php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-27 01:48:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Protect class based session save handler

Browse Source
This commit is contained in:
Yasuo Ohgaki
2016-11-11 12:18:54 +09:00
committed by Joe Watkins
parent 6230c2bad0
commit 46c64ac9f2
1 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ext/session/mod_user_class.c
+27 -3
View File
@@ -53,6 +53,7 @@ PHP_METHOD(SessionHandler, open)
}
PS(mod_user_is_open) = 1;
PS(in_save_handler) = 1;
zend_try {
ret = PS(default_mod)->s_open(&PS(mod_data), save_path, session_name);
@@ -61,6 +62,7 @@ PHP_METHOD(SessionHandler, open)
zend_bailout();
} zend_end_try();
PS(in_save_handler) = 0;
RETVAL_BOOL(SUCCESS == ret);
}
/* }}} */
@@ -78,6 +80,7 @@ PHP_METHOD(SessionHandler, close)
zend_parse_parameters_none();
PS(mod_user_is_open) = 0;
PS(in_save_handler) = 1;
zend_try {
ret = PS(default_mod)->s_close(&PS(mod_data));
@@ -86,6 +89,7 @@ PHP_METHOD(SessionHandler, close)
zend_bailout();
} zend_end_try();
PS(in_save_handler) = 0;
RETVAL_BOOL(SUCCESS == ret);
}
/* }}} */
@@ -116,6 +120,7 @@ PHP_METHOD(SessionHandler, read)
PHP_METHOD(SessionHandler, write)
{
zend_string *key, *val;
zend_bool ret;
PS_SANITY_CHECK_IS_OPEN;
@@ -123,7 +128,11 @@ PHP_METHOD(SessionHandler, write)
return;
}
RETURN_BOOL(SUCCESS == PS(default_mod)->s_write(&PS(mod_data), key, val, PS(gc_maxlifetime)));
PS(in_save_handler) = 1;
ret = PS(default_mod)->s_write(&PS(mod_data), key, val, PS(gc_maxlifetime));
PS(in_save_handler) = 0;
RETURN_BOOL(SUCCESS == ret);
}
/* }}} */
@@ -132,6 +141,7 @@ PHP_METHOD(SessionHandler, write)
PHP_METHOD(SessionHandler, destroy)
{
zend_string *key;
zend_bool ret;
PS_SANITY_CHECK_IS_OPEN;
@@ -139,7 +149,11 @@ PHP_METHOD(SessionHandler, destroy)
return;
}
RETURN_BOOL(SUCCESS == PS(default_mod)->s_destroy(&PS(mod_data), key));
PS(in_save_handler) = 1;
ret = PS(default_mod)->s_destroy(&PS(mod_data), key);
PS(in_save_handler) = 0;
RETURN_BOOL(SUCCESS == ret);
}
/* }}} */
@@ -156,9 +170,12 @@ PHP_METHOD(SessionHandler, gc)
return;
}
PS(in_save_handler) = 1;
if (PS(default_mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels) == FAILURE) {
PS(in_save_handler) = 0;
RETURN_FALSE;
}
PS(in_save_handler) = 0;
RETURN_LONG(nrdels);
}
/* }}} */
@@ -175,7 +192,9 @@ PHP_METHOD(SessionHandler, create_sid)
return;
}
PS(in_save_handler) = 1;
id = PS(default_mod)->s_create_sid(&PS(mod_data));
PS(in_save_handler) = 0;
RETURN_STR(id);
}
@@ -203,6 +222,7 @@ PHP_METHOD(SessionHandler, validateId)
PHP_METHOD(SessionHandler, updateTimestamp)
{
zend_string *key, *val;
zend_bool ret;
PS_SANITY_CHECK_IS_OPEN;
@@ -210,7 +230,11 @@ PHP_METHOD(SessionHandler, updateTimestamp)
return;
}
PS(in_save_handler) = 1;
ret = PS(default_mod)->s_write(&PS(mod_data), key, val, PS(gc_maxlifetime));
PS(in_save_handler) = 0;
/* Legacy save handler may not support update_timestamp API. Just write. */
RETVAL_BOOL(SUCCESS == PS(default_mod)->s_write(&PS(mod_data), key, val, PS(gc_maxlifetime)));
RETVAL_BOOL(SUCCESS == ret);
}
/* }}} */