iliaa Thu Jul 27 14:00:27 2006 UTC
Modified files:
/php-src/ext/session session.c
Log:
MFB: Fixed bug #38224 (session extension can't handle broken cookies).
http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.439&r2=1.440&diff_format=u
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.439 php-src/ext/session/session.c:1.440
--- php-src/ext/session/session.c:1.439 Thu Jul 13 00:13:42 2006
+++ php-src/ext/session/session.c Thu Jul 27 14:00:27 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.439 2006/07/13 00:13:42 iliaa Exp $ */
+/* $Id: session.c,v 1.440 2006/07/27 14:00:27 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -653,6 +653,7 @@
{
char *val;
int vallen;
+ zend_bool new = 0;
/* check session name for invalid characters */
if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
@@ -672,8 +673,15 @@
}
/* If there is no ID, use session module to create one */
- if (!PS(id))
+ if (!PS(id)) {
+new_session:
PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
+php_error_docref(NULL TSRMLS_CC, E_WARNING, "Making a new session %s.",
PS(id));
+ if (PS(use_cookies)) {
+ PS(send_cookie) = 1;
+ }
+ new = 1;
+ }
/* Read data */
/* Question: if you create a SID here, should you also try to read data?
@@ -685,6 +693,8 @@
if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) ==
SUCCESS) {
php_session_decode(val, vallen TSRMLS_CC);
efree(val);
+ } else if (!new) {
+ goto new_session;
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
