clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-26 20:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
35,100 Commits 494 Branches 1,367 Tags 881 MiB
46a6bd7f9d
Commit Graph

653 Commits

Author SHA1 Message Date
Nuno Lopes
66e555c66f die("skip this is for PHP < 4.2.3"); 2006-12-27 15:22:28 +00:00
Ilia Alshanetsky
ffd41a503f Session deserializer protection. 2006-12-26 16:53:47 +00:00
Antony Dovgal
7d2142a56e protect _SESSION, HTTP_SESSION_VARS and GLOBALS 
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
 2006-12-20 19:31:28 +00:00
Antony Dovgal
bcf457d828 MFH: fix retval type 2006-12-04 15:58:48 +00:00
Ilia Alshanetsky
35f78f221b Fixed bug #37627 (session save_path check checks the parent directory). 2006-12-04 15:19:26 +00:00
Ilia Alshanetsky
5f3e233ea7 Disallow \0 chars inside session.save_path 2006-12-01 00:27:20 +00:00
Hannes Magnusson
050f94f746 MFH: Fix double "wron param count" messages 2006-11-03 14:46:48 +00:00
Ilia Alshanetsky
3f71251ffa MFH: Fixed bug #39265 (Fixed path handling inside mod_files.sh). 2006-11-03 13:19:07 +00:00
Ilia Alshanetsky
b1d8f7e09d Expose session storage module locater and serialization function via PHPAPI 2006-10-06 21:11:36 +00:00
Ilia Alshanetsky
154f70acf1 Fixed bug #38993 (Fixed safe_mode/open_basedir checks for 
session.save_path, allowing them to account for extra parameters).
 2006-10-01 20:58:02 +00:00
Hannes Magnusson
6affa7d3e9 Fix tests 2006-09-18 16:12:13 +00:00
Antony Dovgal
b6ced95187 change ini handlers to produce E_ERROR if they are called during startup 2006-08-30 16:24:40 +00:00
Antony Dovgal
f8fd45a735 MFH: change E_ERROR to E_WARNING when invalid argument has been passed 
make sure ini_set() doesn't reset PS(mod) and PS(serializer) to invalid values
 2006-08-30 15:43:10 +00:00
Antony Dovgal
a6088ffc5a fix test 2006-08-11 10:35:22 +00:00
Ilia Alshanetsky
7dfae526c7 Fixed proto 2006-08-10 21:10:03 +00:00
Ilia Alshanetsky
e5fe441cbd Added support for httpOnly flag for session extension and cookie setting 
functions.

# Original patch by Scott MacVicar
 2006-08-10 13:50:56 +00:00
Ilia Alshanetsky
d58b3869a7 Fixed bug #38377 (session_destroy() gives warning after 
session_regenerate_id()).
 2006-08-08 14:54:49 +00:00
Antony Dovgal
0c4ef446e2 MFH: fix #38289 (segfault in session_decode() when _SESSION is NULL) 2006-08-02 09:16:52 +00:00
Antony Dovgal
52e6ede06e MFH: fix #38278 (session_cache_expire()'s value does not match phpinfo's session.cache_expire) 2006-08-01 08:32:07 +00:00
Ilia Alshanetsky
96324fb67f An improved fix for bug #38224 2006-07-27 15:33:16 +00:00
Ilia Alshanetsky
bcc8854eaa make C++ compilers happy 2006-07-27 14:13:30 +00:00
Ilia Alshanetsky
dcb4b314bf removed debug code 2006-07-27 14:05:03 +00:00
Ilia Alshanetsky
e5a1182304 Fixed bug #38224 (session extension can't handle broken cookies). 2006-07-27 14:00:13 +00:00
Ilia Alshanetsky
1784db8087 Fixed compiler warnings. 2006-07-13 00:13:19 +00:00
Michael Wallner
33dbaff1ed MFH: add note why replace is 0, so that I don't wonder again in 2 months 
why session_regenerate_id() sends the session cookie twice
 2006-07-12 15:28:44 +00:00
Dmitry Stogov
1dbaae2795 Added automatic module globals management 2006-06-15 18:33:09 +00:00
Marcus Boerger
aa0172a4da - MFH Fix bug #37510 session_regenerate_id changes session_id() even on failure 2006-05-18 22:12:26 +00:00
Ilia Alshanetsky
101d925baa Commit the actual fix 2006-04-18 00:31:45 +00:00
Ilia Alshanetsky
3022080d84 Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n). 2006-02-28 14:45:18 +00:00
Rasmus Lerdorf
6cc9f92d16 (Missing patch from the PHP 4 tree that got lost in the shuffle) 
See: http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.39&r2=1.336.2.40
- fix logic. if the client already sent us the cookie, we don't
  need to send it again.  if the id has been changed, we need to
  update the client side.
 2006-02-10 07:39:13 +00:00
Frank M. Kromann
80cc4867e3 Export symbols that will allow building WDDX as shared object 2006-01-28 06:18:01 +00:00
Ilia Alshanetsky
3d80bd0cdf Added a check for special characters in the session name. 2006-01-15 16:51:18 +00:00
foobar
5bd93221a8 bump year and license version 2006-01-01 12:51:34 +00:00
foobar
3e669bc950 MFH: nuke php3 legacy 2005-12-06 02:28:41 +00:00
foobar
b5017bd725 MFH: Improved the fix for #21306 a bit 2005-09-23 08:14:13 +00:00
foobar
de6b4c0091 MFH: - Fixed bug #21306 (catch bailouts of write handler during RSHUTDOWN) 2005-09-20 20:56:54 +00:00
Stanislav Malyshev
bcb70109d2 fix crash on restarting static PHP having session modules loaded 2005-09-20 14:03:29 +00:00
foobar
9477097564 MFH: Nuked EOLs from error messages 2005-08-18 13:34:41 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Dmitry Stogov
319cbe1c5a Fixed test file 2005-07-05 14:10:31 +00:00
foobar
73dd4043b3 Make sure files-save handler is used always 2005-07-04 13:09:14 +00:00
foobar
56c1b316da - Added session.hash_bits_per_character support. (3rd param) 
(Changes by: waltzer at autumnweave dot com)
 2005-06-20 13:37:32 +00:00
foobar
fd07bc5e6b nuke duplicate code 2005-06-03 22:09:22 +00:00
Antony Dovgal
29319a81b8 fix typo 
(see details here: http://news.php.net/php.internals/16350)
 2005-06-01 18:27:50 +00:00
foobar
a20383ba06 - Unify the "configure --help" texts 2005-05-29 23:17:16 +00:00
Ilia Alshanetsky
c24900dfa4 Added an optional remove old session parameter to session_regenerate_id(). 2005-05-29 16:51:25 +00:00
foobar
26d7b7fbc0 CS fix 2005-05-23 06:46:25 +00:00
Antony Dovgal
a186549ec0 fix compile warning 2005-05-22 12:57:26 +00:00
Rasmus Lerdorf
c1ef105535 Fixed bug 33072 - safemode/open_basedir check for runtime save_path change 2005-05-21 17:37:56 +00:00
Antony Dovgal
8f5ecf6da8 fix bug #32944 (Disabling session.use_cookies doesn't prevent reading session cookies) 2005-05-20 10:27:49 +00:00