diff options
Diffstat (limited to 'ext/session')
| -rw-r--r-- | ext/session/mod_files.c | 5 | ||||
| -rw-r--r-- | ext/session/session.c | 45 | ||||
| -rw-r--r-- | ext/session/tests/bug61470.phpt | 6 | ||||
| -rw-r--r-- | ext/session/tests/bug68063.phpt | 20 | ||||
| -rw-r--r-- | ext/session/tests/session_basic3.phpt | 18 | ||||
| -rw-r--r-- | ext/session/tests/session_regenerate_id_basic.phpt | 4 | ||||
| -rw-r--r-- | ext/session/tests/session_regenerate_id_error.phpt | 44 | ||||
| -rw-r--r-- | ext/session/tests/session_regenerate_id_variation1.phpt | 4 |
8 files changed, 115 insertions, 31 deletions
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c index 561d216adf..2db5159d91 100644 --- a/ext/session/mod_files.c +++ b/ext/session/mod_files.c @@ -159,6 +159,7 @@ static void ps_files_open(ps_files *data, const char *key) #if !defined(O_NOFOLLOW) || !defined(PHP_WIN32) struct stat sbuf; #endif + int ret; if (data->fd < 0 || !data->lastkey || strcmp(key, data->lastkey)) { if (data->lastkey) { @@ -201,7 +202,9 @@ static void ps_files_open(ps_files *data, const char *key) return; } #endif - flock(data->fd, LOCK_EX); + do { + ret = flock(data->fd, LOCK_EX); + } while (ret == -1 && errno == EINTR); #ifdef F_SETFD # ifndef FD_CLOEXEC diff --git a/ext/session/session.c b/ext/session/session.c index 010de352b9..c6f5f5230f 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -2010,6 +2010,7 @@ static PHP_FUNCTION(session_id) static PHP_FUNCTION(session_regenerate_id) { zend_bool del_ses = 0; + zend_string *data = NULL; if (zend_parse_parameters(ZEND_NUM_ARGS(), "|b", &del_ses) == FAILURE) { return; @@ -2020,26 +2021,31 @@ static PHP_FUNCTION(session_regenerate_id) RETURN_FALSE; } - if (PS(session_status) == php_session_active) { - if (PS(id)) { - if (del_ses && PS(mod)->s_destroy(&PS(mod_data), PS(id)) == FAILURE) { - php_error_docref(NULL, E_WARNING, "Session object destruction failed"); - RETURN_FALSE; - } - zend_string_release(PS(id)); - PS(id) = NULL; - } + if (PS(session_status) != php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot regenerate session id - session is not active"); + RETURN_FALSE; + } - PS(id) = PS(mod)->s_create_sid(&PS(mod_data)); - if (PS(id)) { - PS(send_cookie) = 1; - php_session_reset_id(); - RETURN_TRUE; - } else { - PS(id) = STR_EMPTY_ALLOC(); + /* Keep current session data */ + data = php_session_encode(); + + if (del_ses && PS(mod)->s_destroy(&PS(mod_data), PS(id)) == FAILURE) { + php_error_docref(NULL, E_WARNING, "Session object destruction failed"); + } + php_rshutdown_session_globals(); + php_rinit_session_globals(); + + php_session_initialize(); + /* Restore session data */ + if (data) { + if (PS(session_vars)) { + zend_string_release(PS(session_vars)); + PS(session_vars) = NULL; } + php_session_decode(data); + zend_string_release(data); } - RETURN_FALSE; + RETURN_TRUE; } /* }}} */ @@ -2195,6 +2201,11 @@ static PHP_FUNCTION(session_start) RETURN_FALSE; } + if (PS(id) && !(PS(id)->len)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot start session with empty session ID"); + RETURN_FALSE; + } + /* set options */ if (options) { ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(options), num_idx, str_idx, value) { diff --git a/ext/session/tests/bug61470.phpt b/ext/session/tests/bug61470.phpt index 8be1a540b5..d8b4c2014f 100644 --- a/ext/session/tests/bug61470.phpt +++ b/ext/session/tests/bug61470.phpt @@ -2,8 +2,6 @@ Bug #61470 (session_regenerate_id() does not create session file) --SKIPIF-- <?php include('skipif.inc'); ?> ---XFAIL-- -Semantecs of create id seems changed. Will be fixed soon. --INI-- --FILE-- <?php @@ -24,6 +22,6 @@ var_dump(is_file($file2)); unlink($file1); unlink($file2); --EXPECT-- -bool(true); -bool(true); +bool(true) +bool(true) diff --git a/ext/session/tests/bug68063.phpt b/ext/session/tests/bug68063.phpt new file mode 100644 index 0000000000..d3da470d06 --- /dev/null +++ b/ext/session/tests/bug68063.phpt @@ -0,0 +1,20 @@ +--TEST-- +Bug #68063 (Empty session IDs do still start sessions) +--SKIPIF-- +<?php include('skipif.inc'); ?> +--INI-- +--FILE-- +<?php +// Could also be set with a cookie like "PHPSESSID=; path=/" +session_id(''); + +// Will still start the session and return true +var_dump(session_start()); + +// Returns an empty string +var_dump(session_id()); +?> +--EXPECTF-- +Warning: session_start(): Cannot start session with empty session ID in %s on line %d +bool(false) +string(0) "" diff --git a/ext/session/tests/session_basic3.phpt b/ext/session/tests/session_basic3.phpt index 08e3aae295..49c22032bd 100644 --- a/ext/session/tests/session_basic3.phpt +++ b/ext/session/tests/session_basic3.phpt @@ -180,15 +180,15 @@ ob_end_flush(); *** Testing basic session functionality : variation3 use_trans_sid *** *** Test trans sid *** -<a href="/?PHPSESSID=testid&PHPSESSID=testid">test</a> -<a href="/?PHPSESSID=testid&PHPSESSID=testid#bar">test</a> -<a href="/?foo&PHPSESSID=testid&PHPSESSID=testid">test</a> -<a href="/?foo&PHPSESSID=testid&PHPSESSID=testid#bar">test</a> -<a href="/?foo=var&PHPSESSID=testid&PHPSESSID=testid">test</a> -<a href="/?foo=var&PHPSESSID=testid&PHPSESSID=testid#bar">test</a> -<a href="file.php?PHPSESSID=testid&PHPSESSID=testid">test</a> -<a href="file.php?foo&PHPSESSID=testid&PHPSESSID=testid">test</a> -<a href="file.php?foo=var&PHPSESSID=testid&PHPSESSID=testid">test</a> +<a href="/?PHPSESSID=testid">test</a> +<a href="/?PHPSESSID=testid#bar">test</a> +<a href="/?foo&PHPSESSID=testid">test</a> +<a href="/?foo&PHPSESSID=testid#bar">test</a> +<a href="/?foo=var&PHPSESSID=testid">test</a> +<a href="/?foo=var&PHPSESSID=testid#bar">test</a> +<a href="file.php?PHPSESSID=testid">test</a> +<a href="file.php?foo&PHPSESSID=testid">test</a> +<a href="file.php?foo=var&PHPSESSID=testid">test</a> <a href="http://php.net">test</a> <a href="http://php.net/">test</a> <a href="http://php.net/#bar">test</a> diff --git a/ext/session/tests/session_regenerate_id_basic.phpt b/ext/session/tests/session_regenerate_id_basic.phpt index 910620a66f..cdf2bb1f2b 100644 --- a/ext/session/tests/session_regenerate_id_basic.phpt +++ b/ext/session/tests/session_regenerate_id_basic.phpt @@ -31,12 +31,16 @@ ob_end_flush(); --EXPECTF-- *** Testing session_regenerate_id() : basic functionality *** string(0) "" + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) string(0) "" bool(true) bool(true) string(%d) "%s" bool(true) + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) string(0) "" Done diff --git a/ext/session/tests/session_regenerate_id_error.phpt b/ext/session/tests/session_regenerate_id_error.phpt index 9e119f17fb..9c94d8564b 100644 --- a/ext/session/tests/session_regenerate_id_error.phpt +++ b/ext/session/tests/session_regenerate_id_error.phpt @@ -96,63 +96,103 @@ ob_end_flush(); *** Testing session_regenerate_id() : error functionality *** -- Iteration 1 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 2 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 3 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 4 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 5 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 6 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 7 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 8 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 9 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 10 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 11 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 12 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 13 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 14 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 15 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 16 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 17 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 18 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 19 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 20 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 21 -- @@ -161,9 +201,13 @@ Warning: session_regenerate_id() expects parameter 1 to be boolean, object given NULL -- Iteration 22 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 23 -- + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) -- Iteration 24 -- diff --git a/ext/session/tests/session_regenerate_id_variation1.phpt b/ext/session/tests/session_regenerate_id_variation1.phpt index 95d4a77c8e..ca0ef35b10 100644 --- a/ext/session/tests/session_regenerate_id_variation1.phpt +++ b/ext/session/tests/session_regenerate_id_variation1.phpt @@ -31,12 +31,16 @@ ob_end_flush(); --EXPECTF-- *** Testing session_regenerate_id() : variation *** string(0) "" + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) string(0) "" bool(true) bool(true) string(%d) "%s" bool(true) + +Warning: session_regenerate_id(): Cannot regenerate session id - session is not active in %s on line %d bool(false) string(0) "" Done |