Issue Type: Improvement Created: 2007-10-16T11:52:46.000+0000 Last Updated: 2008-12-21T06:12:31.000+0000 Status: Resolved Fix version(s): - 1.7.2 (23/Dec/08)
Reporter: Johannes H. Jensen (joh) Assignee: Jon Whitcraft (sidhighwind) Tags: - Zend_Session
Related issues: Attachments: - ZF-2077.patch
Zend_Session_Namespace allows invalid namespace names like "0" to be used as the namespace. This is a problem because 0 is not a valid key of $_SESSION. From the PHP manual: http://php.net/session
"The keys in the $_SESSION associative array are subject to the same limitations as regular variable names in PHP, i.e. they cannot start with a number and must start with a letter or underscore. For more details see the section on variables in this manual."
This is because of register_globals compatibility. Also, see bug #42472: http://bugs.php.net/bug.php?id=42472
Trying to set $_SESSION produces an E_NOTICE message of the following form: Notice: Unknown: Skipping numeric key 0. in Unknown on line 0
$_SESSION is never stored persistently either.
Zend_Session_Namespace should validate the namespace passed so that it meets the requirements specified in the PHP manual: It must start with a letter or underscore.
Posted by Darby Felton (darby) on 2007-11-07T12:30:02.000+0000
Any word on committing fixes for this issue? Should I reassign to myself?
Posted by Adler Brediks Medrado (adlermedrado) on 2007-11-07T12:32:53.000+0000
Yes! Please Darby.
I am having some particular issues these days and i can't look this issue now. Thank you.
Posted by Darby Felton (darby) on 2007-11-07T12:46:29.000+0000
Thanks for the update; I've reassigned to myself. :) If you find time to work on this and it hasn't been resolved yet, please feel free to reassign.
Posted by Darby Felton (darby) on 2007-11-07T12:48:00.000+0000
Changed nature of issue to Improvement and priority to minor, since an easy workaround is present (don't present keys that are illegal according to the manual).
Posted by Wil Sinclair (wil) on 2008-03-21T17:05:31.000+0000
This issue should have been fixed for the 1.5 release.
Posted by Wil Sinclair (wil) on 2008-04-18T13:12:01.000+0000
This doesn't appear to have been fixed in 1.5.0. Please update if this is not correct.
Posted by Ralph Schindler (ralph) on 2008-04-22T11:29:54.000+0000
Updating project management info.
Posted by Jon Whitcraft (sidhighwind) on 2008-12-14T17:51:51.000+0000
Attached is my proposed patch.
Posted by Ralph Schindler (ralph) on 2008-12-15T07:37:27.000+0000
Patch looks good, commit away
Posted by Jon Whitcraft (sidhighwind) on 2008-12-17T03:13:44.000+0000
This has been fixed with r13337
Have you found an issue?
See the Overview section for more details.