clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 18:07:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.0' into PHP-8.1

Browse Source 
* PHP-8.0:
  Fix GH-9583: session_create_id() fails with user defined save handler that doesn't have a validateId() method
This commit is contained in:
George Peter Banyard 2022-09-27 15:53:16 +01:00
commit 72cb47338e
No known key found for this signature in database
GPG Key ID: 3306078E3194AEBD
3 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -9,6 +9,10 @@ PHP NEWS
- Opcache:
. Added indirect call reduction for jit on x86 architectures. (wxue1)
- Session:
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
29 Sep 2022, PHP 8.1.11
- Core:

3
ext/session/session.c
View File

@ -1082,8 +1082,9 @@ PHPAPI int php_session_register_module(const ps_module *ptr) /* {{{ */
/* }}} */
/* Dummy PS module function */
/* We consider any ID valid, so we return FAILURE to indicate that a session doesn't exist */
PHPAPI int php_session_validate_sid(PS_VALIDATE_SID_ARGS) {
return SUCCESS;
return FAILURE;
}
/* Dummy PS module function */

45
ext/session/tests/gh9583.phpt Normal file
View File

@ -0,0 +1,45 @@
--TEST--
GH-9583: session_create_id() fails with user defined save handler that doesn't have a validateId() method
--EXTENSIONS--
session
--SKIPIF--
<?php include('skipif.inc'); ?>
--FILE--
<?php
class SessionHandlerTester implements \SessionHandlerInterface
{
public function close(): bool { return true; }
public function destroy($id): bool { return true; }
public function gc($max_lifetime): int|false { return 1; }
public function open($path, $name): bool { return true; }
public function read($id): string { return ''; }
public function write($id, $data): bool { return true; }
//public function create_sid() { return uniqid(); }
//public function validateId($key) { return true; }
}
$obj = new SessionHandlerTester();
ini_set('session.use_strict_mode','1');
session_set_save_handler($obj);
session_start();
echo "\nvalidateId() ".(method_exists($obj,'validateId')?('returns '.($obj->validateId(1)?'true':'false')):'is commented out');
echo "\n";
$sessionId = session_create_id();
echo "\nSession ID:".$sessionId;
echo "\n";
?>
--EXPECTF--
validateId() is commented out
Session ID:%s