Non-cookie mode bug in session.inc WasRe: [PHPLIB] making an auth that uses LDAP From: Sam C. Nicholson !! (scion <email protected>)
Date: 11/02/99

A-ha!

I have found one of my problems. I started going through the cvs
diffs, and trying each session.inc in turn backwards until one
worked.

NB, Things went badly when I turned off cookies in my netscape.
With cookies on, things are OK (well at least for sessions) even
at 1.51 of session.inc.

The changes introduced in 1.44 of session.inc render it unable to
deal without having cookies enabled in the browser. I.e. the
?Classname=<session> url construct stopped working.

I can't find anything in the check-in notes or in-line docs that
indicates that this was intended, so I believe it to be a bug.

Ah, and here it is:

line 404: (Just as it said in the warning:) (repeated below)

In function, release_token(), the else clause calls header().
However, all the other calls to header() were bundled up in
put_headers(). Now, in start(), release_token() is called
before put_headers(), so on the face things should still be
in order, but in practice and without cookies, this turns out
not to be the case.

Regards,
- -sam

Warning: Uninitialized variable or array index or property (sid) in session.inc on line 396

Warning: Uninitialized variable in session.inc on line 96

Warning: Oops, php3_SetCookie called after header has been sent in session.inc on line 120

Warning: Cannot add more header information - the header was already sent (header information may be added only before any output is generated from the script - check for text or whitespace outside PHP tags, or calls to functions that output text) in session.inc on line 404

-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.