php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-14 19:41:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merged pull request #9297

Browse Source
This commit is contained in:
Derick Rethans
2022-08-11 16:27:28 +01:00
parent 9dc6ee995f a6a5d46704
commit 0fc9fd9fd6
4 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@@ -25,6 +25,7 @@ PHP NEWS
- Standard:
. Fixed bug #65489 (glob() basedir check is inconsistent). (Jakub Zelenka)
. Fixed GH-9200 (setcookie has an obsolete expires date format). (Derick)
. Fixed GH-9244 (Segfault with array_multisort + array_shift). (cmb)
04 Aug 2022, PHP 8.2.0beta2

23
ext/standard/head.c
View File

@@ -110,6 +110,14 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
get_active_function_name());
return FAILURE;
}
#ifdef ZEND_ENABLE_ZVAL_LONG64
if (expires >= 253402300800) {
zend_value_error("%s(): \"expires\" option cannot have a year greater than 9999",
get_active_function_name());
return FAILURE;
}
#endif
/* Should check value of SameSite? */
if (value == NULL || ZSTR_LEN(value) == 0) {
@@ -118,7 +126,7 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
* so in order to force cookies to be deleted, even on MSIE, we
* pick an expiry date in the past
*/
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, 1, 0);
dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, 1, 0);
smart_str_appends(&buf, "Set-Cookie: ");
smart_str_append(&buf, name);
smart_str_appends(&buf, "=deleted; expires=");
@@ -136,21 +144,12 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
} else {
smart_str_append(&buf, value);
}
if (expires > 0) {
const char *p;
double diff;
smart_str_appends(&buf, COOKIE_EXPIRES);
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0);
/* check to make sure that the year does not exceed 4 digits in length */
p = zend_memrchr(ZSTR_VAL(dt), '-', ZSTR_LEN(dt));
if (!p || *(p + 5) != ' ') {
zend_string_free(dt);
smart_str_free(&buf);
zend_value_error("%s(): \"expires\" option cannot have a year greater than 9999",
get_active_function_name());
return FAILURE;
}
dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, expires, 0);
smart_str_append(&buf, dt);
zend_string_free(dt);

2
ext/standard/tests/network/bug72071.phpt
View File

@@ -11,4 +11,4 @@ setcookie("name", "value", $date);
?>
--EXPECT--
--EXPECTHEADERS--
Set-Cookie: name=value; expires=Sat, 01-Apr-2017 12:25:39 GMT; Max-Age=0
Set-Cookie: name=value; expires=Sat, 01 Apr 2017 12:25:39 GMT; Max-Age=0

14
ext/standard/tests/network/setcookie.phpt
View File

@@ -21,20 +21,20 @@ setcookie('name', 'value', ['expires' => $tsp]);
setcookie('name', 'value', ['expires' => $tsn, 'path' => '/path/', 'domain' => 'domain.tld', 'secure' => true, 'httponly' => true, 'samesite' => 'Strict']);
$expected = array(
'Set-Cookie: name=deleted; expires='.date('D, d-M-Y H:i:s', 1).' GMT; Max-Age=0',
'Set-Cookie: name=deleted; expires='.date('D, d-M-Y H:i:s', 1).' GMT; Max-Age=0',
'Set-Cookie: name=deleted; expires='.date('D, d M Y H:i:s', 1).' GMT; Max-Age=0',
'Set-Cookie: name=deleted; expires='.date('D, d M Y H:i:s', 1).' GMT; Max-Age=0',
'Set-Cookie: name=value',
'Set-Cookie: name=space%20value',
'Set-Cookie: name=value',
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsp).' GMT; Max-Age=5',
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsn).' GMT; Max-Age=0',
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsc).' GMT; Max-Age=0',
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsp).' GMT; Max-Age=5',
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0',
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsc).' GMT; Max-Age=0',
'Set-Cookie: name=value; path=/path/',
'Set-Cookie: name=value; domain=domain.tld',
'Set-Cookie: name=value; secure',
'Set-Cookie: name=value; HttpOnly',
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsp).' GMT; Max-Age=5',
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict'
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsp).' GMT; Max-Age=5',
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict'
);
$headers = headers_list();