foobar
3c9155e0cb
Renamed OnUpdateInt -> OnUpdateLong to prevent further misunderstandings.
...
# Intentionally left out any 'alias' for it, this way 3rd party extension
# maintainers will really NOTICE the change.
2003-03-07 05:15:28 +00:00
Zeev Suraski
4e55747a2b
Add JIT initialization for _SERVER and _ENV
...
(it's less important for the others, even though it should be fairly
easy now too)
2003-03-02 10:19:15 +00:00
Sascha Schumann
6f5b46c118
generally urlencode parameters
2003-02-20 06:18:16 +00:00
Sascha Schumann
4ec77cfbb5
Refactor new-session-id code
2003-02-18 19:29:38 +00:00
Sascha Schumann
2699c26f42
Remember whether to send a cookie, so that we send out the correct
...
session id. Also improve check for active session
2003-02-18 19:13:49 +00:00
Sascha Schumann
32e0c8161c
add session_regenerate_id()
2003-02-18 18:50:44 +00:00
Sascha Schumann
5e601732a3
use appropiate prefixes in the ps_module structure so we don't clash
...
with syscalls
2003-02-11 00:42:14 +00:00
Ilia Alshanetsky
242a9a47c7
Fix compiler warning.
2003-01-30 22:37:50 +00:00
Sascha Schumann
330740f7cd
Remove ugly netware hacks from the code
2003-01-24 23:57:32 +00:00
Ilia Alshanetsky
3d8e54f3a2
Changed php_error to php_error_docref.
2003-01-19 00:45:53 +00:00
Ilia Alshanetsky
72b356c1bc
Removed pointless memory allocation checks.
2003-01-18 19:28:10 +00:00
Sascha Schumann
db8b4c6762
Add INI setting session.hash_bits_per_character which enables developers
...
to choose how session ids are represented, regardless of the hash algorithm.
2003-01-16 07:21:49 +00:00
Sascha Schumann
f2f1f94e36
add INI setting session.hash_function
...
add support for creating session ids using SHA-1
source more entropy for session ids
2003-01-12 13:07:14 +00:00
Zeev Suraski
ada5c4009e
Fix UMR
2003-01-08 13:28:16 +00:00
Anantha Kesari H Y
90ba724072
Modified for NetWare.
2003-01-03 14:24:07 +00:00
Sebastian Bergmann
b506f5c8f8
Bump year.
2002-12-31 16:08:15 +00:00
Ilia Alshanetsky
c731daeda7
Fixed bug #21268 (session_decode() returned FALSE on success).
2002-12-29 18:50:55 +00:00
Marcus Boerger
3cf581b1b3
correct code that is guarded by "#if 0"
2002-12-05 20:41:55 +00:00
Marcus Boerger
dcfe988820
php_error -> php_error_docref
2002-12-05 20:13:35 +00:00
Sascha Schumann
a257d758a5
Add an error message to the ini handlers
2002-11-20 17:15:00 +00:00
Sascha Schumann
e9ed065afc
add protective checks to ini updates
...
Noticed by: Derick Rethans <d.rethans@jdimedia.nl>
PR: #20284
2002-11-20 16:06:29 +00:00
Sascha Schumann
e60c601bd1
improved warning message
...
# this should really link to an external page which explains the issue deeply
2002-10-24 10:40:48 +00:00
Sascha Schumann
2dde6fb594
Print out warning only, if a variable was actually migrated
2002-10-07 02:37:50 +00:00
Sebastian Bergmann
d7f9e8526f
Silence warning.
2002-10-06 21:47:54 +00:00
Ilia Alshanetsky
6b5575a101
Code cleanup. Thanks Andi.
2002-10-06 17:17:38 +00:00
Sascha Schumann
5fe046c4c3
session_decode should not segfault
2002-10-03 15:33:00 +00:00
Sascha Schumann
7e03310a6a
Don't emit warning, if there is nothing to send
2002-10-03 15:10:36 +00:00
Andi Gutmans
b276a96f4b
- Fix ZTS build
2002-10-03 07:23:50 +00:00
Sascha Schumann
13f5db1b67
Make the interpretation of gc_probability configurable by adding
...
session.gc_dividend. The probability of running gc on each request is then
gc_probability/gc_dividend.
2002-10-03 06:45:15 +00:00
Sascha Schumann
0ed434a13b
Use ZEND_SET_SYMBOL_WITH_LENGTH correctly (hopefully)
...
It strikes me as awkward that a Zend API user needs to take care of
doing the engine's reference counting.
This fixes a memory overrun in a testcase. All ZEND_SET_* calls
should be correct now.
2002-10-03 06:29:58 +00:00
Sascha Schumann
15b23945ad
(track_init) Use is_ref/refcount parameters of SET_SYMBOL macros
...
(save_current_state) Prevent a possible deadlock which occurs when
the track vars are inaccessible
2002-10-03 05:53:45 +00:00
Sascha Schumann
8a586103fc
Align behaviour with 4.2 with regard to register_globals=1
...
session_register("c");
unset($c);
$c = time();
If a user unsets a global session variable, it is not a reference
to a $_SESSION slot anymore.
During serialization, PHP 4.2 will not find the respective entry in
$_SESSION and fall back to the global sym table.
2002-10-03 04:53:05 +00:00
Sascha Schumann
b9077e5a9d
Nuke PS(vars), we keep the state of registered session variables now
...
completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes. We also don't need
to worry about prioritizing one of them.
Add session.bug_compat_42 and session.bug_compat_warn which are enabled
by default. The logic behind bug_compat_42:
IF bug_compat_42 is on, and
IF register_globals is off, and
IF any value of $_SESSION["key"] is NULL, and
IF there is a global variable $key, then
$_SESSION["key"] is set to $key.
The extension emits this warning once per script, unless told otherwise.
"Your script possibly relies on a session side-effect which existed until
PHP 4.2.3. Please be advised that the session extension does not consider
global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting
session.bug_compat_42 or session.bug_compat_warn.
2002-10-03 03:23:02 +00:00
Sascha Schumann
4ea4f294b6
Fix harmless memory leaks and simplify track_vars_init.
2002-10-02 21:51:32 +00:00
Sascha Schumann
856cd5e17a
The session extension ensures now that get_session_var can rely
...
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.
This was achieved by actually planting references between every
$_SESSION["x"] and $x, not only when restoring a session, but also
when registering a session variable (in a register_globals=1 context).
Upon registering a new variable, this memory leak continues to show
up, regardless of register_globals.
ext/session/session.c(272) : Freeing 0x0818F01C (12 bytes), script=test
Obviously, the newly allocated empty zval is not properly freed. If anyone
has any idea on how to fix that, please step forward.
2002-10-01 11:59:45 +00:00
foobar
5346391d16
ws fix
2002-09-29 19:28:12 +00:00
Ilia Alshanetsky
4c4d5a617b
Fixed a crash, which would occur when save_handler is invalid.
2002-09-29 18:33:14 +00:00
Ilia Alshanetsky
2af630f87d
Fixed bug #17281
2002-09-29 15:55:11 +00:00
Ilia Alshanetsky
1142e16075
Fixed bugs #16995 and #19392
2002-09-29 15:26:50 +00:00
Ilia Alshanetsky
57c91b571e
Fixed bug #11643
2002-09-26 18:12:27 +00:00
foobar
6b8480fab6
Fix bug: #14991 (changing session.use_trans_sid does not work in scripts)
2002-09-26 16:46:21 +00:00
Ilia Alshanetsky
7ae2196852
Fixed bugs #18167 & #16859
2002-09-25 13:26:03 +00:00
Sascha Schumann
ff12826fc1
(php_get_session_var) Always return FAILURE if no data source was found.
...
Noticed by: Sebastian Bergmann
2002-09-23 14:04:50 +00:00
Sascha Schumann
e20c6c8e9c
Because track vars are always initialized, get_session_var failed
...
to work in the register_globals=1 case.
It is now possible again to store session variables in global vars.
2002-09-21 05:46:32 +00:00
Dan Kalowsky
26986164b4
Correcting some english in the comment...
2002-08-15 19:32:08 +00:00
Yasuo Ohgaki
13a3dd7b77
Forgot to update source default.
2002-08-14 22:31:39 +00:00
foobar
29aae162e0
ws fix
2002-07-03 02:16:46 +00:00
foobar
087f2be56f
- Fixed bug: #17977 , session build as shared works now with mm handler too.
...
- Added listing of save handlers into phpinfo() output
2002-06-28 02:27:02 +00:00
Sascha Schumann
dcf67c4433
This option enables administrators to make their users invulnerable to
...
attacks which involve passing session ids in URLs.
2002-06-12 08:18:36 +00:00
Andrei Zmievski
1668570e4d
Changing email address.
2002-05-13 17:28:38 +00:00