Zend Framework

Zend_Session::expireSessionCookie fails on initial session creation

Details

  • Type: Bug Bug
  • Status: Open Open
  • Priority: Minor Minor
  • Resolution: Unresolved
  • Affects Version/s: 1.5.1
  • Fix Version/s: Next Mini Release
  • Component/s: Zend_Session
  • Labels:
    None
  • Fix Version Priority:
    Nice to Have

Description

Zend_Session::expireSessionCookie method will fail when it is called on the same page as a new session is created.

Example:
a new user comes to my website, and I start a session using Zend_Session::start(), there will be no $_COOKIE[session_name()], so this test will fail,
if (isset($_COOKIE[session_name()])) {
...
}

which leaves a case when after I have called Zend_Session::expireSessionCookie, the user still has a session cookie!

I suggest to replace the if test w/ the following
if (isset($_COOKIE[session_name()]) || self::$_sessionStarted) {
...
}
which solved my issue

Activity

Hide
Ralph Schindler added a comment -

Why are you attempting to expire a session cookie on the first page visit?

Show
Ralph Schindler added a comment - Why are you attempting to expire a session cookie on the first page visit?

People

Vote (1)
Watch (1)

Dates

  • Created:
    Updated: