php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-29 11:42:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,344 Commits 547 Branches 1,481 Tags
4a202474ef9052d28dbcb1898dbbdd0fc93f3f77
Commit Graph

548 Commits

Author SHA1 Message Date
Ilia Alshanetsky
ab4433e348 MFH: Fixed bug #29925 (Added a check to prevent illegal characters in 
session key).
 2004-09-03 00:53:46 +00:00
Stefan Esser
42a50158bc Merge all not yet merged security fixes into the 4_3 branch 2004-07-21 16:25:37 +00:00
Ilia Alshanetsky
d5edc8497b MFH: Do not use alloca() where it can be abused through user input. 2004-06-30 01:12:09 +00:00
Sascha Schumann
0cc1014ebf - fix logic. if the client already sent us the cookie, we don't 
need to send it again.  if the id has been changed, we need to
  update the client side.
 2004-06-23 16:29:16 +00:00
Ilia Alshanetsky
6be3e2d751 MFH: Skip session tests if session.save_path is not writable. 2004-05-13 12:53:49 +00:00
Sara Golemon
d676db7541 MFH: if statement logic would never eval to false. 2004-05-08 06:01:11 +00:00
Ilia Alshanetsky
43d81b700a MFH: Fixed test failure if session.use_trans_sid is enabled. 2004-04-15 13:37:58 +00:00
Ilia Alshanetsky
c6af3e463a MFH: Fixed bug #27963 (Session lifetime setting may leak between requests). 2004-04-13 18:23:10 +00:00
Wez Furlong
ffe1113b3d Fix for Bug #26757: session.save_path default is bogus for win32 
Based on a patch found in the bug report.
Concept approved by Ilia.
 2004-03-29 21:28:47 +00:00
Rasmus Lerdorf
885e837b2a - Merge whitespace and trivial changes from HEAD back to the branch so the 
diff between HEAD and PHP_4_3 only shows feature changes
- Fix test case for bug #27719 (TZ=EST means no DST so the test was wrong)
 2004-03-28 14:57:32 +00:00
Stanislav Malyshev
38b637bdfc MFH: export session globals 2004-03-16 18:21:02 +00:00
foobar
9543e9c111 MFH: - Fixed bug #26005 (Random "cannot change the session ini settings" errors). 2004-02-24 08:49:41 +00:00
foobar
1e60e670ba MFH: emalloc -> safe_emalloc 2004-02-19 02:13:39 +00:00
foobar
fdec1ab00e MFH: improve error message 2004-02-19 01:54:44 +00:00
SVN Migration
2b66aa860f This commit was manufactured by cvs2svn to create branch 'PHP_4_3'. 2004-02-11 17:00:49 +00:00
Ard Biesheuvel
1303e186e5 Fix build 2003-12-08 10:01:11 +00:00
foobar
82321ff0d4 MFH: Fix for bug #26548: Malformed HTTP dates in headers 2003-12-07 16:53:30 +00:00
foobar
f0ae93e466 - Fixed bug #25780 (MFH: ext/session: invalid session.cookie_lifetime causes crash in win32). 2003-10-08 10:25:39 +00:00
foobar
6db270f8fc MFH 2003-10-01 02:54:39 +00:00
Ilia Alshanetsky
a11f040979 MFH: Always prefer user specified paths over the default /usr /usr/local. 2003-09-30 22:38:29 +00:00
foobar
40a1c4b4f4 MFH 2003-09-25 14:53:58 +00:00
Ilia Alshanetsky
283476972f MFH: Fixed bug #25070 (Don't forget to unlock session files on win32 before 
closing them).
 2003-09-24 23:39:22 +00:00
Sascha Schumann
485cba185b MFH 
Fix a segfault which occured when using a storage format not capable
of expressing references (e.g. WDDX) and deserializing a session variable
whose name conflicted with an existing symbol in the global scope.

PR: #25307
Submitted by: Jani Taskinen
Speling fixes: me
 2003-08-29 12:35:15 +00:00
Andrey Hristov
b767129303 \n at the end of the message is not needed 2003-08-28 20:26:32 +00:00
Sascha Schumann
1c662bee50 format string fix 2003-08-28 17:34:30 +00:00
foobar
008b424ee9 More crap from previous commits 2003-08-26 02:16:23 +00:00
foobar
720d3804fc Fix typo 2003-08-26 02:15:19 +00:00
foobar
9d61de0ec9 MFH: - Fixed crash bug when non-existing save/serializer handler is used 2003-08-26 02:05:53 +00:00
Ilia Alshanetsky
30c26df348 MFH: Fixed bug #25084 (Make refer check not dependant on register_globals) 2003-08-14 01:32:02 +00:00
Ilia Alshanetsky
cadd668aac MFH: missing skip condition. 2003-08-14 00:54:42 +00:00
Ilia Alshanetsky
977ec5eb4a MFH: Fixed bug #22245 (References inside $_SESSION not being handled). 2003-08-11 19:21:22 +00:00
Sascha Schumann
07b9f0c1d5 Proper fix for #24592 
The core issue is that undefined variables are refcounted (refcount != 0)
while is_ref is still set to 0.  I don't know whether this is a bug in
the engine, but is it not the first time this irregularity has caused
problems for the session extension.

The irregularity confused ZEND_SET_SYMBOL_WITH_LENGTH which then did
the wrong thing WRT null values.

Fortunately, nulls can simply be ignored in this case, thus the old
code is restored and a new condition is added.
 2003-07-22 01:10:30 +00:00
Ilia Alshanetsky
61fc0ba6b2 MFH: Fixed bug #24592 (Possible crash in session extnsion, with NULL values). 2003-07-21 21:49:52 +00:00
SVN Migration
10bb058051 This commit was manufactured by cvs2svn to create branch 'PHP_4_3'. 2003-07-21 21:47:53 +00:00
Sascha Schumann
e783c0b5a1 Fix test 2003-06-13 09:17:52 +00:00
foobar
626f3de608 MFH, fixed the test (second session init produces a notices) 2003-06-13 09:16:49 +00:00
Sascha Schumann
babbbb048b MFH E_NOTICE 2003-06-10 03:57:16 +00:00
Sascha Schumann
33d844496f fix prototype 2003-05-29 17:39:00 +00:00
Sascha Schumann
39267c2bf9 Always send a new session cookie upon regenerating id 2003-05-29 16:19:56 +00:00
Sascha Schumann
f851db2531 readd essential line for multiple sessions inside one request 2003-05-21 02:33:13 +00:00
Sascha Schumann
8b4ff89345 Make error messages less ambiguous 2003-05-20 21:01:42 +00:00
Sascha Schumann
67631ea57c Defensive programming 2003-05-20 20:01:54 +00:00
Sascha Schumann
bddbce404f Better reinitialize session_status unconditionally 2003-05-20 14:20:14 +00:00
Sascha Schumann
0f4b4c82de Fix use of ZEND_EXTERN_MODULE_GLOBALS which mysteriously includes a 
trailing semicolon.

Also add a do {} while (0) construct in php_session.h
 2003-05-20 12:38:04 +00:00
Sascha Schumann
99515d905c MFH 2003-05-15 13:33:52 +00:00
Sascha Schumann
f695e50683 MFH 2003-05-10 16:49:53 +00:00
Stanislav Malyshev
bb56953b8d fix TSRM 2003-04-27 16:18:01 +00:00
Stanislav Malyshev
5762d24683 Fix very nasty bug - session cookie kills one of the cookies 
set before it on certain non-Apache SAPIs.
# for example, this code:
# <?
# setcookie("abc", 1);
# setcookie("def", 2);
# session_start();
# ?>
# would output only 'def' cookie on CGI and ISAPI
 2003-04-27 16:02:44 +00:00
Sascha Schumann
4bfdbfb167 MFH 2003-04-05 11:22:44 +00:00
Sascha Schumann
f63d9b778f merge minor differences from head 2003-02-20 08:32:41 +00:00