#32414 [NEW]: session_start(): Cannot send session cache limiter

[d dot geels at grape dot ru]

From:             d dot geels at grape dot ru
Operating system: any
PHP version:      4.3.10
PHP Bug Type:     Output Control
Bug description:  session_start(): Cannot send session cache limiter

Description:
------------
The problem described already in user contributed noted in documentation.
Strange, that it is not yet fixed...
Also problem mentioned in http://bugs.php.net/bug.php?id=11213
==================================
laacz at laacz dot lv (28-Oct-2004 03:37)

If You are not using cookies to store session_id's, that does not mean,
that session_start() will not send any headers at all. It still sends
cache controlling information to user. For example:
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Even, if You set cache_limiter to none (via ini_set('session.use_cookies',
0) or ini_set('session.cache_limiter', 'none')), session_start() still
tries to send empty headers and that causes error message "Cannot send
session cache limiter - headers already sent". So, use output buffering,
if You need to output something before session_start(). 
==================================
even session_cache_limiter('none') doesn't work

In my case, problem is that I call session_start(), then
session_write_close() in the beginning, then send data, then call
session_start(), then session_write_close() in the function, registered on
shutdown.
There are two reasons, why I do so:
1) there are several processes, that access same session (I use
md5($_SERVER['REMOTE_ADDR']) as session_id)
2) I can't buffer output at all. Amount of data is very large, it is a
file being downloaded. It must be sent ASAP.

Reproduce code:
---------------
if(!empty($_SERVER['HTTP_RANGE'])){
        $sid = md5($_SERVER['REMOTE_ADDR']);
        ini_set('session.use_cookies', 0);
        session_cache_limiter('public'); // for IE "Open" bug
        session_id($sid);
        session_start(); //this one starts normally
        //check, if this download thread is permitted or not
        if(!empty($_SESSION['file_'.$file_id]) && $_SESSION['file_'.$file_id] >=
MAX_DOWNLOAD_THREADS){
                header('HTTP/1.1 403 Forbidden', true, 403);
                exit;
        }elseif(!isset($_SESSION['file_'.$file_id])) $_SESSION['file_'.$file_id]
= 0;
        $_SESSION['file_'.$file_id]++;
        session_write_close();
        //close session ASAP, because else other processes would be blocked

        //this function will decrement threads counter...
        function decrementCounter($sid, $file_id)
        {
//this must help us evade "Warning:  session_start(): Cannot send session
cache limiter - headers already sent"
                session_cache_limiter('none');

                session_id($sid);
                session_start(); // this is line #45
                //decrement threads counter
                $_SESSION['file_'.$file_id]--;
                session_write_close();
                //close session ASAP
        }

        //... when script finished
        register_shutdown_function('decrementCounter', $sid, $file_id);
}

Expected result:
----------------
No warnings in log file.

Actual result:
--------------
[Tue Mar 22 18:32:08 2005] [error] PHP Warning:  session_start(): Cannot
send session cache limiter - headers already sent (output started at
/home/httpd/pantech/htdocs/file.php:144) in
/home/httpd/pantech/htdocs/file.php on line 45

reproduced always, when user downloading a file

line 144 sends data to client:
echo fread( $fp, $size > READ_BLOCK_SIZE ? READ_BLOCK_SIZE : $size );


-- 
Edit bug report at http://bugs.php.net/?id=32414&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=32414&r=trysnapshot4
Try a CVS snapshot (php5.0): 
http://bugs.php.net/fix.php?id=32414&r=trysnapshot50
Try a CVS snapshot (php5.1): 
http://bugs.php.net/fix.php?id=32414&r=trysnapshot51
Fixed in CVS:                http://bugs.php.net/fix.php?id=32414&r=fixedcvs
Fixed in release:            http://bugs.php.net/fix.php?id=32414&r=alreadyfixed
Need backtrace:              http://bugs.php.net/fix.php?id=32414&r=needtrace
Need Reproduce Script:       http://bugs.php.net/fix.php?id=32414&r=needscript
Try newer version:           http://bugs.php.net/fix.php?id=32414&r=oldversion
Not developer issue:         http://bugs.php.net/fix.php?id=32414&r=support
Expected behavior:           http://bugs.php.net/fix.php?id=32414&r=notwrong
Not enough info:             
http://bugs.php.net/fix.php?id=32414&r=notenoughinfo
Submitted twice:             
http://bugs.php.net/fix.php?id=32414&r=submittedtwice
register_globals:            http://bugs.php.net/fix.php?id=32414&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=32414&r=php3
Daylight Savings:            http://bugs.php.net/fix.php?id=32414&r=dst
IIS Stability:               http://bugs.php.net/fix.php?id=32414&r=isapi
Install GNU Sed:             http://bugs.php.net/fix.php?id=32414&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=32414&r=float
No Zend Extensions:          http://bugs.php.net/fix.php?id=32414&r=nozend
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=32414&r=mysqlcfg