First of all, this code worked fine on Windows 2000 and PHP 4.3.4. This problem occured when I moved the code to a Windows 2003 with 4.3.4. The problem continued after upgrading to PHP 4.3.11.
I create a session, and set certain session vars, and call page 2. Everything works fine.
<?php
//sessionPage1.php
session_start();
$_SESSION['session1'] = "data1";
?>
<body>
<input name="Submit" type="submit" value="Submit" onClick="javascript:document.location='sessionPage2.php?var1=<?="data1&".strip_tags(SID); ?>'">
</body>
Page 2 is a form. It's action calls page 2 again, throws the post data in a database, and sets some additional session vars, and make a header() call to page 3.
<?php
//sessionPage2.php
session_start();
if ($_POST["insert"] == "form1") {
$_SESSION['tempRecordNum'] = 1;
$_SESSION['session3'] = $_POST['field3'];
$_SESSION['session4'] = $_POST['field4'];
header("Location: sessionPage3.php?".strip_tags(SID)."&recordNum=".$_SESSION['tempRecordNum']);
}
$_SESSION['session2'] = "data2";
?>
<BODY>
<form name="form1" method="POST" action="sessionPage2.php?<?=strip_tags(SID);?>">
<input type="text" name="field3" value="data3">
<input type="text" name="field4" value="data4">
<input type="text" name="insert" value="form1">
<input type="text" name="firstName" value="name">
<input type="submit" name="Submit" value="Submit">
</form>
</BODY>
On Page 3, prints out the session vars that have been set.
<?php
//sessionPage3.php
session_start();
print_r($_SESSION);
?>
Now, here is the problem. The session variables set on Page 2 before the header() line are erased if the page2.php file is larger than approx 12k.. If it's bigger, Page 3 returns only the variables set on Page 1, and the session vars set on Page 2 BEFORE the form is submitted.
It's not bad additional code. This code is about 2k. I added nothing but text in the HTML, and once I got to 13k, it choked.
Now I said the session var is erased. Why? Because when it happens, the address line for Page 3 displays as:
/sessionPage3.php&recordNum=1
As you'll note in Page 2, that '1' is the $['tempRecordNum'] var. Since the 1 printed, at one time, it was set. Yet on Page 3, a print_r($SESSION) reveals only:
Array ( [session1] => data1 [session2] => data2 )
Another Fix: Delete the header() line. If I do that, and then click a link to Page 3, all session_vars are displayed.
PHP.INI:
session.save_handler = files
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = E:\temp\phpcookies
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 100
session.gc_maxlifetime = 1440
session.bug_compat_42 = 1
session.bug_compat_warn = 1
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="
session.save_path= E:\temp\phpsessions ; argument passed to save_handler
So, What gives? Is this a bug? What setting in PHP (or IIS 6) can even control this? It's doesn't seem to be a rights or browser or coding error.
I've been beating this for a while, and I'm told I can no longer expense the Stress Toys I'm going through. So any help or acknowledgement that they've seen this before would be greatly appreciated.
Thanks,
Brian
