iliaa                                    Mon, 22 Mar 2010 12:16:45 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=296481

Log:
Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on).

Bug: http://bugs.php.net/51338 (Open) URL-Rewriter should not get enabled if 
use_only_cookies is set to 1
      
Changed paths:
    U   php/php-src/branches/PHP_5_2/NEWS
    U   php/php-src/branches/PHP_5_2/ext/session/session.c
    U   php/php-src/branches/PHP_5_3/NEWS
    U   php/php-src/branches/PHP_5_3/ext/session/session.c

Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS   2010-03-22 10:28:22 UTC (rev 296480)
+++ php/php-src/branches/PHP_5_2/NEWS   2010-03-22 12:16:45 UTC (rev 296481)
@@ -9,6 +9,8 @@
 - Fixed a NULL pointer dereference when processing invalid XML-RPC
   requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)

+- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
+  on). (Ilia, j dot jeising at gmail dot com)
 - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
 - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot 
com)
 - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,

Modified: php/php-src/branches/PHP_5_2/ext/session/session.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/session/session.c  2010-03-22 10:28:22 UTC 
(rev 296480)
+++ php/php-src/branches/PHP_5_2/ext/session/session.c  2010-03-22 12:16:45 UTC 
(rev 296481)
@@ -1261,7 +1261,11 @@
        int nrand;
        int lensess;

-       PS(apply_trans_sid) = PS(use_trans_sid);
+       if (PS(use_only_cookies)) {
+               PS(apply_trans_sid) = 0;
+       } else {
+               PS(apply_trans_sid) = PS(use_trans_sid);
+       }

        switch (PS(session_status)) {
                case php_session_active:
@@ -1363,7 +1367,7 @@
                efree(PS(id));
                PS(id) = NULL;
                PS(send_cookie) = 1;
-               if (PS(use_trans_sid)) {
+               if (PS(use_trans_sid) && !PS(use_only_cookies)) {
                        PS(apply_trans_sid) = 1;
                }
        }
@@ -1371,7 +1375,7 @@
        php_session_initialize(TSRMLS_C);

        if (!PS(use_cookies) && PS(send_cookie)) {
-               if (PS(use_trans_sid)) {
+               if (PS(use_trans_sid) && !PS(use_only_cookies)) {
                        PS(apply_trans_sid) = 1;
                }
                PS(send_cookie) = 0;

Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS   2010-03-22 10:28:22 UTC (rev 296480)
+++ php/php-src/branches/PHP_5_3/NEWS   2010-03-22 12:16:45 UTC (rev 296481)
@@ -9,6 +9,8 @@
 - Fixed a NULL pointer dereference when processing invalid XML-RPC
   requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)

+- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
+  on). (Ilia, j dot jeising at gmail dot com)
 - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
 - Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl
   version 7.10.1). (aron dot ujvari at microsec dot hu)

Modified: php/php-src/branches/PHP_5_3/ext/session/session.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/session/session.c  2010-03-22 10:28:22 UTC 
(rev 296480)
+++ php/php-src/branches/PHP_5_3/ext/session/session.c  2010-03-22 12:16:45 UTC 
(rev 296481)
@@ -1343,7 +1343,11 @@
        int nrand;
        int lensess;

-       PS(apply_trans_sid) = PS(use_trans_sid);
+       if (PS(use_only_cookies)) {
+               PS(apply_trans_sid) = 0;
+       } else {
+               PS(apply_trans_sid) = PS(use_trans_sid);
+       }

        switch (PS(session_status)) {
                case php_session_active:
@@ -1445,7 +1449,7 @@
                efree(PS(id));
                PS(id) = NULL;
                PS(send_cookie) = 1;
-               if (PS(use_trans_sid)) {
+               if (PS(use_trans_sid) && !PS(use_only_cookies)) {
                        PS(apply_trans_sid) = 1;
                }
        }
@@ -1453,7 +1457,7 @@
        php_session_initialize(TSRMLS_C);

        if (!PS(use_cookies) && PS(send_cookie)) {
-               if (PS(use_trans_sid)) {
+               if (PS(use_trans_sid) && !PS(use_only_cookies)) {
                        PS(apply_trans_sid) = 1;
                }
                PS(send_cookie) = 0;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to