旧版 Symfony 项目：PHP 警告：session_start()：会话 ID 太长或包含非法字符

Question

I am trying to deploy a legacy Symfony 1.4 (actually Symfon 1.5 via FriendsOfSymfony1 [1]) project in a Vagrant Box with Ubuntu 18.x.我正在尝试在带有 Ubuntu 18.x 的 Vagrant Box 中部署旧版 Symfony 1.4（实际上是 Symfon 1.5 通过 FriendsOfSymfony1 [1]）项目。 My PHP version is 7.2.x (see [2]) Everything works fine, the site loads, but I get this error (and cannot complete the login to the legacy site):我的 PHP 版本是 7.2.x（参见 [2]）一切正常，站点加载，但出现此错误（并且无法完成对旧站点的登录）：

[Fri Feb 07 14:51:53.880189 2020] [php7:warn] [pid 2831] [client 10.0.2.2:63895] PHP Warning: session_start(): The session id is too long or contains illegal characters, valid characters are az, AZ, 0-9 and '-,' in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/storage/sfSessionStorage.class.php on line 95, referer: http://127.0.0.1:8080/frontend_dev.php/registration/ [Fri Feb 07 14:51:53.880189 2020] [php7:warn] [pid 2831] [client 10.0.2.2:63895] PHP 警告：session_start()：会话 ID 太长或包含非法字符，有效字符为 az , AZ, 0-9 和 '-,' 在 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/storage/sfSessionStorage.class.php 第 95 行，引用： http://127.0.0.1： 8080/frontend_dev.php/registration/

[Fri Feb 07 14:51:53.880478 2020] [php7:warn] [pid 2831] [client 10.0.2.2:63895] PHP Warning: session_start(): Failed to read session data: files (path: /var/lib/php/sessions) in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/storage/sfSessionStorage.class.php on line 95, referer: http://127.0.0.1:8080/frontend_dev.php/registration/ [Fri Feb 07 14:51:53.880478 2020] [php7:warn] [pid 2831] [client 10.0.2.2:63895] PHP 警告：session_start()：无法读取会话数据：文件（路径：/var/lib/ php/sessions) 在 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/storage/sfSessionStorage.class.php 中的第 95 行，引用： http : //127.0.0.1 : 8080 /frontend_dev.php/registration /

There is already a discussion here: The session id is too long or contains illegal characters, valid characters are az, AZ, 0-9 and '-,' But it does not solve my problem.这里已经有讨论了： session id太长或包含非法字符，有效字符是az, AZ, 0-9 和'-,'但是并没有解决我的问题。

The relevant code snippet (line 95) is here:相关代码片段（第 95 行）在这里：

https://github.com/FriendsOfSymfony1/symfony1/blob/d9e3f17e246ed90590c4e5175f1cec39f4a68254/lib/storage/sfSessionStorage.class.php#L95 https://github.com/FriendsOfSymfony1/symfony1/blob/d9e3f17e246ed90590c4e5175f1cec39f4a68254/lib/storage/sfSessionStorage.class.php#L95

The code that sets the session_id is in the same file, line 52 onward:设置session_id的代码在同一个文件中，第 52 行以后：

  public function initialize($options = null)
  {
    $cookieDefaults = session_get_cookie_params();

    $options = array_merge(array(
      'session_name'            => 'symfony',
      'session_id'              => null,      // <=============== HERE
      'auto_start'              => true,
      'session_cookie_lifetime' => $cookieDefaults['lifetime'],
      'session_cookie_path'     => $cookieDefaults['path'],
      'session_cookie_domain'   => $cookieDefaults['domain'],
      'session_cookie_secure'   => $cookieDefaults['secure'],
      'session_cookie_httponly' => isset($cookieDefaults['httponly']) ? $cookieDefaults['httponly'] : false,
      'session_cache_limiter'   => null,
    ), $options);

    // initialize parent
    parent::initialize($options);

This link mentions that it's a PHP 7.1 issue (I have PHP 7.2!?), and that you cannot use null as session_id (like the code above does). 这个链接提到这是一个 PHP 7.1 问题（我有 PHP 7.2！？），并且你不能使用null作为session_id （就像上面的代码一样）。 So I changed所以我改变了

'session_id' => null,

to到

'session_id' => '',

then I cleared cached via ./symfony cc , then restarted apache, but still: I get the PHP warning re session id.然后我通过./symfony cc清除缓存，然后重新启动 apache，但仍然：我收到 PHP 警告重新会话 ID。

Memcached related? memcached 相关？

Maybe related: reviewing the legacy code, I realize that the session storage is defined in my factories.yml file like so:也许相关：查看遗留代码，我意识到会话存储是在我的factories.yml文件中定义的，如下所示：

(snip)

  storage:
    class: sfCacheSessionStorage
    param:
      session_name: prx
      cache: 
        class: sfMemcacheCache #[required] define the cache strategy
        param:
          servers: # Array of servers
            localserver:
              host: localhost # hostname or IP of mamcache server
              port: 11211 # default memcache port

(snip)

Memcached is already installed and running: Memcached 已经安装并运行：

vagrant@ubuntu-bionic:~/swdev$ ps aux | grep -i memc
memcache  1002  0.0  0.3 424764  3036 ?        Ssl  13:50   0:01 /usr/bin/memcached -m 64 -p 11211 -u memcache -l 127.0.0.1 -P /var/run/memcached/memcached.pid
vagrant   3289  0.0  0.1  13136  1108 pts/0    S+   15:42   0:00 grep --color=auto -i memc

Footnotes脚注

[1] Instead of Symfony 1.4 I am using an update from FriendsOfSymfony1 [1] 我使用 FriendsOfSymfony1 的更新而不是 Symfony 1.4

https://github.com/FriendsOfSymfony1/symfony1 https://github.com/FriendsOfSymfony1/symfony1

[2] PHP Version [2] PHP 版本

PHP 7.2.24-0ubuntu0.18.04.2 PHP 7.2.24-0ubuntu0.18.04.2

Answer 1

The problem with not FOS code, but rather with your code that calls it.问题不在于 FOS 代码，而在于调用它的代码。 You can see it merges the FOS array with your $options array.您可以看到它将 FOS 数组与$options数组合并。 Please check the stacktrace for call of this method, and see where the $options argument comes from.请检查此方法调用的堆栈跟踪，并查看$options参数的来源。 Solving it there will solve the issue with too long ID.在那里解决它会解决 ID 太长的问题。

EDIT: I did some checks using PHP 7.2 you're using and my guess there should be some PR done to the code there and change the code to :编辑：我使用您正在使用的 PHP 7.2 进行了一些检查，我猜应该对那里的代码进行一些 PR 并将代码更改为：

$options = array_merge([
    'name'            => 'symfony',
    /**
     * Cannot be set becasue is not an session option
     * @see: https://www.php.net/manual/en/session.configuration.php
     */
    //'session_id'              => null,
    /**
     * Cannot be set becasue of PERDIR
     * @see: https://www.php.net/manual/en/configuration.changes.modes.php
     */
    //'auto_start'              => '0',
    'cookie_lifetime' => $cookieDefaults['lifetime'],
    'cookie_path'     => $cookieDefaults['path'],
    'cookie_domain'   => $cookieDefaults['domain'],
    'cookie_secure'   => $cookieDefaults['secure'],
    'cookie_httponly' => isset($cookieDefaults['httponly']) ? $cookieDefaults['httponly'] : false,
    /**
     * Only allows specified string values, defaults to nocache, not null
     */
    'cache_limiter'   => 'nocache',
], $options);

Answer 2

Deleting browser cookies (hint from [1]) seemed to resolve the problem.删除浏览器 cookie（来自 [1] 的提示）似乎可以解决问题。 But now I have another error[2].但现在我有另一个错误[2]。 But that's for another question on SO.但那是关于 SO 的另一个问题。

[1] See https://stackoverflow.com/a/28024487/5115219 [1] 见https://stackoverflow.com/a/28024487/5115219

[2] Next error [2] 下一个错误

[Fri Feb 07 18:22:01.701138 2020] [php7:warn] [pid 3200] [client 10.0.2.2:59612] PHP Warning: ini_set(): A session is active. [Fri Feb 07 18:22:01.701138 2020] [php7:warn] [pid 3200] [client 10.0.2.2:59612] PHP 警告：ini_set()：会话处于活动状态。 You cannot change the session module's ini settings at this time in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php on line 257您此时无法在第 257 行的 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php 中更改会话模块的 ini 设置

And then trying to log in to my legacy app, I get this error log:然后尝试登录我的旧应用程序，我收到此错误日志：

[Fri Feb 07 18:22:10.272147 2020] [php7:warn] [pid 3610] [client 10.0.2.2:59628] PHP Warning: ini_set(): A session is active. [Fri Feb 07 18:22:10.272147 2020] [php7:warn] [pid 3610] [client 10.0.2.2:59628] PHP 警告：ini_set()：会话处于活动状态。 You cannot change the session module's ini settings at this time in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php on line 257, referer: http://127.0.0.1:8080/frontend_dev.php/registration/您此时无法在第 257 行的 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php 中更改会话模块的 ini 设置，参考： http://127.0.0.1： 8080/frontend_dev.php/registration/

[Fri Feb 07 18:22:10.360800 2020] [php7:warn] [pid 3610] [client 10.0.2.2:59628] PHP Warning: ini_set(): A session is active. [Fri Feb 07 18:22:10.360800 2020] [php7:warn] [pid 3610] [client 10.0.2.2:59628] PHP 警告：ini_set()：会话处于活动状态。 You cannot change the session module's ini settings at this time in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php on line 257, referer: http://127.0.0.1:8080/frontend_dev.php/registration/您此时无法在第 257 行的 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php 中更改会话模块的 ini 设置，参考： http://127.0.0.1： 8080/frontend_dev.php/registration/

[Fri Feb 07 18:22:10.826885 2020] [php7:warn] [pid 3521] [client 10.0.2.2:59629] PHP Warning: ini_set(): A session is active. [Fri Feb 07 18:22:10.826885 2020] [php7:warn] [pid 3521] [client 10.0.2.2:59629] PHP 警告：ini_set()：会话处于活动状态。 You cannot change the session module's ini settings at this time in /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php on line 257, referer: http://127.0.0.1:8080/frontend_dev.php/registration/您此时无法在第 257 行的 /home/vagrant/swdev/lib/vendor/lexpress/symfony1/lib/user/sfBasicSecurityUser.class.php 中更改会话模块的 ini 设置，参考： http://127.0.0.1： 8080/frontend_dev.php/registration/

[Fri Feb 07 18:22:11.717016 2020] [php7:notice] [pid 3521] [client 10.0.2.2:59629] Result Cache driver not initialized., referer: http://127.0.0.1:8080/frontend_dev.php/registration/ [Fri Feb 07 18:22:11.717016 2020] [php7:notice] [pid 3521] [client 10.0.2.2:59629] 结果缓存驱动未初始化。，参考： http : //127.0.0.1 : 8080/ frontend_dev.php /登记/

旧版 Symfony 项目：PHP 警告：session_start()：会话 ID 太长或包含非法字符

问题描述

Memcached related? memcached 相关？

Footnotes脚注

2 个解决方案

解决方案1
0 2020-02-07 15:22:51

解决方案2
0 2020-02-07 18:29:20

旧版 Symfony 项目：PHP 警告：session_start()：会话 ID 太长或包含非法字符

问题描述

Memcached related? memcached 相关？

Footnotes脚注

2 个解决方案

解决方案1 0 2020-02-07 15:22:51

解决方案2 0 2020-02-07 18:29:20

解决方案1
0 2020-02-07 15:22:51

解决方案2
0 2020-02-07 18:29:20