completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes. We also don't need
to worry about prioritizing one of them.
Add session.bug_compat_42 and session.bug_compat_warn which are enabled
by default. The logic behind bug_compat_42:
IF bug_compat_42 is on, and
IF register_globals is off, and
IF any value of $_SESSION["key"] is NULL, and
IF there is a global variable $key, then
$_SESSION["key"] is set to $key.
The extension emits this warning once per script, unless told otherwise.
"Your script possibly relies on a session side-effect which existed until
PHP 4.2.3. Please be advised that the session extension does not consider
global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting
session.bug_compat_42 or session.bug_compat_warn.
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.
This was achieved by actually planting references between every
$_SESSION["x"] and $x, not only when restoring a session, but also
when registering a session variable (in a register_globals=1 context).
Upon registering a new variable, this memory leak continues to show
up, regardless of register_globals.
ext/session/session.c(272) : Freeing 0x0818F01C (12 bytes), script=test
Obviously, the newly allocated empty zval is not properly freed. If anyone
has any idea on how to fix that, please step forward.
Default directory for session data (if not specified) is same (platform-specific) directory used for temporary files.
This is backwards compatible and removes the need for explicitly specifying the session.save_path on Win32.
are simply appended instead of traversing the hash table on each
URL/form.
also fix an unconditional segfault in rshutdown due to efree'ing
a static char *.
remove remove_var, add reset_vars. move the function declarations
into the right header file.
@ and remove variables from the URL-Rewriter. (thies)
i have also modified the session module to use this - so it doesn't
need to fiddle with the output-system any more
of the session ID string. Default PS_MOD() macro sets this to be the default
creation routine. PS_MOD_SID() macro sets this to a handlers session ID
creation routine.
was contained in get/post variables" (which I still am not convinced
of completely), we need a separate variable which determines whether
to define SID in the event that a cookie was not sent.
Noticed by: Matt Allen
I don't have time right now to leave in the good ones and remove
only the bad ones.
There are some semantical changes which I reject, because
they aim at fixing a bug which is at a completely other location.
Then SID does not gefined anymore properly. (This broken patch
has not been sent to me at all.)
Also, there were *so* many whitespace changes which already
make these commits bogus.
(DO NOT document this function yet)
Fixed crash bug with ob_end_*() function. ob_end_*() will not delete
buffers that may not be deleted.
php_start_ob_buffer() and php_ob_set_internal_handler() takes parameter for
if the buffer created may be deleted or not.
Added 3rd parameter "bool erase" to ob_start(). If FALSE, buffer may not be
deleted until script finshes.
Changed ob_*() function that have void return type to bool. All ob_*()
functions return TRUE for success, FALSE for failure.
@ - Added ob_get_status() to get array of buffers and it's status. (Yasuo)
@ - Fixed crash bug with ob_end_*() function. ob_end_*() will not delete
@ buffers that may not be deleted. (Yasuo)
@ - Added 3rd parameter "bool erase" to ob_start(). If FALSE, buffer may not be
@ deleted until script finshes. (Yasuo)
@ - Changed ob_*() function that have void return type to bool. All ob_*()
@ functions return TRUE for success, FALSE for failure. (Yasuo)
@ to off. (Thies)
guys, shoot me if i'm wrong, but when we have set register_globals to off we
should _not_ touch any global variables at any time, right? so all session
register/unregister should only work on $HTTP_SESSION_VARS and $_SESSION. this
patch fixes at least one spot where we were touching globals even with
register_globals set to off.
would be shared among the threads which is quite pointless. Also
use a function of the current time as one factor.
Use gettimeofday() instead of time(), because it is faster on some
operating systems.
Advantages:
- Would work with the output buffering mechanism in general, and with
output compression in particular
- Should yield better performance (untested as of yet)
take any args. In some cases we probably want to skip the check for
performance reasons, but in other cases where performance is unlikely
to be a factor, not throwing a warning on the wrong number of args passed
to a function is at best inconsistent, and at worst it could hide a bug.
So, add a few such checks. There are still lots of cases out there.
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
and handle some corner cases better. The scanner has been changed
to the format as proposed in "RE2C - A More Versatile Scanner Generator"
by Cowan et al.
- regression test checked (this time;-)
- added new regression test for references
- references _between_ session variables also work in when the session var
replaces an already existing global var (this was a brain twister)
- saved one strlen call per session variable
- fixed one tiny leak
@ WDDX session-serializer. Also improved speed of sessions. (Thies)
from now on php_set_session_var no longer copies the variable recovered from a
session (tested with php, php_binary and wddx). this should speed up session
deserializing quite a bit. (this damn thing has cost me 6 hours of my life;-)
might be called before that registration takes place and hence the
INI update is dismissed. In that case, we defer the lookup to the
first request init.
parameter, then the mod_data pointer is initialized to NULL and then
php_session_save_current_state did not check this value before referencing
the pointer. Added a check in php_session_save_current_state.
script writers to release the lock associated with the session lock
before the request finishes.
You can pass arrays now to session_set_save_handler(), so that the handlers
can be located in an object for better abstraction.
These changes should have been committed right after Zeev made the
original change to use the PHP_INI system months ago.
Instead of working around the system, we make proper use of it now.
This includes using php_alter_ini_entry(), so that we change the values
in the php_ps_globals struct indirectly.
This should also fix#6538.
# This code gets really hairy, I do not like it,
# but it's the only working thing I could come with.
# If original creator reviews and cleans it up, it'd be great
The following new/revived shared modules are available now:
... MySQL (*)
... PCRE (*)
... Session
... SWF
(*) capable of using bundled library or external library
All changes:
The m4 macro PHP_EXTENSION was revamped. Uses LIB_BUILD now.
This effectively means that all extensions have to use dynlib.
ext/mysql/config.m4 was revamped.
Uses LIB_BUILD for building bundled library.
ext/pcre/config.m4 was revamped.
Uses LIB_BUILD for building bundled library.
ext/ext_skel was changed to reflect that more modules should be
compileable as shared module.
ext/Makefile.in has been simplified enormously.
Dependencies are now stored in the build tree.
Empty dependencies are not generated by buildconf anymore. They
are now dynamically created during the build process.
Implicit rules for .S were removed.
The NO_RECURSION feature was removed.
"libs.mk" has been added to all cvsignore files in ext.
zend_get_parameters(), but it became invalid when someone switched it
to zend_get_parameters_ex(), and I decided to remove it anyway).
- Remove a redundant function call
