clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
80,641 Commits 491 Branches 1,363 Tags 846 MiB
7c2489751c
Commit Graph

622 Commits

Author SHA1 Message Date
Sara Golemon
7c2489751c Followup fix to custom session save handlers 
2d9885c introduced some regressions.  This addresses those.

  * Don't throw return type notice or session write failure when in an exception
  * Fix tests to properly return true/false since null is no longer falsy/successy
  * Rerecord a few tests to accomodate difference in raised warnings
 2014-07-07 12:59:54 -07:00
Andrea Faulds
2b5d25d1fc Merge branch 'httponly-cookies' of https://github.com/mj/php-src 2014-06-12 10:03:14 +01:00
Martin Jansen
068bf645e1 Remove usage of pointless COOKIE_SET_COOKIE constant. 2014-05-18 10:45:31 +02:00
Martin Jansen
71ad601dee Fix typo 2014-05-06 22:08:52 +02:00
Martin Jansen
c5f9a231d5 Streamlining of cookie handling in ext/session and setcookie 
Up until now the session cookie used "HttpOnly" to indicate cookies
only available through HTTP while setcookie() used "httponly".  The
relevant RFC 6265 claims that case does not matter for this token,
but only explicitely mentions "HttpOnly".  Thus this seems like a
logical choice when streamlining the code.

Also the setcookie implementation now uses the same string constants
as the session extension for other tokens like Max-Age or the domain
attribute.

This change poses a slight risk of backwards incompatibility in places
where people deliberately ignore chapter 5.2.5 of RFC 6265 and perform
case-sensitive checks for the HttpOnly attribute.
 2014-05-06 22:00:59 +02:00
Yasuo Ohgaki
6f0ad9ea12 Revert "Implement Bug #54649 Create session_serializer_name()" 
This reverts commit 678ec30655.

Conflicts:
	ext/session/tests/session_serializer_name_basic.phpt
 2014-03-13 06:32:49 +09:00
Yasuo Ohgaki
7dec5789fe Revert "Implemented Request #11100 (session_gc() function)." 
This reverts commit 54a42f0d0c.

Conflicts:
	ext/session/tests/session_gc_basic.phpt
 2014-03-13 06:30:32 +09:00
Anatol Belski
ca27c86110 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix zts
 2014-01-22 12:05:06 +01:00
Anatol Belski
6d1d8ec330 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix zts
 2014-01-22 12:04:25 +01:00
Anatol Belski
34792280bc fix zts 2014-01-22 12:03:54 +01:00
Yasuo Ohgaki
3cc6c6c587 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed previous commit may delete unwanted cookies.
  Re-fixed bug #66469
 2014-01-22 19:23:17 +09:00
Yasuo Ohgaki
fa224b1c58 Fixed previous commit may delete unwanted cookies. 2014-01-22 19:23:01 +09:00
Yasuo Ohgaki
58f94345a7 Fixed previous commit may delete unwanted cookies. Sync tests from upper branches. 2014-01-22 19:21:25 +09:00
Yasuo Ohgaki
26a2bed185 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Re-fixed bug #66469
 2014-01-22 13:47:55 +09:00
Yasuo Ohgaki
383423a1ee Re-fixed bug #66469 2014-01-22 13:46:59 +09:00
Yasuo Ohgaki
a27e51fd4e Re-fixed bug #66469 2014-01-22 13:40:58 +09:00
Xinchen Hui
bfcdd67865 Merge branch 'PHP-5.5' into PHP-5.6 2014-01-16 14:42:04 +08:00
Xinchen Hui
9799816e0c Merge branch 'PHP-5.4' into PHP-5.5 2014-01-16 14:41:52 +08:00
Xinchen Hui
b777248ded Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null) 2014-01-16 14:41:12 +08:00
Xinchen Hui
271053ad47 Revert "Bug #66481 Segfaults on session_name()" 
This reverts commit 5662ffb295.
 2014-01-16 14:38:35 +08:00
Yasuo Ohgaki
518327f7e3 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #66481 Segfaults on session_name()
 2014-01-16 11:35:11 +09:00
Yasuo Ohgaki
744f38c2d6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Bug #66481 Segfaults on session_name()
 2014-01-16 11:34:31 +09:00
Conor McDermottroe
5662ffb295 Bug #66481 Segfaults on session_name() 
If the previous value of session.name was NULL then any call to
session_name($string) would result in a segmentation fault.

This changes the behaviour to set the value of session.name to
"PHPSESSID" if a blank value is given in php.ini or via -d on the
command line. There is already protection against setting it to NULL via
session_name() or ini_set().
 2014-01-16 11:33:10 +09:00
Yasuo Ohgaki
167eaedcbd Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1
 2014-01-15 11:07:10 +09:00
Yasuo Ohgaki
f52c251f60 Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1 2014-01-15 11:06:06 +09:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Dmitry Stogov
03a37de9b3 Improved empty string handling. Now ZE uses an interned string instead of allocation new empty string each time. (Some extensions might need to be fixed using str_efree() instead of efree() to support interned strings). 2013-12-26 14:47:13 +04:00
Christopher Jones
d9bfe06194 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Reduce compilation noise during normal compilation:     php-5.5/ext/session/session.c:836: warning: unused variable ‘struc’     php-5.5/ext/session/session.c:836: warning: unused variable ‘num_key’     php-5.5/ext/session/session.c:836: warning: unused variable ‘key_length’     php-5.5/ext/session/session.c:836: warning: unused variable ‘key’     php-5.5/ext/session/session.c:835: warning: unused variable ‘key_type’     php-5.5/ext/session/session.c:834: warning: unused variable ‘_ht’     php-5.5/ext/session/session.c:857: warning: unused variable ‘has_value’     php-5.5/ext/session/session.c:856: warning: unused variable ‘namelen’     php-5.5/ext/session/session.c:853: warning: unused variable ‘name’     php-5.5/ext/session/session.c:852: warning: unused variable ‘p’
 2013-08-21 10:35:07 -07:00
Christopher Jones
d85827fb7f Reduce compilation noise during normal compilation: 
php-5.5/ext/session/session.c:836: warning: unused variable ‘struc’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘num_key’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘key_length’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘key’
    php-5.5/ext/session/session.c:835: warning: unused variable ‘key_type’
    php-5.5/ext/session/session.c:834: warning: unused variable ‘_ht’
    php-5.5/ext/session/session.c:857: warning: unused variable ‘has_value’
    php-5.5/ext/session/session.c:856: warning: unused variable ‘namelen’
    php-5.5/ext/session/session.c:853: warning: unused variable ‘name’
    php-5.5/ext/session/session.c:852: warning: unused variable ‘p’

    php-5.5/ext/session/mod_user.c:191: warning: unused variable ‘ret’
 2013-08-21 10:34:09 -07:00
Yasuo Ohgaki
aaf95aa1b6 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Add php_serialize session.serialize_handler. This patch closes
 2013-08-21 11:06:11 +09:00
Yasuo Ohgaki
c51f77fe83 Add php_serialize session.serialize_handler. This patch closes 
Request #25630
  Request #43980
  Request #54383
  Bug #65359

and many others similar to these that are closed as "wont fix" or
"not a bug".

Current serializers have limitations due to register_globals support
that are no longer supported. Changing existing serializer may cause
compatibility issue. Therefore, new handler is needed to remove
needless limitations.

php_serialize does not have special characters and allow numerical
index in $_SESSION. $_SESSION can be used as ordinary array.
 2013-08-21 10:51:51 +09:00
Christopher Jones
3c166c4758 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/gmp/gmp.c
 2013-08-14 20:47:00 -07:00
Christopher Jones
39612afc72 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/dba/libinifile/inifile.c
 2013-08-14 20:43:25 -07:00
Christopher Jones
9ad97cd489 Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings. 2013-08-14 20:36:50 -07:00
Yasuo Ohgaki
0959475e11 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fixed possible buffer overflow under Windows. Note: Not a security fix.
 2013-08-11 06:44:01 +09:00
Yasuo Ohgaki
2df95b1354 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed possible buffer overflow under Windows. Note: Not a security fix.
 2013-08-11 06:43:37 +09:00
Yasuo Ohgaki
0ad81ac18a Fixed possible buffer overflow under Windows. Note: Not a security fix. 2013-08-11 06:43:01 +09:00
Yasuo Ohgaki
771b06f585 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime
 2013-08-10 18:30:05 +09:00
Yasuo Ohgaki
9d95a1a7d1 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime
 2013-08-10 18:29:29 +09:00
Yasuo Ohgaki
e9b128c1bf Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime 2013-08-10 18:29:13 +09:00
Yasuo Ohgaki
6941ce3583 Implemented Request #20421 (session_abort() and session_reset() function 2013-08-10 16:57:56 +09:00
Yasuo Ohgaki
54a42f0d0c Implemented Request #11100 (session_gc() function). 2013-08-10 15:20:24 +09:00
Yasuo Ohgaki
f2b5725115 Remove compile warning of commit 554021d21e 2013-08-10 14:35:30 +09:00
Yasuo Ohgaki
554021d21e Implemented Bug #17860 Suggestion: auto detect whether session changed 2013-08-10 13:56:32 +09:00
Yasuo Ohgaki
678ec30655 Implement Bug #54649 Create session_serializer_name() 2013-08-10 09:26:10 +09:00
Yasuo Ohgaki
b6b425d2cf Fixed Bug #65315 session.hash_function silently fallback to default md5 2013-08-09 18:05:24 +09:00
Stanislav Malyshev
b80d73ce15 fix crash, enable session_id and fix test 2013-08-04 17:43:20 -07:00
Yasuo Ohgaki
25e8fcc88f Strict session 2013-08-04 16:36:45 -07:00