[Phpwiki-bugs] [ phpwiki-Bugs-504020 ] phpwiki with phpsessid's breaks URL's

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Bugs item #504020, was opened at 2002-01-15 11:29
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=106121&aid=504020&group_id=6121

Category: All databases
Group: User Authentication
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: phpwiki with phpsessid's breaks URL's

Initial Comment:
If transparent session id's are compiled into php, and
a user who has cookies blocked to your site either:

* Views a page and clicks "edit"
* Views pages while VIRTUAL_PATH is false and clicks on
another linked page

The URL's get FUBAR:

http://server/wiki/index.php/Oracle%20Applications&?PHPSESSID=243fc4338a9871d6bb3f28d3f9ec6985#63;action=edit

if you notice the "&" on the URL, it tries to edit a
page called "Oracle Applications&", instead of having
the PHPSESSID as a variable.

I'm aware that phpwiki doesn't do any special PHPSESSID
handling, but I couldn't uncover the issue with this
bug in a cursory look.. I just commented out all the
session handling since we don't need it inside this
organization.

Tested with both 1.3.0-jeffs-hacks and
1.3.2-jeffs-hacks, as well as Mozilla 0.9.7, Netscape
4.7, and Opera 6.0

----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=106121&aid=504020&group_id=6121