FS#60565 - [phpldapadmin] session_start failed in php 7.2.11

Attached to Project: Community Packages
Opened by Jiuyang Liu (Sequencer) - Tuesday, 23 October 2018, 16:41 GMT
Last edited by Sergej Pupykin (sergej) - Wednesday, 08 February 2023, 01:19 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Sergej Pupykin (sergej)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Using phpldapadmin with php-fpm and nginx,
php complain about `Notice: Undefined variable: _SESSION in /usr/share/webapps/phpldapadmin/lib/session_functions.php on line 100.`
this may be the different behavior of `session_start`, describe in `http://php.net/manual/en/function.session-start.php#refsect1-function.session-start-changelog`.


Additional info:
* package version(s)
phpldapadmin 1.2.3-12
nginx 1.14.0-1
php 7.2.11-3
php-fpm 7.2.11-3
* config and/or log files etc.
`/etc/nginx/sites-enabled/ldapadmin`:
```
server {
server_name some.name;
root /usr/share/webapps/phpldapadmin;
index index.html index.htm index.php;

location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}

listen 8080;
listen [::]:8080;
}
```

`/etc/webapps/phpldapadmin/config.php`
```
<?php
$config->custom->commands['cmd'] = array(
'entry_internal_attributes_show' => true,
'entry_refresh' => true,
'oslinks' => true,
'switch_template' => true
);
$config->custom->commands['script'] = array(
'add_attr_form' => true,
'add_oclass_form' => true,
'add_value_form' => true,
'collapse' => true,
'compare' => true,
'compare_form' => true,
'copy' => true,
'copy_form' => true,
'create' => true,
'create_confirm' => true,
'delete' => true,
'delete_attr' => true,
'delete_form' => true,
'draw_tree_node' => true,
'expand' => true,
'export' => true,
'export_form' => true,
'import' => true,
'import_form' => true,
'login' => true,
'logout' => true,
'login_form' => true,
'mass_delete' => true,
'mass_edit' => true,
'mass_update' => true,
'modify_member_form' => true,
'monitor' => true,
'purge_cache' => true,
'query_engine' => true,
'rename' => true,
'rename_form' => true,
'rdelete' => true,
'refresh' => true,
'schema' => true,
'server_info' => true,
'show_cache' => true,
'template_engine' => true,
'update_confirm' => true,
'update' => true
);
*/
$config->custom->appearance['friendly_attrs'] = array(
'facsimileTelephoneNumber' => 'Fax',
'gid' => 'Group',
'mail' => 'Email',
'telephoneNumber' => 'Telephone',
'uid' => 'User Name',
'userPassword' => 'Password'
);
$servers = new Datastore();
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('login','auth_type','session');
$servers->setValue('login','bind_id','cn=root,dc=fraud,dc=org');
$servers->setValue('login','bind_pass','eef0ootoo2cuaS3ahy1aijoo0fopheMa');$servers->setValue('login','base',array("dc=fraud,dc=org"));
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
$servers->setValue('login','auth_type','sasl');
$servers->setValue('sasl','mech','GSSAPI');
$servers->setValue('sasl','realm','EXAMPLE.COM');
$servers->setValue('sasl','authz_id',null);
$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
$servers->setValue('sasl','authz_id_replacement','$1');
$servers->setValue('sasl','props',null);
$servers->setValue('appearance','password_hash','md5');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
$servers->setValue('auto_number','enable',true);
$servers->setValue('auto_number','mechanism','search');
$servers->setValue('auto_number','search_base',null);
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
$servers->setValue('auto_number','dn',null);
$servers->setValue('auto_number','pass',null);
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
*/
?>
```

`/etc/php/php.ini`
```
[PHP]engine = On
short_open_tag = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = -1
open_basedir = /usr/share/webapps/:/etc/webapps
disable_functions =
disable_classes =zend.enable_gc = On
expose_php = Onmax_execution_time = 30
max_input_time = 60
memory_limit = 128Merror_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = Onhtml_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = Onpost_max_size = 8M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
extension_dir = "/usr/lib/php/modules/"enable_dl = Offfile_uploads = Onupload_max_filesize = 2M
max_file_uploads = 20allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
extension=curl
extension=gettext
extension=ldap
extension=zip[CLI Server]
cli_server.color = On
[Date][filter][iconv]
[intl]
[sqlite3]
[Pcre]
[Pdo][Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
[mail function]
SMTP = localhost
smtp_port = 25
mail.add_x_header = Off[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQLi]
mysqli.max_persistent = -1mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off[OCI8]
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = filessession.use_strict_mode = 0
session.use_cookies = 1session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.sid_length = 26
session.trans_sid_tags = "a=href,area=href,frame=src,form="session.sid_bits_per_character = 5[Assertion]
zend.assertions = -1
[COM]
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[dba]
[opcache][curl]
[openssl]
```

`/etc/webapps/phpladpadmin` and `/usr/share/webapps/phpldapadmin` owned by http:http with 755

Steps to reproduce:
```
pacman -S phpldapadmin php php-fpm nginx
systemctl start nginx
systemctl start php-fpm
```
and visit the website will see
```
Notice: Undefined variable: _SESSION in /usr/share/webapps/phpldapadmin/lib/session_functions.php on line 100
```
on the top of the website.
This task depends upon

Closed by  Sergej Pupykin (sergej)
Wednesday, 08 February 2023, 01:19 GMT
Reason for closing:  Won't fix
Additional comments about closing:  php7 removed
Comment by Heinrich Siebmanns (Harvey) - Saturday, 24 October 2020, 15:43 GMT
Still valid as of today, October 24, 2020
Comment by Sergej Pupykin (sergej) - Friday, 06 January 2023, 16:05 GMT
is it still valid after moving to php8?

Loading...