Details
-
Type:
Bug
-
Status:
Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 1.5.1
-
Fix Version/s: Next Mini Release
-
Component/s: Zend_Session
-
Labels:None
-
Fix Version Priority:Nice to Have
Description
Zend_Session::expireSessionCookie method will fail when it is called on the same page as a new session is created.
Example:
a new user comes to my website, and I start a session using Zend_Session::start(), there will be no $_COOKIE[session_name()], so this test will fail,
if (isset($_COOKIE[session_name()])) {
...
}
which leaves a case when after I have called Zend_Session::expireSessionCookie, the user still has a session cookie!
I suggest to replace the if test w/ the following
if (isset($_COOKIE[session_name()]) || self::$_sessionStarted) {
...
}
which solved my issue
Why are you attempting to expire a session cookie on the first page visit?