iliaa Mon, 22 Mar 2010 12:16:45 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=296481
Log: Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). Bug: http://bugs.php.net/51338 (Open) URL-Rewriter should not get enabled if use_only_cookies is set to 1 Changed paths: U php/php-src/branches/PHP_5_2/NEWS U php/php-src/branches/PHP_5_2/ext/session/session.c U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/session/session.c Modified: php/php-src/branches/PHP_5_2/NEWS =================================================================== --- php/php-src/branches/PHP_5_2/NEWS 2010-03-22 10:28:22 UTC (rev 296480) +++ php/php-src/branches/PHP_5_2/NEWS 2010-03-22 12:16:45 UTC (rev 296481) @@ -9,6 +9,8 @@ - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) +- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is + on). (Ilia, j dot jeising at gmail dot com) - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com) - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, Modified: php/php-src/branches/PHP_5_2/ext/session/session.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/session/session.c 2010-03-22 10:28:22 UTC (rev 296480) +++ php/php-src/branches/PHP_5_2/ext/session/session.c 2010-03-22 12:16:45 UTC (rev 296481) @@ -1261,7 +1261,11 @@ int nrand; int lensess; - PS(apply_trans_sid) = PS(use_trans_sid); + if (PS(use_only_cookies)) { + PS(apply_trans_sid) = 0; + } else { + PS(apply_trans_sid) = PS(use_trans_sid); + } switch (PS(session_status)) { case php_session_active: @@ -1363,7 +1367,7 @@ efree(PS(id)); PS(id) = NULL; PS(send_cookie) = 1; - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } } @@ -1371,7 +1375,7 @@ php_session_initialize(TSRMLS_C); if (!PS(use_cookies) && PS(send_cookie)) { - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } PS(send_cookie) = 0; Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2010-03-22 10:28:22 UTC (rev 296480) +++ php/php-src/branches/PHP_5_3/NEWS 2010-03-22 12:16:45 UTC (rev 296481) @@ -9,6 +9,8 @@ - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) +- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is + on). (Ilia, j dot jeising at gmail dot com) - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) - Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl version 7.10.1). (aron dot ujvari at microsec dot hu) Modified: php/php-src/branches/PHP_5_3/ext/session/session.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/session/session.c 2010-03-22 10:28:22 UTC (rev 296480) +++ php/php-src/branches/PHP_5_3/ext/session/session.c 2010-03-22 12:16:45 UTC (rev 296481) @@ -1343,7 +1343,11 @@ int nrand; int lensess; - PS(apply_trans_sid) = PS(use_trans_sid); + if (PS(use_only_cookies)) { + PS(apply_trans_sid) = 0; + } else { + PS(apply_trans_sid) = PS(use_trans_sid); + } switch (PS(session_status)) { case php_session_active: @@ -1445,7 +1449,7 @@ efree(PS(id)); PS(id) = NULL; PS(send_cookie) = 1; - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } } @@ -1453,7 +1457,7 @@ php_session_initialize(TSRMLS_C); if (!PS(use_cookies) && PS(send_cookie)) { - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } PS(send_cookie) = 0;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
