View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0005627 | OXID ERP Interface | OXID ERP Interface - sub | public | 2014-01-28 14:19 | 2024-01-19 17:21 |
Reporter | michael_keiluweit | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | assigned | Resolution | open | ||
Product Version | 2.12.0 | ||||
Summary | 0005627: when sending session id value with bad characters, shop is throwing a PHP warning message | ||||
Description | A session value with bad characters like " ? " will cause a PHP warning in the shop code. See example code in "steps to reproduce" field | ||||
Steps To Reproduce | <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="OXERPService"> <SOAP-ENV:Body> <ns1:OXERPGetUsers> <ns1:sSessionID>?</ns1:sSessionID> <ns1:iStart>?</ns1:iStart> <ns1:iCount>?</ns1:iCount> <ns1:OXERPSort> <ns1:sFieldName>?</ns1:sFieldName> <ns1:sType> </ns1:sType> </ns1:OXERPSort> </ns1:OXERPGetUsers> </SOAP-ENV:Body> </SOAP-ENV:Envelope> | ||||
Additional Information | root@ubuntu:/var/www/logs/PHP5# tail -f php53_error.log [28-Jan-2014 13:14:22 UTC] PHP Warning: session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpbase.php on line 280 [28-Jan-2014 13:14:22 UTC] PHP Stack trace: [28-Jan-2014 13:14:22 UTC] PHP 1. {main}() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpservice.php:0 [28-Jan-2014 13:14:22 UTC] PHP 2. SoapServer->handle() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpservice.php:99 [28-Jan-2014 13:14:22 UTC] PHP 3. oxERPGateway->OXERPGetUsers() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpgateway.php:0 [28-Jan-2014 13:14:22 UTC] PHP 4. oxERPGateway->_loadSession() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpgateway.php:168 [28-Jan-2014 13:14:22 UTC] PHP 5. oxERPBase->loadSessionData() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpgateway.php:63 [28-Jan-2014 13:14:22 UTC] PHP 6. session_start() /mnt/hgfs/supportvm53/OXID_ESHOP_EE_5.1.1_SNAPSHOT/modules/erp/oxerpbase.php:280 http://de2.php.net/manual/en/function.session-id.php | ||||
Tags | No tags attached. | ||||