PHP session_write_close() keeps sending a set-cookie header

Posted by Chiraag Mundhe on Stack Overflow See other posts from Stack Overflow or by Chiraag Mundhe
Published on 2011-02-26T22:49:49Z Indexed on 2011/02/26 23:25 UTC
Read the original article Hit count: 187

Filed under:
|
|

In my framework, I make a number of calls to session_write_close().

Let's assume that a session has been initiated with a user agent. The following code...

foreach($i = 0; $i < 3; $i++) {
    session_start();
    session_write_close();
}

...will send the following request header to the browser:

Set-Cookie    PHPSESSID=bv4d0n31vj2otb8mjtr59ln322; path=/
              PHPSESSID=bv4d0n31vj2otb8mjtr59ln322; path=/

There should be no Set-Cookie header because, as I stipulated, the session cookie has already been created on the user's end. But every call to session_write_close() after the first one in the script above will result in PHP instructing the browser to set the current session again.

This is not breaking my app or anything, but it is annoying. Does anyone have any insight into preventing PHP from re-setting the cookie with each subsequent call to session_write_close?

EDIT

The problem seems to be that with every subsequent call to session_start(), PHP re-sets the session cookie to its own SID and sends a Set-Cookie response header. But why??

© Stack Overflow or respective owner

Related posts about php

Related posts about session