archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

MFB: An improved fix for bug #38224

Browse source
This commit is contained in:
Ilia Alshanetsky 2006-07-27 15:36:43 +00:00
parent 1dcb726c5a
commit a081be13fc
3 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
ext/session/mod_files.c
View file

@ -152,6 +152,7 @@ static void ps_files_open(ps_files *data, const char *key TSRMLS_DC)
if (!ps_files_valid_key(key)) { if (!ps_files_valid_key(key)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'"); php_error_docref(NULL TSRMLS_CC, E_WARNING, "The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'");
PS(invalid_session_id) = 1;
return; return;
} }
if (!ps_files_path_create(buf, sizeof(buf), data, key)) if (!ps_files_path_create(buf, sizeof(buf), data, key))

1
ext/session/php_session.h
View file

@ -123,6 +123,7 @@ typedef struct _php_ps_globals {
long hash_bits_per_character; long hash_bits_per_character;
int send_cookie; int send_cookie;
int define_sid; int define_sid;
zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */
} php_ps_globals; } php_ps_globals;
typedef php_ps_globals zend_ps_globals; typedef php_ps_globals zend_ps_globals;

7
ext/session/session.c
View file

@ -653,7 +653,6 @@ static void php_session_initialize(TSRMLS_D)
{ {
char *val; char *val;
int vallen; int vallen;
zend_bool make_new = 0;
/* check session name for invalid characters */ /* check session name for invalid characters */
if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) { if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
@ -679,7 +678,6 @@ new_session:
if (PS(use_cookies)) { if (PS(use_cookies)) {
PS(send_cookie) = 1; PS(send_cookie) = 1;
} }
make_new = 1;
} }
/* Read data */ /* Read data */
@ -689,10 +687,13 @@ new_session:
* session information * session information
*/ */
php_session_track_init(TSRMLS_C); php_session_track_init(TSRMLS_C);
PS(invalid_session_id) = 0;
if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == SUCCESS) { if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == SUCCESS) {
php_session_decode(val, vallen TSRMLS_CC); php_session_decode(val, vallen TSRMLS_CC);
efree(val); efree(val);
} else if (!make_new) { } else if (PS(invalid_session_id)) { /* address instances where the session read fails due to an invalid id */
PS(invalid_session_id) = 0;
efree(PS(id));
goto new_session; goto new_session;
} }
} }