clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-10-18 15:02:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
39,750 Commits 496 Branches 1,370 Tags 806 MiB
f59fbc3755
Commit Graph

478 Commits

Author SHA1 Message Date
Jani Taskinen
525f3c4793 MFH: General sync. WS / CS / etc. crap some people didn't bother to merge 
MFH: before this commit..bunnies thank you all..
[DOC] - Added ext/hash support to ext/session's ID generator. (Sara)
[DOC] Ask Sara for explanation..
 2008-08-06 05:53:31 +00:00
Jani Taskinen
9ad7800f52 - Nuke ending periods from error messages 2008-08-05 22:52:05 +00:00
Kalle Sommer Nielsen
874b456078 MFH: Fixes #45406 - Patch by oleg dot grenrus at dynamoid dot com 2008-08-04 06:21:55 +00:00
Felipe Pena
e304515ddb - MFH: Added parameter TSRMLS_DC in zend_is_callable() 2008-08-02 04:46:07 +00:00
Felipe Pena
ca0c2340fe - Added arginfo 2008-06-27 16:16:23 +00:00
Dmitry Stogov
9c3ebd10bb Fixed memory leaks 2008-06-24 06:47:45 +00:00
Felipe Pena
015f82d219 - New parameter parsing API 2008-06-21 15:27:34 +00:00
Scott MacVicar
944061ba37 Fixed bug #44720 (Prevent infinite recursion within session_register) 2008-04-15 00:59:04 +00:00
Dmitry Stogov
1a08aadc9b Fixed memory corruption because of double free() 2008-03-11 09:36:41 +00:00
Felipe Pena
84a8bb038a MFH: New way for check void parameters 2008-03-10 22:15:36 +00:00
Gwynne Raskind
3e99d5cc5b MFH: fix bug #32330 (session_destroy, "Failed to initialize storage module", custom session handler) 2008-03-07 23:20:32 +00:00
Sebastian Bergmann
d1dded8751 MFH: Bump copyright year, 2 of 2. 2007-12-31 07:17:19 +00:00
Yiduo (David) Wang
4b4d634cb9 MFH: Added macros for managing zval refcounts and is_ref statuses 2007-10-07 05:22:07 +00:00
Dmitry Stogov
6c810b0d4c Improved memory usage by movig constants to read only memory. (Dmitry, Pierre) 2007-09-27 18:00:48 +00:00
Stanislav Malyshev
6b7f164803 correct fix for access control for save_path and .htaccess 2007-08-03 01:16:40 +00:00
Ilia Alshanetsky
3034092111 Fixed bug #42135 (Second call of session_start() causes creation of SID) 2007-07-29 14:43:30 +00:00
Ilia Alshanetsky
e2d606e18b Fixed compiler warning 2007-06-17 14:25:46 +00:00
Stefan Esser
df7bfe0a0f MFH 2007-06-16 07:48:07 +00:00
Stanislav Malyshev
70a8f9313b Disallow characters that Cookie RFC does not allow in unquoted cookies 2007-06-15 22:40:00 +00:00
Antony Dovgal
d042fd0675 MFH: php_gmtime_r() fixes 2007-06-07 08:59:00 +00:00
Stanislav Malyshev
69650d0ebf do not send cookie when session is passed in URL, same as it happens with GET/POST 2007-05-16 01:18:14 +00:00
Antony Dovgal
39f9184fa6 MFH: fix #40998 (long session array keys are truncated) 2007-04-04 19:52:19 +00:00
Ilia Alshanetsky
7aab16c333 Fixed MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability 
# Discovered by Stefan Esser
 2007-03-14 19:37:07 +00:00
Ilia Alshanetsky
a500d1efe9 Adjust checks to allow paths without a trailing / 2007-03-03 15:07:31 +00:00
Ilia Alshanetsky
4735df26f8 Improve safe_mode check 2007-03-02 00:49:47 +00:00
Ilia Alshanetsky
efad70c2cc snprintf() -> slprintf() 2007-02-27 03:28:17 +00:00
Marcus Boerger
50ea26760d - Avoid sprintf, even when checked copy'n'paste or changes lead to errors 2007-02-24 02:17:47 +00:00
Stanislav Malyshev
3e262bd369 disallow negative length 2007-02-24 01:18:14 +00:00
Dmitry Stogov
ae792a06b0 Fixed SIGSEGV 2007-01-10 07:04:49 +00:00
Ilia Alshanetsky
81729c1ece Prevent SESSION/GLOBALS overload via session decoding 2007-01-09 15:31:12 +00:00
Sebastian Bergmann
4223aa4d5e MFH: Bump year. 2007-01-01 09:36:18 +00:00
Ilia Alshanetsky
ba64553913 Added boundary checks to php_binary deserializer 2006-12-31 22:25:55 +00:00
Ilia Alshanetsky
ffd41a503f Session deserializer protection. 2006-12-26 16:53:47 +00:00
Antony Dovgal
7d2142a56e protect _SESSION, HTTP_SESSION_VARS and GLOBALS 
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
 2006-12-20 19:31:28 +00:00
Antony Dovgal
bcf457d828 MFH: fix retval type 2006-12-04 15:58:48 +00:00
Ilia Alshanetsky
35f78f221b Fixed bug #37627 (session save_path check checks the parent directory). 2006-12-04 15:19:26 +00:00
Ilia Alshanetsky
5f3e233ea7 Disallow \0 chars inside session.save_path 2006-12-01 00:27:20 +00:00
Hannes Magnusson
050f94f746 MFH: Fix double "wron param count" messages 2006-11-03 14:46:48 +00:00
Ilia Alshanetsky
b1d8f7e09d Expose session storage module locater and serialization function via PHPAPI 2006-10-06 21:11:36 +00:00
Ilia Alshanetsky
154f70acf1 Fixed bug #38993 (Fixed safe_mode/open_basedir checks for 
session.save_path, allowing them to account for extra parameters).
 2006-10-01 20:58:02 +00:00
Antony Dovgal
b6ced95187 change ini handlers to produce E_ERROR if they are called during startup 2006-08-30 16:24:40 +00:00
Antony Dovgal
f8fd45a735 MFH: change E_ERROR to E_WARNING when invalid argument has been passed 
make sure ini_set() doesn't reset PS(mod) and PS(serializer) to invalid values
 2006-08-30 15:43:10 +00:00
Ilia Alshanetsky
7dfae526c7 Fixed proto 2006-08-10 21:10:03 +00:00
Ilia Alshanetsky
e5fe441cbd Added support for httpOnly flag for session extension and cookie setting 
functions.

# Original patch by Scott MacVicar
 2006-08-10 13:50:56 +00:00
Antony Dovgal
0c4ef446e2 MFH: fix #38289 (segfault in session_decode() when _SESSION is NULL) 2006-08-02 09:16:52 +00:00
Antony Dovgal
52e6ede06e MFH: fix #38278 (session_cache_expire()'s value does not match phpinfo's session.cache_expire) 2006-08-01 08:32:07 +00:00
Ilia Alshanetsky
96324fb67f An improved fix for bug #38224 2006-07-27 15:33:16 +00:00
Ilia Alshanetsky
bcc8854eaa make C++ compilers happy 2006-07-27 14:13:30 +00:00
Ilia Alshanetsky
dcb4b314bf removed debug code 2006-07-27 14:05:03 +00:00
Ilia Alshanetsky
e5a1182304 Fixed bug #38224 (session extension can't handle broken cookies). 2006-07-27 14:00:13 +00:00