Hi, On Sun, Sep 21, 2014 at 3:12 AM, Tjerk Meesters <tjerk.meest...@gmail.com> wrote: > >> On 20 Sep, 2014, at 11:35 pm, Florian Margaine <flor...@margaine.com> wrote: >> >> Hi list, >> >> I saw this interesting bug: https://bugs.php.net/bug.php?id=68063 >> >> Basically, if `session_id('')` is run before `session_start()`, weird >> things happen. >> >> The bug reporter proposes 2 ways to fix this: >> >> - `session_start()` should silently fix the situation > > I would opt for this, if an invalid session id is given a warning should be > emitted and a new id generated. > >> - or `session_start()` should noisely fail >> >> Both solutions look fine to me, but I'm not sure what PHP should do. Should >> it be resilient and silently fix the situation? >> >> Regards, >> >> *Florian Margaine*
A warning triggered by a session_id() might make sense, but not if it is the cookie that's invalid. Cheers, Andrey. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
