Posted by Gordon Burditt on 11/05/06 10:25

>> I also dispute that the "bug" you are describing in PHP can be fixed
>> in PHP. It's the browser, not the server that decides what cookies
>> to send to the server.
>>
>
>It is PHPSESSID that is duplicated

The variable is duplicated because the browser DID NOT SEND the one
with the other domain on requests with *this* domain. Since PHP
did not get a session ID (there's no way to tell if that's because
there isn't one, or because there are several in several different
domains but the browser didn't send them), it made a new one, just
like it's supposed to do.

>and a variable within it that is wrong

PHPSESSID does not have variables within it. It's just a string
of characters that acts like a database key.

>- so you tell me what generates that ?

Browsers sending cookies back only to the site that sent them
when they are *supposed* to do exactly that.

• Next in forum: Re: sessions and domain names
• Prev in forum: Re: |OT| Microsoft Opens PHP Door
• Thread view: Re: sessions and domain names

[Reply to this message]