PHP session_write_close() keeps sending a set-cookie header
Posted
by
Chiraag Mundhe
on Stack Overflow
See other posts from Stack Overflow
or by Chiraag Mundhe
Published on 2011-02-26T22:49:49Z
Indexed on
2011/02/26
23:25 UTC
Read the original article
Hit count: 187
In my framework, I make a number of calls to session_write_close().
Let's assume that a session has been initiated with a user agent. The following code...
foreach($i = 0; $i < 3; $i++) {
session_start();
session_write_close();
}
...will send the following request header to the browser:
Set-Cookie PHPSESSID=bv4d0n31vj2otb8mjtr59ln322; path=/
PHPSESSID=bv4d0n31vj2otb8mjtr59ln322; path=/
There should be no Set-Cookie header because, as I stipulated, the session cookie has already been created on the user's end. But every call to session_write_close() after the first one in the script above will result in PHP instructing the browser to set the current session again.
This is not breaking my app or anything, but it is annoying. Does anyone have any insight into preventing PHP from re-setting the cookie with each subsequent call to session_write_close?
EDIT
The problem seems to be that with every subsequent call to session_start(), PHP re-sets the session cookie to its own SID and sends a Set-Cookie response header. But why??
© Stack Overflow or respective owner