[Phalcon 1.3.0] Unable de overwrite Cookie => Segmentation Fault

Hello everyone,

thanks to the great job you're doing. I started developing with Phalcon 3 months ago, and i really love it.

Since this morning and the upgrade to Phalcon 1.3.0 the following issue appears everytime I want to overwrite a cookie :

if I do this :

$cookies = $this->getDI()->getCookies();
$cookies->set("mycookie", "test", time() + 3600, "/");

If there was no cookie before this, everything is fine. But if there is already a cookie the overwrite makes Apache crash. (502 error).

I precise that cookie encryption is disabled.

Wed Mar 19 18:00:22.834263 2014] [core:notice] [pid 8164] AH00052: child pid 13422 exit signal Segmentation fault (11)

The environment is Linux Debian, Apache 2.4.7, PHP 5.5.8.

Again, thanks a lot !



85.4k
edited Mar '14

I'm not able to reproduce this, I have used these scenarios, all of them are working:

1) Cookies without session without encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    $cookies->useEncryption(false);
    return $cookies;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_COOKIE);

Running here: http://phosphorum.com/test2.php

2) Cookies with session without encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['session'] = function() {
    $session = new \Phalcon\Session\Adapter\Files();
    $session->start();
    return $session;
};

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    $cookies->useEncryption(false);
    return $cookies;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_SESSION);
var_dump($_COOKIE);

Running here: http://phosphorum.com/test3.php

2) Cookies with session with encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['session'] = function() {
    $session = new \Phalcon\Session\Adapter\Files();
    $session->start();
    return $session;
};

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    return $cookies;
};

$di['crypt'] = function() {
        $crypt = new Phalcon\Crypt();
        $crypt->setKey('.1dj8$=dp?.ak//j1V$');
        return $crypt;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_SESSION);
var_dump($_COOKIE);

Running here: http://phosphorum.com/test4.php

You may need to close and reopen the browser to see them running independtly.

Could you please post a full test that reproduce the problem?



2.3k

Of course ! Thanks for your response !

Tomorrow morning i'll perform the 3 tests you posted and post here the relative results!

Have a nice evening



2.3k

Good Morning all !

Problem solved !

In my authentication process until 1.3.0 I was fetching cookie value (using cookies service) by just doing :

$myCookieVal = $cookies->get('mycookie');

And this morning I realized that the proper way to get cookie value is doing this :

$myCookieVal = $cookies->get('mycookie')->getValue();

And everything's right ! I don't know why the first syntax worked before the upgrade anyway.

If you can reliably cause a segmentation fault, you should file this as a bug anyway. While you were doing something incorrectly, nothing you do should ever cause a segmentation fault.



21.4k

There was definetly a segmentation fault relating to cookies and authentication on 1.3.0. I was getting a segmentation fault when trying to login on a Wordpress blog and in the end it was phalcon's fault (why, I don't know, maybe someone could explain it). I updated the extention and the problem went away. Just letting this comment as an advice!



37.9k

This mean path store session do not permission overwrite, you must to set permission for it or change path, for example if you using Nginx

; Default Value: nothing is defined by default except the values in php.ini and
;                specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path]    = /tmp
php_value[soap.wsdl_cache_dir]  = /var/lib/php/wsdlcache

In example above I change default path /var/lib/session/ to be /tmp. Also you can chmod it

sudo chown nginx:nginx -R /var/lib/session && chmod 777 /var/lib//session