completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes. We also don't need
to worry about prioritizing one of them.
Add session.bug_compat_42 and session.bug_compat_warn which are enabled
by default. The logic behind bug_compat_42:
IF bug_compat_42 is on, and
IF register_globals is off, and
IF any value of $_SESSION["key"] is NULL, and
IF there is a global variable $key, then
$_SESSION["key"] is set to $key.
The extension emits this warning once per script, unless told otherwise.
"Your script possibly relies on a session side-effect which existed until
PHP 4.2.3. Please be advised that the session extension does not consider
global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting
session.bug_compat_42 or session.bug_compat_warn.
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.
This was achieved by actually planting references between every
$_SESSION["x"] and $x, not only when restoring a session, but also
when registering a session variable (in a register_globals=1 context).
Upon registering a new variable, this memory leak continues to show
up, regardless of register_globals.
ext/session/session.c(272) : Freeing 0x0818F01C (12 bytes), script=test
Obviously, the newly allocated empty zval is not properly freed. If anyone
has any idea on how to fix that, please step forward.
@ and remove variables from the URL-Rewriter. (thies)
i have also modified the session module to use this - so it doesn't
need to fiddle with the output-system any more
of the session ID string. Default PS_MOD() macro sets this to be the default
creation routine. PS_MOD_SID() macro sets this to a handlers session ID
creation routine.
I don't have time right now to leave in the good ones and remove
only the bad ones.
There are some semantical changes which I reject, because
they aim at fixing a bug which is at a completely other location.
Then SID does not gefined anymore properly. (This broken patch
has not been sent to me at all.)
Also, there were *so* many whitespace changes which already
make these commits bogus.
Advantages:
- Would work with the output buffering mechanism in general, and with
output compression in particular
- Should yield better performance (untested as of yet)
- Move to the new ts_allocate_id() API
This patch is *bound* to break some files, as I must have had typos somewhere.
If you use any uncommon extension, please try to build it...
and handle some corner cases better. The scanner has been changed
to the format as proposed in "RE2C - A More Versatile Scanner Generator"
by Cowan et al.
- regression test checked (this time;-)
- added new regression test for references
- references _between_ session variables also work in when the session var
replaces an already existing global var (this was a brain twister)
- saved one strlen call per session variable
- fixed one tiny leak
script writers to release the lock associated with the session lock
before the request finishes.
You can pass arrays now to session_set_save_handler(), so that the handlers
can be located in an object for better abstraction.