PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

Using JavaScript To Call PHP Database Routines Between Windows
In Case You Missed It...The Week of June 12th, 2006
In Case You Missed It...The Week of September 12, 2005
PHP Web Blog - Part 3
Building WML Sites

[PHP-DEV] PHP 4.0 Bug #8556 Updated: start_session modify the HTTP header From: sas <email protected>
Date: 02/20/01

Next message: phpbug01 <email protected>: "[PHP-DEV] PHP 4.0 Bug #9356: settype thinks 0.2 and (1.2 - 1) have different values"
Previous message: Edin Kadribasic: "[PHP-DEV] Bugs #9040, #9013, #8992, #8962, #8732, #8466"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ID: 8556
Updated by: sas
Reported By: georges.dagousset <email protected>
Old-Status: Open
Status: Closed
Bug Type: *Session related
Assigned To:
Comments:

Regardless of whether the session id is transmitted by a cookie or the URL, the output of the PHP script is by default supposed to be non-cachable.

If you think a client can cache the content of the page, change the session.cache_limiter configuration variable appropiately.

Previous Comments:
---------------------------------------------------------------------------

[2001-01-04 16:11:45] georges.dagousset <email protected>
This related to bug #8073

You are right when you said it is necessary to send a header with no-cache when php send a cookie.
But I think it is not normal to change the header when php sends no cookie.

So I changed the code:
before
...
if (send_cookie)
php_session_send_cookie(PSLS_C);

if (define_sid) {
char *buf;

  buf = emalloc(strlen(PS(session_name)) + strlen(PS(id)) + 5);
  sprintf(buf, "%s=%s", PS(session_name), PS(id));
  REGISTER_STRING_CONSTANT("SID", buf, 0);
} else
  REGISTER_STRING_CONSTANT("SID", empty_string, 0);
PS(define_sid) = define_sid;

PS(nr_open_sessions)++;

php_session_cache_limiter(PSLS_C);
php_session_initialize(PSLS_C);
...

after the change
...
if (send_cookie) {
  php_session_send_cookie(PSLS_C);
  php_session_cache_limiter(PSLS_C);
}

if (define_sid) {
  char *buf;

PS(nr_open_sessions)++;

php_session_initialize(PSLS_C);
...

With this modification the no-cache header is send only once. Maybe the modification is made a wrong way!?

Georges Dagousset
France
:-)

---------------------------------------------------------------------------

ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at http://bugs.php.net/?id=8556&edit=2

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

Next message: phpbug01 <email protected>: "[PHP-DEV] PHP 4.0 Bug #9356: settype thinks 0.2 and (1.2 - 1) have different values"
Previous message: Edin Kadribasic: "[PHP-DEV] Bugs #9040, #9013, #8992, #8962, #8732, #8466"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]