diff options
| author | Yasuo Ohgaki <yohgaki@php.net> | 2016-04-07 10:25:35 +0900 |
|---|---|---|
| committer | Yasuo Ohgaki <yohgaki@php.net> | 2016-04-07 10:26:05 +0900 |
| commit | 6467a4eb367fd1174fbed79f014772321f68e8bc (patch) | |
| tree | be2f5908cc13ad8f21d46249b9d7ac17fd60ffd9 | |
| parent | b31240f995a742b363074e0079b1aef4e577a27e (diff) | |
| download | php-git-6467a4eb367fd1174fbed79f014772321f68e8bc.tar.gz | |
Fixed Bug #71974 Trans sid will always be send, even if cookies are available
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/session/session.c | 23 | ||||
| -rw-r--r-- | ext/session/tests/bug71974.phpt | 23 |
3 files changed, 42 insertions, 8 deletions
@@ -63,6 +63,10 @@ PHP NEWS . Fixed bug #71820 (pg_fetch_object binds parameters before call constructor). (Anatol) +- Session: + . Fixed bug #71974 (Trans sid will always be send, even if cookies are + available). (Yasuo) + - SPL: . Fixed bug #71838 (Deserializing serialized SPLObjectStorage-Object can't access properties in PHP). (Nikita) diff --git a/ext/session/session.c b/ext/session/session.c index 238ae877f8..e745b96867 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1483,7 +1483,7 @@ static void ppid2sid(zval *ppid) { PHPAPI void php_session_reset_id(void) /* {{{ */ { int module_number = PS(module_number); - zval *sid; + zval *sid, *data, *ppid; if (!PS(id)) { php_error_docref(NULL, E_WARNING, "Cannot set session ID - session ID is not initialized"); @@ -1523,13 +1523,20 @@ PHPAPI void php_session_reset_id(void) /* {{{ */ } } - if (APPLY_TRANS_SID) { - /* FIXME: Resetting vars are required when - session is stop/start/regenerated. However, - php_url_scanner_reset_vars() resets all vars - including other URL rewrites set by elsewhere. */ - /* php_url_scanner_reset_vars(); */ - php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1); + /* Apply trans sid if sid cookie is not set */ + if (APPLY_TRANS_SID + && (data = zend_hash_str_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE") - 1))) { + ZVAL_DEREF(data); + if (Z_TYPE_P(data) == IS_ARRAY && (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), strlen(PS(session_name))))) { + ZVAL_DEREF(ppid); + } else { + /* FIXME: Resetting vars are required when + session is stop/start/regenerated. However, + php_url_scanner_reset_vars() resets all vars + including other URL rewrites set by elsewhere. */ + /* php_url_scanner_reset_vars(); */ + php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1); + } } } /* }}} */ diff --git a/ext/session/tests/bug71974.phpt b/ext/session/tests/bug71974.phpt new file mode 100644 index 0000000000..b692bce2c5 --- /dev/null +++ b/ext/session/tests/bug71974.phpt @@ -0,0 +1,23 @@ +--TEST-- +Bug #71974 Trans sid will always be send, even if cookies are available +--SKIPIF-- +<?php include('skipif.inc'); ?> +--INI-- +session.save_handler=files +session.auto_start=0 +session.use_cookies=1 +session.use_only_cookies=0 +session.use_trans_sid=1 +session.use_strict_mode=0 +--COOKIE-- +PHPSESSID=1234567890123456789012345678901234567890 +--FILE-- +<?php +ob_start(); +session_start() +?> +<a href="some.php">abc</a> +--EXPECTF-- +<a href="some.php">abc</a> + + |