Hi,
i have found a great problem (but small fix) with the generation of
sessions when register_globals=off. this is also described in bug #8772.
this bug is in 4.0.4 and 4.0.4pl1, but i have not checked the lastest cvs.
the problem in ext/session/session.c is, that the session data of a new
session is never written to disk, because http_session_vars is null when
calling php_session_save_current_state().
my research shows the following:
- http_session_vars is inititialized in function php_session_track_init()
- php_session_track_init() is only called from php_session_decode()
- php_session_decode() is used if you call session_decode() or in
php_session_inititialize() but only if PS(mod)->read() return SUCCESS.
this condition is not true if we have generated a new session, so the
function php_session_track_init() is never called.
my proposed patch is
--- session.orig.c Mon Jan 29 19:13:27 2001
+++ session.c Mon Jan 29 19:17:16 2001
@@ -583,6 +583,8 @@
if (PS(mod)->read(&PS(mod_data), PS(id), &val, &vallen) ==
SUCCESS) {
php_session_decode(val, vallen PSLS_CC);
efree(val);
+ } else {
+ php_session_track_init();
}
}
regards marc
Marc Pohl
WWF Wort + Ton GmbH
Bereich e-media
Tel. 0221 6900 112
Fax. 0221 6900 150
http://www.wwf-gruppe.de/
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
