archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-17 14:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
128150 commits 526 branches 1434 tags 869 MiB
Commit graph

929 commits

Author SHA1 Message Date
Martin Jansen
c5f9a231d5 Streamlining of cookie handling in ext/session and setcookie 
Up until now the session cookie used "HttpOnly" to indicate cookies
only available through HTTP while setcookie() used "httponly".  The
relevant RFC 6265 claims that case does not matter for this token,
but only explicitely mentions "HttpOnly".  Thus this seems like a
logical choice when streamlining the code.

Also the setcookie implementation now uses the same string constants
as the session extension for other tokens like Max-Age or the domain
attribute.

This change poses a slight risk of backwards incompatibility in places
where people deliberately ignore chapter 5.2.5 of RFC 6265 and perform
case-sensitive checks for the HttpOnly attribute.
 2014-05-06 22:00:59 +02:00
Xinchen Hui
d8651fbe1c Make they are in the same style of Z_ISREF 2014-05-03 16:08:58 +08:00
Dmitry Stogov
17d027ed47 Split IS_BOOL into IS_FALSE and IS_TRUE 2014-04-30 18:32:42 +04:00
Dmitry Stogov
f9927a6c97 Merge mainstream 'master' branch into refactoring 
During merge I had to revert:
	Nikita's patch for php_splice() (it probably needs to be applyed again)
	Bob Weinand's patches related to constant expression handling (we need to review them carefully)
	I also reverted all our attempts to support sapi/phpdbg (we didn't test it anyway)

Conflicts:
	Zend/zend.h
	Zend/zend_API.c
	Zend/zend_ast.c
	Zend/zend_compile.c
	Zend/zend_compile.h
	Zend/zend_constants.c
	Zend/zend_exceptions.c
	Zend/zend_execute.c
	Zend/zend_execute.h
	Zend/zend_execute_API.c
	Zend/zend_hash.c
	Zend/zend_highlight.c
	Zend/zend_language_parser.y
	Zend/zend_language_scanner.c
	Zend/zend_language_scanner_defs.h
	Zend/zend_variables.c
	Zend/zend_vm_def.h
	Zend/zend_vm_execute.h
	ext/date/php_date.c
	ext/dom/documenttype.c
	ext/hash/hash.c
	ext/iconv/iconv.c
	ext/mbstring/tests/zend_multibyte-10.phpt
	ext/mbstring/tests/zend_multibyte-11.phpt
	ext/mbstring/tests/zend_multibyte-12.phpt
	ext/mysql/php_mysql.c
	ext/mysqli/mysqli.c
	ext/mysqlnd/mysqlnd_reverse_api.c
	ext/mysqlnd/php_mysqlnd.c
	ext/opcache/ZendAccelerator.c
	ext/opcache/zend_accelerator_util_funcs.c
	ext/opcache/zend_persist.c
	ext/opcache/zend_persist_calc.c
	ext/pcre/php_pcre.c
	ext/pdo/pdo_dbh.c
	ext/pdo/pdo_stmt.c
	ext/pdo_pgsql/pgsql_driver.c
	ext/pgsql/pgsql.c
	ext/reflection/php_reflection.c
	ext/session/session.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
	ext/standard/array.c
	ext/standard/basic_functions.c
	ext/standard/html.c
	ext/standard/mail.c
	ext/standard/php_array.h
	ext/standard/proc_open.c
	ext/standard/streamsfuncs.c
	ext/standard/user_filters.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_variables.c
	sapi/phpdbg/phpdbg.c
	sapi/phpdbg/phpdbg_bp.c
	sapi/phpdbg/phpdbg_frame.c
	sapi/phpdbg/phpdbg_help.c
	sapi/phpdbg/phpdbg_list.c
	sapi/phpdbg/phpdbg_print.c
	sapi/phpdbg/phpdbg_prompt.c
 2014-04-26 00:32:51 +04:00
Dmitry Stogov
7584ae3200 Fixed compilaation warnings 2014-04-22 18:52:59 +04:00
Dmitry Stogov
050d7e38ad Cleanup (1-st round) 2014-04-15 15:40:40 +04:00
Dmitry Stogov
6bfedfd22e Fixed unserialize() 2014-04-10 18:08:11 +04:00
Dmitry Stogov
6df6006769 Compatibility fix for ext/session/tests/session_id_error3.phpt 2014-04-10 12:29:14 +04:00
Xinchen Hui
5c1595ca8e Refactor session (incompleted) 2014-03-29 17:39:26 +08:00
Xinchen Hui
3647fc6fcc Refactor session (incompleted) 2014-03-28 18:46:25 +08:00
Xinchen Hui
c9bca5039b Refactor session (incompleted) 2014-03-26 23:23:54 +08:00
Yasuo Ohgaki
6f0ad9ea12 Revert "Implement Bug #54649 Create session_serializer_name()" 
This reverts commit 678ec30655.

Conflicts:
	ext/session/tests/session_serializer_name_basic.phpt
 2014-03-13 06:32:49 +09:00
Yasuo Ohgaki
7dec5789fe Revert "Implemented Request #11100 (session_gc() function)." 
This reverts commit 54a42f0d0c.

Conflicts:
	ext/session/tests/session_gc_basic.phpt
 2014-03-13 06:30:32 +09:00
Dmitry Stogov
040dea8b82 Arguments taken by internal functions using zend_parse_parameters() with "+" and "*" specifications must not be deallocated anymore. 2014-03-05 11:10:52 +04:00
Anatol Belski
ca27c86110 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix zts
 2014-01-22 12:05:06 +01:00
Anatol Belski
6d1d8ec330 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix zts
 2014-01-22 12:04:25 +01:00
Anatol Belski
34792280bc fix zts 2014-01-22 12:03:54 +01:00
Yasuo Ohgaki
3cc6c6c587 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed previous commit may delete unwanted cookies.
  Re-fixed bug #66469
 2014-01-22 19:23:17 +09:00
Yasuo Ohgaki
fa224b1c58 Fixed previous commit may delete unwanted cookies. 2014-01-22 19:23:01 +09:00
Yasuo Ohgaki
58f94345a7 Fixed previous commit may delete unwanted cookies. Sync tests from upper branches. 2014-01-22 19:21:25 +09:00
Yasuo Ohgaki
26a2bed185 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Re-fixed bug #66469
 2014-01-22 13:47:55 +09:00
Yasuo Ohgaki
383423a1ee Re-fixed bug #66469 2014-01-22 13:46:59 +09:00
Yasuo Ohgaki
a27e51fd4e Re-fixed bug #66469 2014-01-22 13:40:58 +09:00
Xinchen Hui
bfcdd67865 Merge branch 'PHP-5.5' into PHP-5.6 2014-01-16 14:42:04 +08:00
Xinchen Hui
9799816e0c Merge branch 'PHP-5.4' into PHP-5.5 2014-01-16 14:41:52 +08:00
Xinchen Hui
b777248ded Re-fixed Bug #66481 (Calls to session_name() segfault when session.name is null) 2014-01-16 14:41:12 +08:00
Xinchen Hui
271053ad47 Revert "Bug #66481 Segfaults on session_name()" 
This reverts commit 5662ffb295.
 2014-01-16 14:38:35 +08:00
Yasuo Ohgaki
518327f7e3 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Bug #66481 Segfaults on session_name()
 2014-01-16 11:35:11 +09:00
Yasuo Ohgaki
744f38c2d6 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Bug #66481 Segfaults on session_name()
 2014-01-16 11:34:31 +09:00
Conor McDermottroe
5662ffb295 Bug #66481 Segfaults on session_name() 
If the previous value of session.name was NULL then any call to
session_name($string) would result in a segmentation fault.

This changes the behaviour to set the value of session.name to
"PHPSESSID" if a blank value is given in php.ini or via -d on the
command line. There is already protection against setting it to NULL via
session_name() or ini_set().
 2014-01-16 11:33:10 +09:00
Yasuo Ohgaki
167eaedcbd Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1
 2014-01-15 11:07:10 +09:00
Yasuo Ohgaki
f52c251f60 Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1 2014-01-15 11:06:06 +09:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Xinchen Hui
c0d060f5c0 Bump year 2014-01-03 11:04:26 +08:00
Dmitry Stogov
03a37de9b3 Improved empty string handling. Now ZE uses an interned string instead of allocation new empty string each time. (Some extensions might need to be fixed using str_efree() instead of efree() to support interned strings). 2013-12-26 14:47:13 +04:00
Christopher Jones
d9bfe06194 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Reduce compilation noise during normal compilation:     php-5.5/ext/session/session.c:836: warning: unused variable ‘struc’     php-5.5/ext/session/session.c:836: warning: unused variable ‘num_key’     php-5.5/ext/session/session.c:836: warning: unused variable ‘key_length’     php-5.5/ext/session/session.c:836: warning: unused variable ‘key’     php-5.5/ext/session/session.c:835: warning: unused variable ‘key_type’     php-5.5/ext/session/session.c:834: warning: unused variable ‘_ht’     php-5.5/ext/session/session.c:857: warning: unused variable ‘has_value’     php-5.5/ext/session/session.c:856: warning: unused variable ‘namelen’     php-5.5/ext/session/session.c:853: warning: unused variable ‘name’     php-5.5/ext/session/session.c:852: warning: unused variable ‘p’
 2013-08-21 10:35:07 -07:00
Christopher Jones
d85827fb7f Reduce compilation noise during normal compilation: 
php-5.5/ext/session/session.c:836: warning: unused variable ‘struc’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘num_key’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘key_length’
    php-5.5/ext/session/session.c:836: warning: unused variable ‘key’
    php-5.5/ext/session/session.c:835: warning: unused variable ‘key_type’
    php-5.5/ext/session/session.c:834: warning: unused variable ‘_ht’
    php-5.5/ext/session/session.c:857: warning: unused variable ‘has_value’
    php-5.5/ext/session/session.c:856: warning: unused variable ‘namelen’
    php-5.5/ext/session/session.c:853: warning: unused variable ‘name’
    php-5.5/ext/session/session.c:852: warning: unused variable ‘p’

    php-5.5/ext/session/mod_user.c:191: warning: unused variable ‘ret’
 2013-08-21 10:34:09 -07:00
Yasuo Ohgaki
aaf95aa1b6 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Add php_serialize session.serialize_handler. This patch closes
 2013-08-21 11:06:11 +09:00
Yasuo Ohgaki
c51f77fe83 Add php_serialize session.serialize_handler. This patch closes 
Request #25630
  Request #43980
  Request #54383
  Bug #65359

and many others similar to these that are closed as "wont fix" or
"not a bug".

Current serializers have limitations due to register_globals support
that are no longer supported. Changing existing serializer may cause
compatibility issue. Therefore, new handler is needed to remove
needless limitations.

php_serialize does not have special characters and allow numerical
index in $_SESSION. $_SESSION can be used as ordinary array.
 2013-08-21 10:51:51 +09:00
Christopher Jones
3c166c4758 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/gmp/gmp.c
 2013-08-14 20:47:00 -07:00
Christopher Jones
39612afc72 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings.

Conflicts:
	ext/dba/libinifile/inifile.c
 2013-08-14 20:43:25 -07:00
Christopher Jones
9ad97cd489 Reduce (some) compile noise of 'unused variable' and 'may be used uninitialized' warnings. 2013-08-14 20:36:50 -07:00
Yasuo Ohgaki
0959475e11 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fixed possible buffer overflow under Windows. Note: Not a security fix.
 2013-08-11 06:44:01 +09:00
Yasuo Ohgaki
2df95b1354 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed possible buffer overflow under Windows. Note: Not a security fix.
 2013-08-11 06:43:37 +09:00
Yasuo Ohgaki
0ad81ac18a Fixed possible buffer overflow under Windows. Note: Not a security fix. 2013-08-11 06:43:01 +09:00
Yasuo Ohgaki
771b06f585 Merge branch 'PHP-5.5' 
* PHP-5.5:
  Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime
 2013-08-10 18:30:05 +09:00
Yasuo Ohgaki
9d95a1a7d1 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime
 2013-08-10 18:29:29 +09:00
Yasuo Ohgaki
e9b128c1bf Fixed Bug #62015 Changed session.auto_start to PHP_INI_PERDIR. It is simply wrong and never worked if the value is changed at runtime 2013-08-10 18:29:13 +09:00
Yasuo Ohgaki
6941ce3583 Implemented Request #20421 (session_abort() and session_reset() function 2013-08-10 16:57:56 +09:00