PHP register_long_arrays session breakage

Strange behaviour that’s taken me ages to track down. I had the situation where I could create a session, but any changes to it were not saved. session_write_close() didn’t help. Eventually I tracked it down: if you have register_long_arrays disabled (as is the default in PHP5), this can happen. Enabling it fixed the problem. A very simple test case didn’t show this problem, so I guess something in my sessions has a dependency on HTTP_GET_VARS or similar, though these vars do not appear anywhere in my code…

Someone pointed me at this bug report which seems very similar to what I’m seeing. Still no solution though.

Beware of the MultiView

I’ve been seeing some very confusing behaviour involving mod_rewrite and PHP.

I have this rewrite rule in a .htaccess file (it just allows me to see what the incoming URL looked like for test purposes):

RewriteRule (*.) x.php?x=$1 [R,L]

If I feed it a URL like:

it matches the whole thing/123 part and maps it to my desired URL:

That’s all fine. Now the weird bit. If I happen to have a script with the same base name as the matching path part, like “thing.php”, it gets magically picked up and inserted into the URL, so I end up with:

Huh?! How did the ‘.php’ get in there?

Now because this rule is in a .htaccess file, it’s handled last in the chain of things that apache might do (and there are no other rewrite rules), it must be something further upstream that’s mapping ‘thing’ to ‘thing.php’. My first idea was that it might be looking inside thing.php (using mime_magic) and mapping its type, and file extension, according to the AddType directive that PHP is enabled by. However, turning off mime magic doesn’t stop it happening, so it’s not that.

It DOES stop doing it if I disable PHP – but why should PHP be involved in this at all? The final URL will eventually hit PHP, but because in this case I’m using [R] (which forces an external redirect) in the rewrite rule, PHP won’t see that until the request returns from the browser.

Is there some automatic aliasing thing that suggests that files without extensions might be some other kind of file? Well, that sounds like a fair description of the kind of thing that Apache’s MultiViews do. Surprise surprise – I turn MultiViews off and it all starts acting normally. As yet I’ve not figured out how to stop it a little more selectively (as MultiViews are a nice feature otherwise), but I can live without them for now.

WebDAV and mod_rewrite

I ran into a little config problem with serendipity and the use of WebDAV for accessing files on my server. Serendipity’s RewriteRule directives screw up the ability access files via WebDAV. Because they are held in a .htaccess file and not in the virtual host definition, they are applied to any access regardless of which host it is accessed under. To limit this I already had ‘AllowOverride none’ for my webdav host, but I also needed to add ‘RewriteEngine off’ for it to actually prevent the rewrites from working. I now have both rewriting and WebDAV access working on the same set of files.

WinIE ‘feature’

I like to document things that I find annoying so that other people can be annoyed by them too, so here’s one for today: Windows IE doesn’t like window names that have spaces in – any JavaScript that tries to target them will fail. Firefox and Safari don’t have a problem with them.