clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-28 21:36:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
62,427 Commits 494 Branches 1,367 Tags 785 MiB
d4cf399cc4
Commit Graph

809 Commits

Author SHA1 Message Date
Michael Wallner
11d24c1593 * implement new output API, fixing some bugs and implementing some feature 
requests--let's see what I can dig out of the bugtracker for NEWS--
  and while crossing the road:
   * implemented new zlib API
   * fixed up ext/tidy (what was "s&" in zend_parse_parameters() supposed to do?)

Thanks to Jani and Felipe for pioneering.
 2010-05-31 10:29:43 +00:00
Arnaud Le Blanc
4f3b619625 - code cleanups 
- cleanup progress data from session vars as soon as all
   post data has been readden (upload_progress.cleanup
   ini setting allows to disable this)
 2010-05-11 16:39:07 +00:00
Arnaud Le Blanc
6f3cea3870 Added session upload progress tests 2010-05-10 16:10:09 +00:00
Arnaud Le Blanc
da9448f3fd Added upload progress feedback in session data as describied 
in RFC : http://wiki.php.net/rfc/session_upload_progress
 2010-05-10 16:09:00 +00:00
Arnaud Le Blanc
d5a646480d Fix tests 2010-05-10 15:53:54 +00:00
Kalle Sommer Nielsen
dd8e59da8f Removed safe_mode 
* Removed ini options, safe_mode*
 * Removed --enable-safe-mode --with-exec-dir configure options on Unix
 * Updated extensions, SAPI's and core
 * php_get_current_user() is now declared in main.c, thrus no need to include safe_mode.h anymore
 2010-04-26 23:53:30 +00:00
Ilia Alshanetsky
3c78ad763e Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser 2010-04-26 18:35:54 +00:00
Kalle Sommer Nielsen
e73a794105 Removed the session 4.2 bug compatibility mode 2010-04-22 01:07:48 +00:00
Kalle Sommer Nielsen
b8ada243fe Drop php_register_var(), Thanks Felipe 2010-04-21 23:16:56 +00:00
Kalle Sommer Nielsen
3f29144348 Removed session_is_registered(), session_register() and session_unregister(). 
-- They are no longer needed without register_globals
 2010-04-21 23:03:16 +00:00
Kalle Sommer Nielsen
febee11285 Removed register_globals 2010-04-21 01:27:22 +00:00
Kalle Sommer Nielsen
a5304b138f Removed register_long_arrays ini option (and $HTTP_SESSION_VARS from ext/session) 2010-04-15 16:36:08 +00:00
Rasmus Lerdorf
9692a3619c Set session.entropy_file to /dev/urandom or /dev/arandom by 
default if present at compile-time.  Addresses part of bug #51436
 2010-03-31 18:03:17 +00:00
Ilia Alshanetsky
8a9364080b Added test for bug #51338 2010-03-23 11:51:38 +00:00
Ilia Alshanetsky
995d15ebcc Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). 2010-03-22 12:16:45 +00:00
Jani Taskinen
af49e58f51 - Reverted r296062 and r296065 2010-03-12 10:28:59 +00:00
Jani Taskinen
06f072cb5e MFH: Improved / fixed output buffering (Michael Wallner) 2010-03-11 10:24:29 +00:00
Ilia Alshanetsky
dff4e7fda1 Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak. 2010-01-31 18:06:29 +00:00
Sebastian Bergmann
9ba1e81665 sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php 2010-01-03 09:23:27 +00:00
Rasmus Lerdorf
e9b1ab57a4 Along with the valid char set, also add a length check to the 
session id here to avoid a lower-level error on the open() 
later on in case we exceed MAX_PATH.  The lower level open()
error includes the session dir path in it, so this is a very
low-priority security fix.  People should not be running
production systems with display_errors turned on.
 2009-12-26 23:38:25 +00:00
Dmitry Stogov
5ab649e65f Fixed compilation 2009-12-04 07:11:37 +00:00
Stanislav Malyshev
3e6ac4fb6b protect http_session_vars from interrupt corruption 
improve save_path check
 2009-12-04 01:21:32 +00:00
Guenter Knauf
824692fab8 removed now obsolete NetWare hack since I fixed this 
with Novell some longer time ago in their SDK header.
 2009-11-03 21:21:34 +00:00
Dmitry Stogov
7bfe056174 Fixed tests 2009-09-21 09:52:19 +00:00
Antony Dovgal
421b6e0f2c configure dependency has to be optional as well 2009-07-28 08:59:08 +00:00
Antony Dovgal
75fc702162 fix segfault in session/tests/031.phpt by adding optional extension 
dependency (php_hash_hashtable has to be initialized when setting
session.hash_function)
 2009-07-28 08:54:23 +00:00
Gwynne Raskind
2673b9be38 MFH: fix crash when session hash function generated long hashes with hash_bits_per_character larger than 4 2009-07-17 14:21:59 +00:00
Jani Taskinen
694566d6c4 fix test 2009-05-26 10:12:16 +00:00
Jani Taskinen
9ece649f7c MFH: ws + sync 2009-05-18 16:10:09 +00:00
Felipe Pena
d64db73483 - Fixed tests 2009-05-05 18:19:16 +00:00
Kalle Sommer Nielsen
5a6d3cc42b Added E_DEPRECATED startup notice (5.3 only) 2009-05-04 21:18:22 +00:00
Hannes Magnusson
e9c1d924b8 MFH: Add test for bug#42596 2009-04-06 12:12:37 +00:00
Hannes Magnusson
b8bc0f24b3 MFH: Fix segfault on invalid session.save_path 2009-04-06 11:48:49 +00:00
Hannes Magnusson
33aa4ac568 MFH: fix folding 2009-04-06 11:45:25 +00:00
Sebastian Bergmann
08659c2dcd MFH: Bump copyright year, 3 of 3. 2008-12-31 11:15:49 +00:00
Andrei Zmievski
cae97c3b8e MFH 2008-12-30 19:37:35 +00:00
Scott MacVicar
2ea6780873 MFH Fix bug #35975 - Session cookie expires date format isn't the most compatible. Sync to that of setcookie(). 2008-12-11 01:21:35 +00:00
Hannes Magnusson
76a17847c1 Deprecate session_register(), session_unregister() and 
session_is_registered() (removed in HEAD)
 2008-12-09 14:03:58 +00:00
Ant Phillips
ec1ee12281 Fix broken tests (thanks to Johannes for spotting these). 2008-12-02 10:20:56 +00:00
Ant Phillips
45e14cea18 Latest and greatest versions of these session tests - checked on 5.3 snap on Windows, Linux and Linux 64 bit. 2008-11-27 13:50:28 +00:00
Felipe Pena
fc2fb50d09 - MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro 2008-11-17 11:28:01 +00:00
Felipe Pena
7a37fa2d6b - Revert ZEND_BEGIN_ARG_INFO change 2008-11-02 21:19:39 +00:00
Felipe Pena
df10005563 - MFH: Added 'static' into ZEND_BEGIN_ARG_INFO_EX macro 2008-10-24 14:35:40 +00:00
Jani Taskinen
6495909d16 - Revert idiotic patch (hint: Windows IS NOT the most important OS!) 2008-09-07 17:59:24 +00:00
Kalle Sommer Nielsen
1a1df46be2 MFH: Fix test on Windows 2008-09-07 00:42:40 +00:00
Alexey Zakhlestin
c9fab63584 remove special treatment of /tmp path 2008-08-31 14:49:58 +00:00
Alexey Zakhlestin
97e26d95b7 this test depends on session.hash_bits_per_character, but it was not explicitly set 2008-08-26 16:46:26 +00:00
Jani Taskinen
525f3c4793 MFH: General sync. WS / CS / etc. crap some people didn't bother to merge 
MFH: before this commit..bunnies thank you all..
[DOC] - Added ext/hash support to ext/session's ID generator. (Sara)
[DOC] Ask Sara for explanation..
 2008-08-06 05:53:31 +00:00
Jani Taskinen
927a84bdfb - nuketh period from error message 2008-08-05 23:04:31 +00:00
Jani Taskinen
9ad7800f52 - Nuke ending periods from error messages 2008-08-05 22:52:05 +00:00
Kalle Sommer Nielsen
874b456078 MFH: Fixes #45406 - Patch by oleg dot grenrus at dynamoid dot com 2008-08-04 06:21:55 +00:00
Felipe Pena
e304515ddb - MFH: Added parameter TSRMLS_DC in zend_is_callable() 2008-08-02 04:46:07 +00:00
Dmitry Stogov
833a2295d1 Support for closures 2008-07-17 09:53:42 +00:00
Jani Taskinen
cd913eb2d8 MFH:- Fix tests (do NOT assume things in php.ini always to be same...or sane) 2008-07-15 01:00:00 +00:00
Felipe Pena
ca0c2340fe - Added arginfo 2008-06-27 16:16:23 +00:00
Dmitry Stogov
9c3ebd10bb Fixed memory leaks 2008-06-24 06:47:45 +00:00
Felipe Pena
44fe6a6005 - Fixed tests 2008-06-22 19:16:44 +00:00
Felipe Pena
015f82d219 - New parameter parsing API 2008-06-21 15:27:34 +00:00
Ant Phillips
ad93b947a2 Fix session test failures as reported by Antony Dovgal. 
These were caused by the tests assuming default values for some session
configuration settings, in particular session.save_path and session.name.
The tests now explicitly set these settings in the --INI-- section.
 2008-04-30 15:20:18 +00:00
Ant Phillips
c55db17098 Fix session test failures as reported by Antony Dovgal. 
These were caused by the tests assuming default values for some session
configuration settings, in particular session.save_path and session.name.
The tests now explicitly set these settings in the --INI-- section.
 2008-04-30 09:28:02 +00:00
Ant Phillips
cdf5621b50 More session tests to improve code coverage for untested extension code 2008-04-29 09:24:19 +00:00
Ant Phillips
52af9124b5 More session tests to improve code coverage for untested extension code 2008-04-29 08:57:09 +00:00
Ant Phillips
57e0d2acec These tests were backported from the PHP 6.0 branch, which in turn were ported from this branch and then updated to remove any dependencies on register_globals. With register_globals removed they are useful tests to run against the 5.X branches. 2008-04-22 16:04:31 +00:00
Ant Phillips
79b73d1218 New set of session extension tests for PHP 5.3 branch. 
These hopefully test a reasonable set of basic, error and variations for
the twenty or so session functions. Note however that they do not
test all the session configuration settings, nor do they test anything
with register_globals enabled.
 2008-04-22 16:04:30 +00:00
Scott MacVicar
944061ba37 Fixed bug #44720 (Prevent infinite recursion within session_register) 2008-04-15 00:59:04 +00:00
Dmitry Stogov
1a08aadc9b Fixed memory corruption because of double free() 2008-03-11 09:36:41 +00:00
Felipe Pena
84a8bb038a MFH: New way for check void parameters 2008-03-10 22:15:36 +00:00
Felipe Pena
77af81b8c3 Fix test (thanks Scoates!) 2008-03-08 23:31:05 +00:00
Gwynne Raskind
8bbef4f940 Forgot one file in last commit 2008-03-07 23:20:54 +00:00
Gwynne Raskind
3e99d5cc5b MFH: fix bug #32330 (session_destroy, "Failed to initialize storage module", custom session handler) 2008-03-07 23:20:32 +00:00
Sebastian Bergmann
d1dded8751 MFH: Bump copyright year, 2 of 2. 2007-12-31 07:17:19 +00:00
Yiduo (David) Wang
4b4d634cb9 MFH: Added macros for managing zval refcounts and is_ref statuses 2007-10-07 05:22:07 +00:00
Dmitry Stogov
6c810b0d4c Improved memory usage by movig constants to read only memory. (Dmitry, Pierre) 2007-09-27 18:00:48 +00:00
Ilia Alshanetsky
ea6de20d86 Fixed Bug #42596 (session.save_path MODE option does not work). 2007-09-10 23:42:54 +00:00
Jani Taskinen
de85bf4060 MFH: ws + cs changes (sync to ease merging patches around!) 2007-08-23 12:23:59 +00:00
Jani Taskinen
19401951c0 MFH: sync 2007-08-23 11:42:21 +00:00
Ilia Alshanetsky
89c0ba1685 Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir 
bypass).
 2007-08-23 02:04:39 +00:00
Stanislav Malyshev
6b7f164803 correct fix for access control for save_path and .htaccess 2007-08-03 01:16:40 +00:00
Ilia Alshanetsky
3034092111 Fixed bug #42135 (Second call of session_start() causes creation of SID) 2007-07-29 14:43:30 +00:00
Stanislav Malyshev
143badba52 always check save_path (issue reported by Maksymilian Arciemowicz) 2007-07-10 17:40:41 +00:00
Ilia Alshanetsky
e2d606e18b Fixed compiler warning 2007-06-17 14:25:46 +00:00
Stefan Esser
df7bfe0a0f MFH 2007-06-16 07:48:07 +00:00
Stanislav Malyshev
70a8f9313b Disallow characters that Cookie RFC does not allow in unquoted cookies 2007-06-15 22:40:00 +00:00
Antony Dovgal
d042fd0675 MFH: php_gmtime_r() fixes 2007-06-07 08:59:00 +00:00
Ilia Alshanetsky
c38ad55e8e Fixed bug #41600 (url rewriter tags doesn't work with namespaced tags). 2007-06-06 00:00:28 +00:00
Antony Dovgal
ffd09c0961 fix tests 2007-05-18 11:29:55 +00:00
Stanislav Malyshev
69650d0ebf do not send cookie when session is passed in URL, same as it happens with GET/POST 2007-05-16 01:18:14 +00:00
Antony Dovgal
1f65545121 fix test names 2007-05-07 18:03:01 +00:00
Antony Dovgal
39f9184fa6 MFH: fix #40998 (long session array keys are truncated) 2007-04-04 19:52:19 +00:00
Ilia Alshanetsky
7aab16c333 Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability 
# Discovered by Stefan Esser
 2007-03-14 19:37:07 +00:00
Martin Kraemer
9c62ddde34 Typo 2007-03-14 09:58:14 +00:00
Ilia Alshanetsky
a500d1efe9 Adjust checks to allow paths without a trailing / 2007-03-03 15:07:31 +00:00
Ilia Alshanetsky
4735df26f8 Improve safe_mode check 2007-03-02 00:49:47 +00:00
Ilia Alshanetsky
efad70c2cc snprintf() -> slprintf() 2007-02-27 03:28:17 +00:00
Antony Dovgal
c667c70bdb fix typo 2007-02-26 17:47:21 +00:00
Marcus Boerger
50ea26760d - Avoid sprintf, even when checked copy'n'paste or changes lead to errors 2007-02-24 02:17:47 +00:00
Stanislav Malyshev
3e262bd369 disallow negative length 2007-02-24 01:18:14 +00:00
Ilia Alshanetsky
c6402df3a7 Eliminate strcat() usage. 2007-02-19 23:53:00 +00:00
Ilia Alshanetsky
629d7cf43f Fixed Bug #40274 (Sessions fail with numeric root keys). 2007-02-06 00:01:18 +00:00
Dmitry Stogov
ae792a06b0 Fixed SIGSEGV 2007-01-10 07:04:49 +00:00