Last active
October 19, 2016 05:21
-
-
Save yohgaki/295434c924aeaaa898689b92086378e5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| ob_start(); | |
| ini_set('session.use_cookies', 1); | |
| ini_set('session.save_handler', 'files'); | |
| session_name('BUG'); | |
| session_start(); | |
| // Bug0 | |
| session_regenerate_id(true); | |
| // Bug1 | |
| header(sprintf('Set-Cookie: BUG=BUG1; expires=Sat, 03-Sep-2020 05:38:43 GMT; path=/;')); | |
| //header(sprintf('Expires: BUG=BUG1; expires=Sat, 03-Sep-2020 05:38:43 GMT; path=/;')); | |
| // Bug2 | |
| //header(sprintf('Set-Cookie: BUG=BUG2; expires=Sat, 03-Sep-2020 05:38:43 GMT; path=/;'), false); | |
| // Bug3 | |
| //setcookie('BUG', 'BUG3', time() + 12345, '/'); | |
| session_commit(); | |
| /***************** | |
| * Bug0 = OK | |
| * Bug1 = OK | |
| * Bug2 = OK | |
| * Bug3 = OK | |
| * | |
| * Bug0 + Bug1 = BUG0 is removed | |
| * Bug0 + Bug2 = OK | |
| * Bug0 + Bug3 = OK | |
| * | |
| * Bug1 + Bug2 = OK | |
| * | |
| * Bug2 + Bug3 = OK | |
| * | |
| * BUG0 + BUG1 + BUG3 = BUG0 is removed | |
| * BUG0 + BUG2 + BUG3 = OK | |
| * | |
| * From this result, there are 2 problems. | |
| * | |
| * session_regenerate_id() is OK | |
| * setcookie() is OK. | |
| * | |
| * header('something') removes Set-Cookie header blindly previously sent. (Session cache limiter headers remain. Only Set-Cookie is removed) | |
| * header('something', false) OK | |
| * | |
| * Problem is in header() | |
| * | |
| *****************/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment