd5633cba355c270f3934d1201
Request: Array ( )
GET: Array ( ) POST: Array ( [field] => ) COOKIE: Array ( )
Checking the session directory, I see an appropriately named file:
-rw------- 1 nobody msen 10 May 25 12:00 sess_509012dd5633cba355c270f3934d1201
containing
stage|i:1;
The Apache log contains two lines. The first does not contain the
browser version and the second one does:
"GET /g/xxx.php HTTP/1.0"
"GET /g/xxx.php HTTP/1.0" 200 476 "-" "Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows 98) Opera 7.02 [en]"
So I enter foo in the form and hit Submit. The browser screen shows
that the script failed to use the session variable, but it remembers
it:
Stage:0 SessionID: d7002911afdc01a5218e06af2b8f02ad
foo____ [Submit]
Stage:1 SessionID: d7002911afdc01a5218e06af2b8f02ad
Request: Array ( [PHPSESSID] => 509012dd5633cba355c270f3934d1201 [field] => foo )
GET: Array ( [PHPSESSID] => 509012dd5633cba355c270f3934d1201 ) POST: Array ( [field] => foo ) COOKIE: Array ( )
The session directory now contains TWO files:
-rw------- 1 nobody msen 10 May 25 12:00 sess_509012dd5633cba355c270f3934d1201
-rw------- 1 nobody msen 10 May 25 12:03 sess_d7002911afdc01a5218e06af2b8f02ad
each containing:
stage|i:1;
and the Apache log once again has two lines. The browser has passed back
the original session ID but PHP has ignored it and assigned a new one.
"POST /g/xxx.php?PHPSESSID=509012dd5633cba355c270f3934d1201 HTTP/1.0" 200 605
"POST /g/xxx.php?PHPSESSID=509012dd5633cba355c270f3934d1201 HTTP/1.0" 200 605 "http://SERVER/xxx.php" "Mozilla/4.0 (compatible; MSIE 5.0; Windows 2000) Opera 6.05 [en]"
Now, I hit Submit once more and PHP does manage to re-use the session! And it
will continue to do so until the script is re-invoked by another browser:
Stage:1 SessionID: d7002911afdc01a5218e06af2b8f02ad
foo____ [Submit]
Stage:1 SessionID: d7002911afdc01a5218e06af2b8f02ad
Request: Array ( [PHPSESSID] => d7002911afdc01a5218e06af2b8f02ad [field] => foo )
GET: Array ( [PHPSESSID] => d7002911afdc01a5218e06af2b8f02ad ) POST: Array ( [field] => foo ) COOKIE: Array ( )
the session directory remains unchanged other than access time on the
reused session:
-rw------- 1 nobody msen 10 May 25 12:00 sess_509012dd5633cba355c270f3934d1201
-rw------- 1 nobody msen 10 May 25 12:13 sess_d7002911afdc01a5218e06af2b8f02ad
each containing:
stage|i:1;
The Apache log once again contains two lines:
"POST /g/xxx.php?PHPSESSID=d7002911afdc01a5218e06af2b8f02ad HTTP/1.0" 200 605
"POST /g/xxx.php?PHPSESSID=d7002911afdc01a5218e06af2b8f02ad HTTP/1.0" 200 605 "http://SERVER/xxx.php?PHPSESSID=509012dd5633cba355c270f3934d1201" "Mozilla/4.0 (compatible; MSIE 5.0; Windows 2000) Opera 6.05 [en]"
And, finally, here is the test script. Install it as xxx.php if you want to test it:
<?
if (!session_id()) session_start();
if (!isset($_SESSION['stage'])) $_SESSION['stage'] = 0;
if (!isset($_POST['field'])) $_POST['field'] = "";
?>
<html><head><title>PHP Test page</title></head><body>
<?
echo "Stage:"; echo $_SESSION['stage'];
echo " SessionID: "; echo session_id();
$_SESSION['stage'] = 1;
?>
<form method="post" action="xxx.php?<?= SID; ?>">
<input type="text" maxlength="7" size="7" name="field" value="<?echo $_POST['field']?>">
<input type="submit" value="Submit">
</form>
<?
echo "Stage:"; echo $_SESSION['stage']; echo " ";
echo " SessionID: "; echo session_id(); echo "<br>";
echo " Request: "; print_r($_REQUEST);
echo "<br>GET: "; print_r($_GET); echo " POST: "; print_r($_POST); echo " COOKIE: "; print_r($_COOKIE);
?>
</body></html>
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: exim_at_scms.waikato.ac.nz: "Rejected: Hi"
- Next in thread: Andrew Karjagin: "Re: PHP issue on FreeBSD"
- Reply: Andrew Karjagin: "Re: PHP issue on FreeBSD"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
