Ilia Alshanetsky
|
c6402df3a7
|
Eliminate strcat() usage.
|
2007-02-19 23:53:00 +00:00 |
|
Ilia Alshanetsky
|
629d7cf43f
|
Fixed Bug #40274 (Sessions fail with numeric root keys).
|
2007-02-06 00:01:18 +00:00 |
|
Dmitry Stogov
|
ae792a06b0
|
Fixed SIGSEGV
|
2007-01-10 07:04:49 +00:00 |
|
Ilia Alshanetsky
|
81729c1ece
|
Prevent SESSION/GLOBALS overload via session decoding
|
2007-01-09 15:31:12 +00:00 |
|
Ilia Alshanetsky
|
d1891c3d8a
|
removed dl() block
|
2007-01-06 17:35:44 +00:00 |
|
Hannes Magnusson
|
630254d55e
|
Fix skipif
|
2007-01-06 16:56:38 +00:00 |
|
Ilia Alshanetsky
|
7ba84b8807
|
Added missing open_basedir checks
|
2007-01-04 23:49:35 +00:00 |
|
Sebastian Bergmann
|
4223aa4d5e
|
MFH: Bump year.
|
2007-01-01 09:36:18 +00:00 |
|
Ilia Alshanetsky
|
ba64553913
|
Added boundary checks to php_binary deserializer
|
2006-12-31 22:25:55 +00:00 |
|
Nuno Lopes
|
66e555c66f
|
die("skip this is for PHP < 4.2.3");
|
2006-12-27 15:22:28 +00:00 |
|
Ilia Alshanetsky
|
ffd41a503f
|
Session deserializer protection.
|
2006-12-26 16:53:47 +00:00 |
|
Antony Dovgal
|
7d2142a56e
|
protect _SESSION, HTTP_SESSION_VARS and GLOBALS
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
|
2006-12-20 19:31:28 +00:00 |
|
Antony Dovgal
|
bcf457d828
|
MFH: fix retval type
|
2006-12-04 15:58:48 +00:00 |
|
Ilia Alshanetsky
|
35f78f221b
|
Fixed bug #37627 (session save_path check checks the parent directory).
|
2006-12-04 15:19:26 +00:00 |
|
Ilia Alshanetsky
|
5f3e233ea7
|
Disallow \0 chars inside session.save_path
|
2006-12-01 00:27:20 +00:00 |
|
Hannes Magnusson
|
050f94f746
|
MFH: Fix double "wron param count" messages
|
2006-11-03 14:46:48 +00:00 |
|
Ilia Alshanetsky
|
3f71251ffa
|
MFH: Fixed bug #39265 (Fixed path handling inside mod_files.sh).
|
2006-11-03 13:19:07 +00:00 |
|
Ilia Alshanetsky
|
b1d8f7e09d
|
Expose session storage module locater and serialization function via PHPAPI
|
2006-10-06 21:11:36 +00:00 |
|
Ilia Alshanetsky
|
154f70acf1
|
Fixed bug #38993 (Fixed safe_mode/open_basedir checks for
session.save_path, allowing them to account for extra parameters).
|
2006-10-01 20:58:02 +00:00 |
|
Hannes Magnusson
|
6affa7d3e9
|
Fix tests
|
2006-09-18 16:12:13 +00:00 |
|
Antony Dovgal
|
b6ced95187
|
change ini handlers to produce E_ERROR if they are called during startup
|
2006-08-30 16:24:40 +00:00 |
|
Antony Dovgal
|
f8fd45a735
|
MFH: change E_ERROR to E_WARNING when invalid argument has been passed
make sure ini_set() doesn't reset PS(mod) and PS(serializer) to invalid values
|
2006-08-30 15:43:10 +00:00 |
|
Antony Dovgal
|
a6088ffc5a
|
fix test
|
2006-08-11 10:35:22 +00:00 |
|
Ilia Alshanetsky
|
7dfae526c7
|
Fixed proto
|
2006-08-10 21:10:03 +00:00 |
|
Ilia Alshanetsky
|
e5fe441cbd
|
Added support for httpOnly flag for session extension and cookie setting
functions.
# Original patch by Scott MacVicar
|
2006-08-10 13:50:56 +00:00 |
|
Ilia Alshanetsky
|
d58b3869a7
|
Fixed bug #38377 (session_destroy() gives warning after
session_regenerate_id()).
|
2006-08-08 14:54:49 +00:00 |
|
Antony Dovgal
|
0c4ef446e2
|
MFH: fix #38289 (segfault in session_decode() when _SESSION is NULL)
|
2006-08-02 09:16:52 +00:00 |
|
Antony Dovgal
|
52e6ede06e
|
MFH: fix #38278 (session_cache_expire()'s value does not match phpinfo's session.cache_expire)
|
2006-08-01 08:32:07 +00:00 |
|
Ilia Alshanetsky
|
96324fb67f
|
An improved fix for bug #38224
|
2006-07-27 15:33:16 +00:00 |
|
Ilia Alshanetsky
|
bcc8854eaa
|
make C++ compilers happy
|
2006-07-27 14:13:30 +00:00 |
|
Ilia Alshanetsky
|
dcb4b314bf
|
removed debug code
|
2006-07-27 14:05:03 +00:00 |
|
Ilia Alshanetsky
|
e5a1182304
|
Fixed bug #38224 (session extension can't handle broken cookies).
|
2006-07-27 14:00:13 +00:00 |
|
Ilia Alshanetsky
|
1784db8087
|
Fixed compiler warnings.
|
2006-07-13 00:13:19 +00:00 |
|
Michael Wallner
|
33dbaff1ed
|
MFH: add note why replace is 0, so that I don't wonder again in 2 months
why session_regenerate_id() sends the session cookie twice
|
2006-07-12 15:28:44 +00:00 |
|
Dmitry Stogov
|
1dbaae2795
|
Added automatic module globals management
|
2006-06-15 18:33:09 +00:00 |
|
Marcus Boerger
|
aa0172a4da
|
- MFH Fix bug #37510 session_regenerate_id changes session_id() even on failure
|
2006-05-18 22:12:26 +00:00 |
|
Ilia Alshanetsky
|
101d925baa
|
Commit the actual fix
|
2006-04-18 00:31:45 +00:00 |
|
Ilia Alshanetsky
|
3022080d84
|
Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n).
|
2006-02-28 14:45:18 +00:00 |
|
Rasmus Lerdorf
|
6cc9f92d16
|
(Missing patch from the PHP 4 tree that got lost in the shuffle)
See: http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.39&r2=1.336.2.40
- fix logic. if the client already sent us the cookie, we don't
need to send it again. if the id has been changed, we need to
update the client side.
|
2006-02-10 07:39:13 +00:00 |
|
Frank M. Kromann
|
80cc4867e3
|
Export symbols that will allow building WDDX as shared object
|
2006-01-28 06:18:01 +00:00 |
|
Ilia Alshanetsky
|
3d80bd0cdf
|
Added a check for special characters in the session name.
|
2006-01-15 16:51:18 +00:00 |
|
foobar
|
5bd93221a8
|
bump year and license version
|
2006-01-01 12:51:34 +00:00 |
|
foobar
|
3e669bc950
|
MFH: nuke php3 legacy
|
2005-12-06 02:28:41 +00:00 |
|
foobar
|
b5017bd725
|
MFH: Improved the fix for #21306 a bit
|
2005-09-23 08:14:13 +00:00 |
|
foobar
|
de6b4c0091
|
MFH: - Fixed bug #21306 (catch bailouts of write handler during RSHUTDOWN)
|
2005-09-20 20:56:54 +00:00 |
|
Stanislav Malyshev
|
bcb70109d2
|
fix crash on restarting static PHP having session modules loaded
|
2005-09-20 14:03:29 +00:00 |
|
foobar
|
9477097564
|
MFH: Nuked EOLs from error messages
|
2005-08-18 13:34:41 +00:00 |
|
foobar
|
23e671a51e
|
- Bumber up year
|
2005-08-03 14:08:58 +00:00 |
|
Dmitry Stogov
|
319cbe1c5a
|
Fixed test file
|
2005-07-05 14:10:31 +00:00 |
|
foobar
|
73dd4043b3
|
Make sure files-save handler is used always
|
2005-07-04 13:09:14 +00:00 |
|