iliaa Thu Jul 27 15:33:16 2006 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/session mod_files.c php_session.h session.c
Log:
An improved fix for bug #38224
http://cvs.php.net/viewvc.cgi/php-src/ext/session/mod_files.c?r1=1.100.2.3&r2=1.100.2.3.2.1&diff_format=u
Index: php-src/ext/session/mod_files.c
diff -u php-src/ext/session/mod_files.c:1.100.2.3
php-src/ext/session/mod_files.c:1.100.2.3.2.1
--- php-src/ext/session/mod_files.c:1.100.2.3 Tue Apr 18 00:31:45 2006
+++ php-src/ext/session/mod_files.c Thu Jul 27 15:33:16 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: mod_files.c,v 1.100.2.3 2006/04/18 00:31:45 iliaa Exp $ */
+/* $Id: mod_files.c,v 1.100.2.3.2.1 2006/07/27 15:33:16 iliaa Exp $ */
#include "php.h"
@@ -152,6 +152,7 @@
if (!ps_files_valid_key(key)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "The
session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and
'-,'");
+ PS(invalid_session_id) = 1;
return;
}
if (!ps_files_path_create(buf, sizeof(buf), data, key))
http://cvs.php.net/viewvc.cgi/php-src/ext/session/php_session.h?r1=1.101.2.2&r2=1.101.2.2.2.1&diff_format=u
Index: php-src/ext/session/php_session.h
diff -u php-src/ext/session/php_session.h:1.101.2.2
php-src/ext/session/php_session.h:1.101.2.2.2.1
--- php-src/ext/session/php_session.h:1.101.2.2 Sat Jan 28 06:14:49 2006
+++ php-src/ext/session/php_session.h Thu Jul 27 15:33:16 2006
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_session.h,v 1.101.2.2 2006/01/28 06:14:49 fmk Exp $ */
+/* $Id: php_session.h,v 1.101.2.2.2.1 2006/07/27 15:33:16 iliaa Exp $ */
#ifndef PHP_SESSION_H
#define PHP_SESSION_H
@@ -125,6 +125,7 @@
long hash_bits_per_character;
int send_cookie;
int define_sid;
+ zend_bool invalid_session_id; /* allows the driver to report about an
invalid session id and request id regeneration */
} php_ps_globals;
typedef php_ps_globals zend_ps_globals;
http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.7&r2=1.417.2.8.2.8&diff_format=u
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.417.2.8.2.7
php-src/ext/session/session.c:1.417.2.8.2.8
--- php-src/ext/session/session.c:1.417.2.8.2.7 Thu Jul 27 14:13:30 2006
+++ php-src/ext/session/session.c Thu Jul 27 15:33:16 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.417.2.8.2.7 2006/07/27 14:13:30 iliaa Exp $ */
+/* $Id: session.c,v 1.417.2.8.2.8 2006/07/27 15:33:16 iliaa Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -745,7 +745,6 @@
{
char *val;
int vallen;
- zend_bool make_new = 0;
/* check session name for invalid characters */
if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
@@ -771,7 +770,6 @@
if (PS(use_cookies)) {
PS(send_cookie) = 1;
}
- make_new = 1;
}
/* Read data */
@@ -781,10 +779,13 @@
* session information
*/
php_session_track_init(TSRMLS_C);
+ PS(invalid_session_id) = 0;
if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) ==
SUCCESS) {
php_session_decode(val, vallen TSRMLS_CC);
efree(val);
- } else if (!make_new) {
+ } else if (PS(invalid_session_id)) { /* address instances where the
session read fails due to an invalid id */
+ PS(invalid_session_id) = 0;
+ efree(PS(id));
goto new_session;
}
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
