b3e6072a04
Fix session test failures as reported by Antony Dovgal.
...
These were caused by the tests assuming default values for some session
configuration settings, in particular session.save_path and session.name.
The tests now explicitly set these settings in the --INI-- section.
2008-04-30 15:20:17 +00:00
3edf8bd266
Fix session test failures as reported by Antony Dovgal.
...
These were caused by the tests assuming default values for some session
configuration settings, in particular session.save_path and session.name.
The tests now explicitly set these settings in the --INI-- section.
2008-04-30 09:28:00 +00:00
6b00f44934
More session tests to improve code coverage for untested extension code
2008-04-29 09:24:18 +00:00
049e27a949
More session tests to improve code coverage for untested extension code
2008-04-29 08:57:10 +00:00
168e58d2da
New set of session extension tests for PHP 6.0 branch.
...
These hopefully test a reasonable set of basic, error and variations for
the twenty or so session functions. Note however that they do not
test all the session configuration settings.
2008-04-22 16:05:42 +00:00
8b5866866c
Fixed bug #44719 (More uninitialised values causing wierd errors)
2008-04-15 00:39:43 +00:00
43a40e7486
Fixed bug #44722 (Segfault setting a null session path)
2008-04-15 00:32:51 +00:00
b2638b8297
Fixed memory corruption because of double free()
2008-03-11 09:36:51 +00:00
7235c8e5bb
Fix test
2008-03-08 23:32:22 +00:00
3ccb44a951
Fix bug #32330 (session_destroy, "Failed to initialize storage module", custom session handler)
2008-03-07 23:20:15 +00:00
a1e8d340c3
New macro for check void parameters
2008-02-28 14:16:25 +00:00
9b620d50b4
Bump copyright year, 2 of 2.
2007-12-31 07:12:20 +00:00
95da0dc570
Added macros for managing zval refcounts and is_ref statuses
2007-10-07 05:15:07 +00:00
8146078f7b
Improved memory usage by movig constants to read only memory. (Dmitry, Pierre)
2007-09-27 18:28:44 +00:00
3a802820e8
MFB: Fixed Bug #42596 (session.save_path MODE option does not work).
2007-09-10 23:43:08 +00:00
24c98f8aa3
MFB: Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir bypass)
2007-08-23 13:38:49 +00:00
197b51e796
MFB: -r1.100.2.3.2.5
2007-08-23 13:09:27 +00:00
af83e1cad2
missing )
2007-08-23 11:38:56 +00:00
5735862a92
MFB (since Ilia is too lazy..): Fix bug #42135
2007-08-05 13:10:32 +00:00
d4cc7daba2
MF5: fix for access control with .htaccess
2007-08-03 01:40:05 +00:00
5d0a261394
always check save_path (issue reported by Maksymilian Arciemowicz)
2007-07-10 17:52:32 +00:00
eb72fc8968
MFB: Fixed compiler warning
2007-06-17 14:26:16 +00:00
fde56bd858
Fix attribute injection security bug correctly by URL encoding session
...
name and session value. (in future maybe encode path/domain, too)
Remove backward compatibility breaking blacklist of characters.
2007-06-16 07:47:46 +00:00
e4e1f60125
MF5: Disallow characters that Cookie RFC does not allow in unquoted cookies
2007-06-15 22:42:43 +00:00
976a22df16
php_gmtime_r() fixes
2007-06-07 08:58:38 +00:00
886cb0c783
MFB: Fixed bug #41600 (url rewriter tags doesn't work with namespaced tags).
2007-06-06 00:01:13 +00:00
a66fbe2d5e
do not send cookie when session is passed in URL, same as it happens with GET/POST
2007-05-16 01:32:28 +00:00
8d9be0338b
fix test names
2007-05-07 16:50:40 +00:00
a8fe87efd3
fix build when ext/hash is compiled as shared module
2007-05-02 10:30:24 +00:00
2c72351711
fix #40998 (long session array keys are truncated)
2007-04-04 19:46:42 +00:00
03a3291262
MFB
2007-03-19 08:24:17 +00:00
e46b1b3747
Typo
2007-03-14 09:49:58 +00:00
20a40063c5
- avoid sprintf
2007-02-24 16:25:58 +00:00
71a68db63e
MFB: fix skipif
2007-01-06 16:57:42 +00:00
851a151712
Don't bother with conversion when the converter is already UTF8
2007-01-05 17:29:30 +00:00
4e8661438d
Fix ZTS issues.
2007-01-05 14:53:30 +00:00
5d988bb1aa
Allow ext/session to use ext/hash's algorithms for generating IDs
2007-01-05 03:57:57 +00:00
344cda1666
Unicode Updates
2007-01-05 02:07:59 +00:00
b21b4c01c3
MFB: Added missing open_basedir checks
2007-01-04 23:50:19 +00:00
21bac192e9
Cleanup ext/session so that I can do a unicode update without going insane.
2007-01-04 22:04:38 +00:00
3717df72ae
Bump year.
2007-01-01 09:29:37 +00:00
15f1692572
MFB: Added boundary checks to php_binary deserializer
2006-12-31 22:26:06 +00:00
9e41e0fda3
fix tests
2006-12-27 19:22:29 +00:00
4386719b07
MFB: Session deserializer protection.
2006-12-26 17:18:28 +00:00
abac61eec7
remove register_globals remains
...
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
2006-12-20 19:20:59 +00:00
576797c7c1
fix retval type
...
it should be int, not zend_bool
2006-12-04 15:58:35 +00:00
fcaf113b33
MFB: Disallow \0 chars inside session.save_path
2006-12-01 00:27:33 +00:00
b0f8e77d17
Fixed bug #39265 (Fixed path handling inside mod_files.sh)
...
# Patch by michal dot taborsky at gmail dot com
2006-11-03 13:18:19 +00:00
176b72284c
Error message clean up
...
(patch by Matt W (php_lists -AT- realpain.com))
2006-10-08 13:34:24 +00:00
e531458f89
Remove double "wrong param count" warnings
2006-10-07 22:55:18 +00:00
Ant Phillips