clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 19:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
45,634 Commits 493 Branches 1,365 Tags 848 MiB
4fffbad733
Commit Graph

768 Commits

Author SHA1 Message Date
foobar
de6b4c0091 MFH: - Fixed bug #21306 (catch bailouts of write handler during RSHUTDOWN) 2005-09-20 20:56:54 +00:00
Stanislav Malyshev
bcb70109d2 fix crash on restarting static PHP having session modules loaded 2005-09-20 14:03:29 +00:00
foobar
9477097564 MFH: Nuked EOLs from error messages 2005-08-18 13:34:41 +00:00
foobar
23e671a51e - Bumber up year 2005-08-03 14:08:58 +00:00
Dmitry Stogov
319cbe1c5a Fixed test file 2005-07-05 14:10:31 +00:00
foobar
73dd4043b3 Make sure files-save handler is used always 2005-07-04 13:09:14 +00:00
foobar
56c1b316da - Added session.hash_bits_per_character support. (3rd param) 
(Changes by: waltzer at autumnweave dot com)
 2005-06-20 13:37:32 +00:00
foobar
fd07bc5e6b nuke duplicate code 2005-06-03 22:09:22 +00:00
Antony Dovgal
29319a81b8 fix typo 
(see details here: http://news.php.net/php.internals/16350)
 2005-06-01 18:27:50 +00:00
foobar
a20383ba06 - Unify the "configure --help" texts 2005-05-29 23:17:16 +00:00
Ilia Alshanetsky
c24900dfa4 Added an optional remove old session parameter to session_regenerate_id(). 2005-05-29 16:51:25 +00:00
foobar
26d7b7fbc0 CS fix 2005-05-23 06:46:25 +00:00
Antony Dovgal
a186549ec0 fix compile warning 2005-05-22 12:57:26 +00:00
Rasmus Lerdorf
c1ef105535 Fixed bug 33072 - safemode/open_basedir check for runtime save_path change 2005-05-21 17:37:56 +00:00
Antony Dovgal
8f5ecf6da8 fix bug #32944 (Disabling session.use_cookies doesn't prevent reading session cookies) 2005-05-20 10:27:49 +00:00
foobar
626253940e - Added PHP_INSTALL_HEADERS() macro 
- Fixed several VPATH build issues
- Changed all awk calls to use $AWK
- Changed all mkdir calls to use "$php_shtool mkdir"
 2005-05-07 02:51:53 +00:00
foobar
a119050ebb These tests require register_long_arrays=1 2005-03-31 19:47:19 +00:00
Antony Dovgal
76e07faf87 fix leak when register_long_arrays is off 2005-03-24 00:17:16 +00:00
foobar
3ca8ad73a4 - Missing $Id$ tags 2005-02-13 17:54:04 +00:00
foobar
7281cd8082 MFB_4_3: cvs diff -r1.84.2.5 -r1.84.2.6 php_session.h 2005-02-13 07:55:27 +00:00
Antony Dovgal
5b78e4c025 hm.. 
fix #28324 _properly_
 2005-02-10 20:22:07 +00:00
Antony Dovgal
94982058b6 fix bug #28324 (HTTP_SESSION_VARS appear when register_long_arrays is Off) 2005-02-10 19:38:11 +00:00
Stefan Esser
581265f4d1 Correctly initialize ZVAL 2005-01-21 16:03:47 +00:00
foobar
64e40c2271 - Make sure FD_CLOEXEC is always defined. 2005-01-18 15:44:33 +00:00
Antony Dovgal
37d3ea836e add skipif section 2005-01-09 18:22:12 +00:00
Antony Dovgal
68d73f8cf9 add test for bug #31454 2005-01-09 18:15:49 +00:00
Antony Dovgal
d7072f8a9d efree(name) 2005-01-09 17:49:51 +00:00
Antony Dovgal
c644b2a5a1 fix bug #31454 (session_set_save_handler crashes PHP when supplied non-existent object ref) 2005-01-09 17:42:02 +00:00
Antony Dovgal
ad76be844b CS changes (as suggested by Ilia) 2004-12-09 17:15:52 +00:00
Antony Dovgal
e76824c91f fix segfault in session_module_name() when session.save_handler is empty 2004-12-09 14:14:21 +00:00
Dmitry Stogov
a22fa4d109 Fixed crash in phpinfo() after graceful Apache restart. 2004-12-07 18:02:25 +00:00
Joe Orton
2685ca935f Update extensions to use /path/to/$PHP_LIBDIR rather than /path/to/lib 
to support multi-ABI platforms.
 2004-11-03 14:32:52 +00:00
Andi Gutmans
11bcaedfc8 - Rename delete_global_variable() to zend_delete_global_variable() 2004-10-04 20:17:06 +00:00
Andi Gutmans
db507dd153 - Commit the variable fetch optimization. 
- Extensions which delete global variables need to use new special function
- delete_global_variable() (I'm about to rename it) to remove them.
- Will post to internals@ or via commit messages if there's anything else.
 2004-10-04 19:54:35 +00:00
Anantha Kesari H Y
47e4f575c2 modified to 3rd argument of fcntl to FD_CLOEXEC 2004-10-04 08:52:53 +00:00
Anantha Kesari H Y
142e92bb70 NetWare specific stat structure access incorporated 2004-09-30 14:31:30 +00:00
Anantha Kesari H Y
ccbeace1ff handled NetWare F_SETFD and stat differences 2004-09-30 14:23:51 +00:00
Antony Dovgal
0ea23249da fix error message 2004-09-30 14:20:02 +00:00
Antony Dovgal
fcd702efe4 fix segfault when using unknown/unsupported save_handler and/or serialize_handler (bug #30282) 2004-09-30 12:19:59 +00:00
Ilia Alshanetsky
6784176b9c Fixed compiler warnings. 2004-09-14 23:57:53 +00:00
Ilia Alshanetsky
197d65770a Fixed bug #29925 (Added a check to prevent illegal characters in session 
key).
 2004-09-02 02:44:04 +00:00
Sascha Schumann
5890197024 fix empty_string issue 
Patch submitted by Antony Dovgal <tony2001@phpclub.net>
 2004-08-02 08:27:46 +00:00
Sascha Schumann
26cb5355e0 don't read empty files 
0 malloc noticed by Antony Dovgal <tony2001@phpclub.net>
 2004-08-02 08:27:24 +00:00
Andi Gutmans
56f8195fe5 - Nuke empty_string. It is a reminanent from the time where RETURN_FALSE() 
used to return "" and not bool(false). It's not worth keeping it because
  STR_FREE() and zval_dtor() always have to check for it and it slows down
  the general case. In addition, it seems that empty_string has been abused
  quite a lot, and was used not only for setting zval's but generally in
  PHP code instead of "", which wasn't the intention. Last but not least,
  nuking empty_string should improve stability as I doubt every place
  correctly checked if they are not mistakenly erealloc()'ing it or
  calling efree() on it.
  NOTE: Some code is probably broken. Each extension maintainer should
  check and see that my changes are OK. Also, I haven't had time to touch
  PECL yet. Will try and do it tomorrow.
 2004-07-19 07:19:50 +00:00
Andi Gutmans
e5cfb1d05c - Better stability during premature shutdown of request startup 2004-07-10 07:46:17 +00:00
Ilia Alshanetsky
690ca62dd3 Do not use alloca() where it can be abused through user input. 2004-06-30 01:12:06 +00:00
Ilia Alshanetsky
df71910d0e Better skip condition check for session tests. 2004-05-27 20:53:26 +00:00
Marcus Boerger
29cfd6d24f - Remove unused blocks 2004-05-19 08:56:50 +00:00
Ilia Alshanetsky
f7f966f96f Skip session tests if session.save_path is not writable. 2004-05-13 12:53:47 +00:00
Sara Golemon
96132bf4fe if statement logic would never eval to false. 2004-05-08 05:58:18 +00:00
Ilia Alshanetsky
dda0dd4825 Fixed test failure if session.use_trans_sid is enabled. 2004-04-15 13:37:50 +00:00
Ilia Alshanetsky
793140873b Another setting leak in session code (bug #27963). 2004-04-13 18:18:22 +00:00
Ilia Alshanetsky
254c8d6ce9 Fixed bug #27963 (Session lifetime setting may leak between requests). 2004-04-13 00:39:05 +00:00
Wez Furlong
32be6f268b Fix for Bug #26757: session.save_path defaults to bogus value on win32 
Merge from branch with one main difference: the default save_path is
set to the empty string on all platforms, whereas the code in the
branch only does so for win32.
 2004-03-29 21:44:07 +00:00
Hartmut Holzgraefe
cc0894b788 more visa to sibira ;) 2004-03-24 18:43:23 +00:00
Moriyoshi Koizumi
75f83f7bb4 - Fix segfaults on deserialisation of referenced variables. 
# ALLOC_INIT_ZVAL() initialises the type field to IS_NULL, while
# MAKE_STD_ZVAL() doesn't. This caused a kind of random crash
# when zval_ptr_dtor() was applied on an intact zval created by
# the latter method.
#
# Please check relevant bugs again. There should be some that
# have already been marked as bogus.
 2004-02-29 00:26:36 +00:00
foobar
ac92c47b84 Fix bug #26005 (Random "cannot change the session ini settings" errors) 2004-02-24 08:47:35 +00:00
foobar
4441da2754 Improve error messages 2004-02-19 01:54:21 +00:00
Zeev Suraski
7c710a9f9b Use zval_ptr_dtor() to free variables as soon as they hit refcount of 0. 
Note:  You should not be using ZVAL_DELREF() in day to day usage.  Instead,
       you should use zval_ptr_dtor().  Use ZVAL_DELREF() only if you're
       messing with the refcount directly and know what you're doing.
Note #2:  For clarity, if you want to initialize a new zval with a refcount
          of 0, it's best to do that directly, instead of using ZVAL_DELREF
          after allocating the zval...
 2004-02-15 12:58:19 +00:00
Ilia Alshanetsky
0fc2bb9d49 Fixed bug #26862 (ob_flush() followed by output_reset_rewrite_vars() may 
result in data loss).
 2004-02-11 17:00:48 +00:00
Stanislav Malyshev
8487383ede fix test - remove warning 2004-02-05 09:03:37 +00:00
foobar
6a1d0114a7 Silence some compile warnings 2004-01-23 03:28:59 +00:00
Wez Furlong
6ac364048b export tsrm id for session globals. 2004-01-09 15:30:07 +00:00
foobar
ccfc46b0aa - Happy new year and PHP 5 for rest of the files too.. 
# Should the LICENSE and Zend/LICENSE dates be updated too?
 2004-01-08 17:33:29 +00:00
Andi Gutmans
dbeb4158d2 - A belated happy holidays and PHP 5 2004-01-08 08:18:22 +00:00
Marcus Boerger
45277ec5d7 Preserve casing 2003-12-22 23:17:17 +00:00
Dmitry Stogov
fca9c0c669 Incorrect test file was fixed. (Use pattern insted of absolute filename) 2003-12-16 11:19:20 +00:00
Ilia Alshanetsky
5264d34578 Update test to reflect new functionality. 2003-12-14 23:27:32 +00:00
Ilia Alshanetsky
d3639b1aa7 Fixed bug #24693 (Allow session.use_trans_sid to be enabled/disabled from 
inside the script).
 2003-12-14 23:24:50 +00:00
Derick Rethans
71f9227cc5 - Fixed bug #26548 (Malformed HTTP dates in headers). 2003-12-07 14:29:43 +00:00
Wez Furlong
98f1021dd8 Make these tests work under win32 2003-12-05 13:42:04 +00:00
Wez Furlong
05b9b20ed8 Add new (optional!) win32 build infrastructure. 
Will follow up to internals@ shortly.
 2003-12-02 23:17:04 +00:00
Wez Furlong
30b631d9f6 Export this so that shared session modules can use it under win32. 2003-12-02 23:14:31 +00:00
Marcus Boerger
c3fddcab62 Fix tests for E_STRICT and check for E_STRICT in run-tests.php. 2003-11-30 13:57:20 +00:00
foobar
e85a4cdbd2 - Fixed bug #25780 (ext/session: invalid session.cookie_lifetime causes crash in win32). 2003-10-08 10:22:51 +00:00
foobar
dc080a5db6 - Always look into /usr/local before /usr 
- Added breaks to make sure the preferred value is used.
 2003-10-01 02:53:23 +00:00
Ilia Alshanetsky
526a3d9ce2 Always prefer user specified paths over the default /usr /usr/local. 
This may fix compilation problems with on systems with multiple copies of
the same library.
 2003-09-30 22:36:43 +00:00
foobar
72de75c99a This is only needed for Windows. 2003-09-25 14:53:41 +00:00
Ilia Alshanetsky
569bd005d2 Fixed bug #25070 (Don't forget to unlock session files on win32 before 
closing them).

Regions should be locked only briefly and should be unlocked before
closing a file or exiting the program. On Win32 locked files that are
closed without being explicitly unlocked will be unlocked only when "system
resources become avaliable".
 2003-09-24 23:39:14 +00:00
Sascha Schumann
394d3b82b0 Alias session_commit to session_write_close, a more intuitive name 
for the functionality.
 2003-09-21 11:53:12 +00:00
Sascha Schumann
a3c89a2e8f Fix a segfault which occured when using a storage format not capable 
of expressing references (e.g. WDDX) and deserializing a session variable
whose name conflicted with an existing symbol in the global scope.

PR: #25307
Submitted by: Jani Taskinen
Speling fixes: me
 2003-08-29 12:33:47 +00:00
Andrey Hristov
20383f9080 \n at the end of the message is not needed 2003-08-28 20:43:18 +00:00
Sascha Schumann
237da469d7 format string fix 2003-08-28 17:34:33 +00:00
foobar
625600af30 - Prevent crash if non-existing save/serializer handler is tried to be used 
- Added the registered serializers information to MINFO.
 2003-08-26 02:03:41 +00:00
Ilia Alshanetsky
b9b75991e3 Fixed bug #25084 (Make refer check not dependant on register_globals) 2003-08-14 01:30:06 +00:00
Ilia Alshanetsky
5eb23bf01e Added missing skip condition 2003-08-14 00:54:28 +00:00
Ilia Alshanetsky
93bcd55eaf emalloc -> safe_emalloc 2003-08-12 00:58:52 +00:00
Ilia Alshanetsky
22c3346967 Fixed bug #22245 (References inside $_SESSION not being handled). 2003-08-11 19:20:44 +00:00
Sascha Schumann
5978734f30 MFB proper fix for #24592 2003-07-22 01:11:07 +00:00
Ilia Alshanetsky
f9a8fc0c09 Fixed bug #24592 (Possible crash in session extnsion, with NULL values) 2003-07-21 21:47:52 +00:00
Sterling Hughes
7da8fbd7ef fix this test when using a save_handler other than files... 2003-07-02 04:34:18 +00:00
Sascha Schumann
f25ff93cc6 MFB 2003-06-13 09:19:52 +00:00
foobar
9706fcd17f Fix the test. (second session init call produces a notice) 2003-06-13 09:15:56 +00:00
James Cox
f68c7ff249 updating license information in the headers. 2003-06-10 20:04:29 +00:00
Sascha Schumann
3c58f69fc4 Print NOTICE upon session_start being called while another session is 
active
 2003-06-10 03:56:23 +00:00
Marcus Boerger
d1c19eb5a1 Fix tests 2003-05-31 13:10:00 +00:00
foobar
bfe9e39673 MFB: fix proto 2003-05-31 02:33:55 +00:00
foobar
ed1378a975 MFB: Always send a new session cookie upon regenerating id 2003-05-31 02:33:21 +00:00
Sascha Schumann
289ad3960e Fix the way we create references to (sometimes non-)existing 
variables.

Credits go to Rob Richards <rrichards@digarc.com> and Zeev
 2003-05-15 13:33:18 +00:00
Sascha Schumann
ed68ca44ec Fix types of bug_compat entries 
PR: #21312
Submitted by: Rob Richards <rrichards@ctindustries.net>
 2003-05-10 16:49:21 +00:00
Stanislav Malyshev
cddface7f1 fix TSRM 2003-04-27 16:18:43 +00:00
Stanislav Malyshev
cad71d8c92 MFB 4_3: 
Fix very nasty bug - session cookie kills one of the cookies
set before it on certain non-Apache SAPIs.
# for example, this code:
# <?
# setcookie("abc", 1);
# setcookie("def", 2);
# session_start();
# ?>
# would output only 'def' cookie on CGI and ISAPI
 2003-04-27 16:04:53 +00:00
Sascha Schumann
4226fe67d1 dividend -> divisor 
Submitted by: Jesus M. Castagnetto <jmcastagnetto@yahoo.com>
 2003-04-05 11:22:15 +00:00
Sebastian Bergmann
5ca078779a Eliminate some TSRMLS_FETCH() calls. Tested with Win32 build of SAPI/CGI and SAPI/CLI on Win32. 2003-03-25 08:07:13 +00:00
foobar
3c9155e0cb Renamed OnUpdateInt -> OnUpdateLong to prevent further misunderstandings. 
# Intentionally left out any 'alias' for it, this way 3rd party extension
# maintainers will really NOTICE the change.
 2003-03-07 05:15:28 +00:00
Zeev Suraski
4e55747a2b Add JIT initialization for _SERVER and _ENV 
(it's less important for the others, even though it should be fairly
easy now too)
 2003-03-02 10:19:15 +00:00
Sascha Schumann
6f5b46c118 generally urlencode parameters 2003-02-20 06:18:16 +00:00
Sascha Schumann
4ec77cfbb5 Refactor new-session-id code 2003-02-18 19:29:38 +00:00
Sascha Schumann
2699c26f42 Remember whether to send a cookie, so that we send out the correct 
session id.  Also improve check for active session
 2003-02-18 19:13:49 +00:00
Sascha Schumann
32e0c8161c add session_regenerate_id() 2003-02-18 18:50:44 +00:00
Sascha Schumann
a10f0830e6 support setting the filemode using session.save_path 2003-02-11 00:42:54 +00:00
Sascha Schumann
5e601732a3 use appropiate prefixes in the ps_module structure so we don't clash 
with syscalls
 2003-02-11 00:42:14 +00:00
Ilia Alshanetsky
242a9a47c7 Fix compiler warning. 2003-01-30 22:37:50 +00:00
Sascha Schumann
330740f7cd Remove ugly netware hacks from the code 2003-01-24 23:57:32 +00:00
Ilia Alshanetsky
3d8e54f3a2 Changed php_error to php_error_docref. 2003-01-19 00:45:53 +00:00
Ilia Alshanetsky
72b356c1bc Removed pointless memory allocation checks. 2003-01-18 19:28:10 +00:00
Sascha Schumann
db8b4c6762 Add INI setting session.hash_bits_per_character which enables developers 
to choose how session ids are represented, regardless of the hash algorithm.
 2003-01-16 07:21:49 +00:00
Sascha Schumann
f2f1f94e36 add INI setting session.hash_function 
add support for creating session ids using SHA-1
source more entropy for session ids
 2003-01-12 13:07:14 +00:00
Sascha Schumann
0b8401bf27 handle ERANGE from strtol properly 2003-01-12 13:05:32 +00:00
Zeev Suraski
ada5c4009e Fix UMR 2003-01-08 13:28:16 +00:00
Anantha Kesari H Y
90ba724072 Modified for NetWare. 2003-01-03 14:24:07 +00:00
Sebastian Bergmann
b506f5c8f8 Bump year. 2002-12-31 16:08:15 +00:00
Ilia Alshanetsky
c731daeda7 Fixed bug #21268 (session_decode() returned FALSE on success). 2002-12-29 18:50:55 +00:00
Marcus Boerger
3cf581b1b3 correct code that is guarded by "#if 0" 2002-12-05 20:41:55 +00:00
Marcus Boerger
9a04528061 fix ZTS build 2002-12-05 20:39:43 +00:00
Marcus Boerger
dcfe988820 php_error -> php_error_docref 2002-12-05 20:13:35 +00:00
Ilia Alshanetsky
9497ba9d49 MFH (test failure if session.serialize_handler is not set to php). 2002-11-25 23:20:05 +00:00
Sascha Schumann
a257d758a5 Add an error message to the ini handlers 2002-11-20 17:15:00 +00:00
Sascha Schumann
e9ed065afc add protective checks to ini updates 
Noticed by: Derick Rethans <d.rethans@jdimedia.nl>
PR: #20284
 2002-11-20 16:06:29 +00:00
John Coggeshall
6ac365896c Modified the experimental new test class to make it easier to port to the 
web. Pushed all echo statements through a function that can be
overwritten, changed the way pass/skip/fail is handled (separate function)
that of course can also be overwritten. To begin testing of a web-based
test script also created a webHarness class which will output HTML. To
use, just $a = new webHarness(); instead of $a = new testHarness(); A few
modifications still must be made to remove the CLI reliance completely.

Also modified a test script description.
 2002-11-01 00:22:02 +00:00
Marcus Boerger
62667ee6a6 -Only accept one single message which is expected. 
-Move error related settings to --INI-- section
#Now see we can do it correct
 2002-10-29 14:03:37 +00:00
Marcus Boerger
b9eda54711 This test requires special settings 
#wait/read next commit on run-test.php
 2002-10-27 23:56:08 +00:00
Ilia Alshanetsky
c88e0fd5de Fixed a bug in the test that would cause it to always fail. 2002-10-25 17:52:32 +00:00
Marcus Boerger
86465058a4 one version for php<4.2.3 and one for php>=4.2.3 2002-10-24 18:18:44 +00:00
Sascha Schumann
e60c601bd1 improved warning message 
# this should really link to an external page which explains the issue deeply
 2002-10-24 10:40:48 +00:00
Derick Rethans
bfc3250187 - Hardcode dependent ini setting 2002-10-13 11:14:49 +00:00
Derick Rethans
db89afc45b - Hardcode setting which affects the test 2002-10-12 17:12:43 +00:00
Derick Rethans
4a54968c71 - hardcode default rewriting tags 2002-10-08 18:30:38 +00:00
Sascha Schumann
8ca10fb5e8 Call ob_flush to force the buffer contents to go through the rewriter. 2002-10-07 10:07:27 +00:00
Sascha Schumann
2dde6fb594 Print out warning only, if a variable was actually migrated 2002-10-07 02:37:50 +00:00
Sebastian Bergmann
d7f9e8526f Silence warning. 2002-10-06 21:47:54 +00:00
Ilia Alshanetsky
6b5575a101 Code cleanup. Thanks Andi. 2002-10-06 17:17:38 +00:00
Sascha Schumann
fb84b3e1d0 remove trans_sid=1 2002-10-03 23:13:36 +00:00
Sascha Schumann
5db24fbb7b 20: rewriter uses arg_seperator.output for modifying URLs 
21: rewriter handles <form> and <fieldset> correctly
 2002-10-03 23:12:16 +00:00
Sascha Schumann
47cc29c9d1 19: serializing references test case using globals 
18: rewriter correctly handles attribute names which contain dashes
 2002-10-03 22:54:15 +00:00
Sascha Schumann
eab0f5965f code from ancient bug #5271 
setting $_SESSION before session_start() should not cause segfault
 2002-10-03 16:55:08 +00:00
Sascha Schumann
3998374a0d invalid session.save_path should not cause a segfault 2002-10-03 16:49:52 +00:00
Sascha Schumann
61e47a342e use_trans_sid should not affect SID 2002-10-03 16:43:44 +00:00
Sascha Schumann
8882b28e60 editing 2002-10-03 16:14:55 +00:00
Sascha Schumann
d661fa4b46 A script should not be able to modify session.use_trans_sid 2002-10-03 15:58:10 +00:00
Sascha Schumann
bb4f911035 There should not be any warning with regard to redefining SID 2002-10-03 15:52:36 +00:00
Sascha Schumann
dba3e4c7ad Registering _SESSION should not segfault. 2002-10-03 15:48:18 +00:00
Sascha Schumann
d4e1ac6c26 Mini test cases for fixed segfaults 2002-10-03 15:39:29 +00:00
Sascha Schumann
5fe046c4c3 session_decode should not segfault 2002-10-03 15:33:00 +00:00
Sascha Schumann
e24247e632 Remove ob_start() 2002-10-03 15:19:55 +00:00
Sascha Schumann
16f54aaca8 Add test for unset($_SESSION["x"]); behaviour 2002-10-03 15:19:43 +00:00
Sascha Schumann
c4adf94fbd make tests work with CLI 2002-10-03 15:11:01 +00:00
Sascha Schumann
7e03310a6a Don't emit warning, if there is nothing to send 2002-10-03 15:10:36 +00:00
Sascha Schumann
114c544b9b Purge ini_set calls and replace through INI sections. 2002-10-03 08:07:21 +00:00
Andi Gutmans
b276a96f4b - Fix ZTS build 2002-10-03 07:23:50 +00:00
Sascha Schumann
13f5db1b67 Make the interpretation of gc_probability configurable by adding 
session.gc_dividend. The probability of running gc on each request is then
gc_probability/gc_dividend.
 2002-10-03 06:45:15 +00:00
Sascha Schumann
be319c721a Reenable E_WARNING and test session.bug_compat_warn in addition. 2002-10-03 06:41:25 +00:00
Sascha Schumann
afb1458910 session_destroy resets the sid, so we need to set it again here 2002-10-03 06:33:19 +00:00
Sascha Schumann
356ea7ffbd Verify PHP 4.2 compatibility: global is used albeit register_globals=0 2002-10-03 06:32:45 +00:00
Sascha Schumann
0ed434a13b Use ZEND_SET_SYMBOL_WITH_LENGTH correctly (hopefully) 
It strikes me as awkward that a Zend API user needs to take care of
doing the engine's reference counting.

This fixes a memory overrun in a testcase.  All ZEND_SET_* calls
should be correct now.
 2002-10-03 06:29:58 +00:00
Sascha Schumann
15b23945ad (track_init) Use is_ref/refcount parameters of SET_SYMBOL macros 
(save_current_state) Prevent a possible deadlock which occurs when
the track vars are inaccessible
 2002-10-03 05:53:45 +00:00
Sascha Schumann
d4ef4079de Verify PHP 4.2 compatibility: unset($c) with enabled register_globals 2002-10-03 05:06:01 +00:00
Sascha Schumann
8a586103fc Align behaviour with 4.2 with regard to register_globals=1 
session_register("c");
unset($c);
$c = time();

If a user unsets a global session variable, it is not a reference
to a $_SESSION slot anymore.

During serialization, PHP 4.2 will not find the respective entry in
$_SESSION and fall back to the global sym table.
 2002-10-03 04:53:05 +00:00
Sascha Schumann
b9077e5a9d Nuke PS(vars), we keep the state of registered session variables now 
completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes. We also don't need
to worry about prioritizing one of them.

Add session.bug_compat_42 and session.bug_compat_warn which are enabled
by default. The logic behind bug_compat_42:

IF bug_compat_42 is on, and
IF register_globals is off, and
IF any value of $_SESSION["key"] is NULL, and
IF there is a global variable $key, then
$_SESSION["key"] is set to $key.

The extension emits this warning once per script, unless told otherwise.

"Your script possibly relies on a session side-effect which existed until
PHP 4.2.3. Please be advised that the session extension does not consider
global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting
session.bug_compat_42 or session.bug_compat_warn.
 2002-10-03 03:23:02 +00:00
Sascha Schumann
4ea4f294b6 Fix harmless memory leaks and simplify track_vars_init. 2002-10-02 21:51:32 +00:00
Sascha Schumann
e1dd35bddb The pread/pwrite macros check for a bug in the Linux glibc now. 
The bug causes the kernel not to return -1/EAGAIN. The new test case
has been borrowed from the Linux Test Project.

This also fixes a bug which apparently caused HAVE_PREAD/WRITE to be
defined even if the more complex checks failed (ac_cv_func_NAME=no
was set albeit with no difference).
 2002-10-02 06:05:16 +00:00
Sascha Schumann
8b78c78973 Disable pread/pwrite for now until we can clarify why it should be 
impossible to write a check for a broken OS feature.
 2002-10-01 19:19:10 +00:00
Sascha Schumann
856cd5e17a The session extension ensures now that get_session_var can rely 
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.

This was achieved by actually planting references between every
$_SESSION["x"] and $x, not only when restoring a session, but also
when registering a session variable (in a register_globals=1 context).

Upon registering a new variable, this memory leak continues to show
up, regardless of register_globals.

ext/session/session.c(272) :  Freeing 0x0818F01C (12 bytes), script=test

Obviously, the newly allocated empty zval is not properly freed.  If anyone
has any idea on how to fix that, please step forward.
 2002-10-01 11:59:45 +00:00
Wez Furlong
7bcc97c82e Add header file required for pread/pwrite (on my system at least). 2002-09-30 10:18:57 +00:00
foobar
5346391d16 ws fix 2002-09-29 19:28:12 +00:00
Ilia Alshanetsky
4c4d5a617b Fixed a crash, which would occur when save_handler is invalid. 2002-09-29 18:33:14 +00:00
Ilia Alshanetsky
2af630f87d Fixed bug #17281 2002-09-29 15:55:11 +00:00
Ilia Alshanetsky
1142e16075 Fixed bugs #16995 and #19392 2002-09-29 15:26:50 +00:00
Ilia Alshanetsky
57c91b571e Fixed bug #11643 2002-09-26 18:12:27 +00:00
foobar
6b8480fab6 Fix bug: #14991 (changing session.use_trans_sid does not work in scripts) 2002-09-26 16:46:21 +00:00
Ilia Alshanetsky
7ae2196852 Fixed bugs #18167 & #16859 2002-09-25 13:26:03 +00:00
Sascha Schumann
03c07308d3 Improve error messages 2002-09-25 12:38:45 +00:00
Sascha Schumann
ff12826fc1 (php_get_session_var) Always return FAILURE if no data source was found. 
Noticed by: Sebastian Bergmann
 2002-09-23 14:04:50 +00:00
Sascha Schumann
e20c6c8e9c Because track vars are always initialized, get_session_var failed 
to work in the register_globals=1 case.

It is now possible again to store session variables in global vars.
 2002-09-21 05:46:32 +00:00
Sascha Schumann
702d7afc3c Reenable pwrite/pread support 
The old checks supposed that pread/pwrite worked, if a declaration was
found in <unistd.h>.  We now actually check whether they work successfully
before using them.
 2002-09-06 10:27:26 +00:00
foobar
3bf7519210 @- Added --disable-all configure option. (Jani) 2002-09-04 18:47:28 +00:00
Dan Kalowsky
e5324723d0 sniper claims its safe to take these out as well. 2002-09-04 13:52:41 +00:00
Dan Kalowsky
65df9d5127 taking out the PWRITE calls too 2002-09-04 13:51:08 +00:00
Dan Kalowsky
31fe6a549f This fixes Bug #19022 and #15983 2002-09-04 13:42:59 +00:00
Zeev Suraski
3b646f0e5d Use mtime instead of atime, as we always update the session file anyway. 2002-08-17 20:32:26 +00:00
Zeev Suraski
900651b7ab Make unset($_SESSION['foo']) actually remove the variable from the session, 
if register_globals is off.
 2002-08-15 21:44:44 +00:00
Dan Kalowsky
26986164b4 Correcting some english in the comment... 2002-08-15 19:32:08 +00:00
Yasuo Ohgaki
13a3dd7b77 Forgot to update source default. 2002-08-14 22:31:39 +00:00
foobar
29aae162e0 ws fix 2002-07-03 02:16:46 +00:00
foobar
087f2be56f - Fixed bug: #17977, session build as shared works now with mm handler too. 
- Added listing of save handlers into phpinfo() output
 2002-06-28 02:27:02 +00:00
Sascha Schumann
dcf67c4433 This option enables administrators to make their users invulnerable to 
attacks which involve passing session ids in URLs.
 2002-06-12 08:18:36 +00:00
Markus Fischer
39f16dbc65 - Tell the user why his session doesn't work if he uses custom session_id()s. 2002-05-30 11:41:37 +00:00
Andrei Zmievski
1668570e4d Changing email address. 2002-05-13 17:28:38 +00:00
Sascha Schumann
38ad391894 - Fix the way code was outcommented 
- Remove unused STR_CAT macro
- Remove limits/tests based on unused macro
- Implement cache_limiter(private) using private_no_expire
 2002-05-12 12:51:42 +00:00
Sander Roobol
375d7960a7 Revert Preston's patch 2002-05-09 20:02:47 +00:00