From 5ce7642308247b02c996fe5c2b1edd83133bb987 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 16 Oct 2016 17:34:20 +0900 Subject: [PATCH 01/18] Fix bug #71038 --- ext/session/php_session.h | 4 +- ext/session/session.c | 62 +++++++++++++------ ext/session/tests/bug60860.phpt | 3 +- ext/session/tests/bug69111.phpt | 7 ++- ext/session/tests/rfc1867_sid_invalid.phpt | 2 +- .../tests/session_module_name_variation3.phpt | 12 ++-- .../tests/session_save_path_variation4.phpt | 14 ++++- .../session_set_save_handler_class_005.phpt | 2 +- .../session_set_save_handler_class_012.phpt | 2 +- .../session_set_save_handler_error3.phpt | 10 +-- 10 files changed, 77 insertions(+), 41 deletions(-) diff --git a/ext/session/php_session.h b/ext/session/php_session.h index da5e48515a43e..3c03e2aaac704 100644 --- a/ext/session/php_session.h +++ b/ext/session/php_session.h @@ -264,13 +264,13 @@ PHPAPI int php_session_register_serializer(const char *name, int (*decode)(PS_SERIALIZER_DECODE_ARGS)); PHPAPI void php_session_set_id(char *id); -PHPAPI void php_session_start(void); +PHPAPI int php_session_start(void); PHPAPI ps_module *_php_find_ps_module(char *name); PHPAPI const ps_serializer *_php_find_ps_serializer(char *name); PHPAPI int php_session_valid_key(const char *key); -PHPAPI void php_session_reset_id(void); +PHPAPI int php_session_reset_id(void); #define PS_ADD_VARL(name) do { \ php_add_session_var(name); \ diff --git a/ext/session/session.c b/ext/session/session.c index 742461bbed441..0bb12265eef7f 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -369,7 +369,7 @@ static zend_long php_session_gc(zend_bool immediate) /* {{{ */ return num; } /* }}} */ -static void php_session_initialize(void) /* {{{ */ +static int php_session_initialize(void) /* {{{ */ { zend_string *val = NULL; @@ -377,8 +377,8 @@ static void php_session_initialize(void) /* {{{ */ if (!PS(mod)) { PS(session_status) = php_session_disabled; - php_error_docref(NULL, E_ERROR, "No storage module chosen - failed to initialize session"); - return; + php_error_docref(NULL, E_WARNING, "No storage module chosen - failed to initialize session"); + return FAILURE; } /* Open session handler first */ @@ -386,8 +386,8 @@ static void php_session_initialize(void) /* {{{ */ /* || PS(mod_data) == NULL */ /* FIXME: open must set valid PS(mod_data) with success */ ) { php_session_abort(); - php_error_docref(NULL, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path)); - return; + php_error_docref(NULL, E_WARNING, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path)); + return FAILURE; } /* If there is no ID, use session module to create one */ @@ -399,7 +399,7 @@ static void php_session_initialize(void) /* {{{ */ if (!PS(id)) { php_session_abort(); zend_throw_error(NULL, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path)); - return; + return FAILURE; } if (PS(use_cookies)) { PS(send_cookie) = 1; @@ -418,7 +418,10 @@ static void php_session_initialize(void) /* {{{ */ } } - php_session_reset_id(); + if (php_session_reset_id() == FAILURE) { + php_session_abort(); + return FAILURE; + } /* Read data */ php_session_track_init(); @@ -427,7 +430,7 @@ static void php_session_initialize(void) /* {{{ */ /* Some broken save handler implementation returns FAILURE for non-existent session ID */ /* It's better to raise error for this, but disabled error for better compatibility */ php_error_docref(NULL, E_WARNING, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); - return; + return FAILURE; } /* GC must be done after read */ @@ -444,6 +447,7 @@ static void php_session_initialize(void) /* {{{ */ php_session_decode(val); zend_string_release(val); } + return SUCCESS; } /* }}} */ @@ -1353,7 +1357,9 @@ static void ppid2sid(zval *ppid) { } } -PHPAPI void php_session_reset_id(void) /* {{{ */ + +/* Made to return int from 7.1, previously void */ +PHPAPI int php_session_reset_id(void) /* {{{ */ { int module_number = PS(module_number); zval *sid, *data, *ppid; @@ -1361,7 +1367,7 @@ PHPAPI void php_session_reset_id(void) /* {{{ */ if (!PS(id)) { php_error_docref(NULL, E_WARNING, "Cannot set session ID - session ID is not initialized"); - return; + return FAILURE; } if (PS(use_cookies) && PS(send_cookie)) { @@ -1418,10 +1424,13 @@ PHPAPI void php_session_reset_id(void) /* {{{ */ zend_string_release(sname); php_url_scanner_add_session_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1); } + return SUCCESS; } /* }}} */ -PHPAPI void php_session_start(void) /* {{{ */ + +/* Made to return int from 7.1, previously void */ +PHPAPI int php_session_start(void) /* {{{ */ { zval *ppid; zval *data; @@ -1431,7 +1440,6 @@ PHPAPI void php_session_start(void) /* {{{ */ switch (PS(session_status)) { case php_session_active: php_error(E_NOTICE, "A session had already been started - ignoring session_start()"); - return; break; case php_session_disabled: @@ -1440,7 +1448,7 @@ PHPAPI void php_session_start(void) /* {{{ */ PS(mod) = _php_find_ps_module(value); if (!PS(mod)) { php_error_docref(NULL, E_WARNING, "Cannot find save handler '%s' - session startup failed", value); - return; + return FAILURE; } } value = zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler") - 1, 0); @@ -1448,14 +1456,14 @@ PHPAPI void php_session_start(void) /* {{{ */ PS(serializer) = _php_find_ps_serializer(value); if (!PS(serializer)) { php_error_docref(NULL, E_WARNING, "Cannot find serialization handler '%s' - session startup failed", value); - return; + return FAILURE; } } PS(session_status) = php_session_none; - /* fallthrough */ + /* Fall through */ - default: case php_session_none: + default: /* Setup internal flags */ PS(define_sid) = !PS(use_only_cookies); /* SID constant is defined when non-cookie ID is used */ PS(send_cookie) = PS(use_cookies) || PS(use_only_cookies); @@ -1531,8 +1539,16 @@ PHPAPI void php_session_start(void) /* {{{ */ PS(id) = NULL; } - php_session_initialize(); - php_session_cache_limiter(); + if (php_session_initialize() == FAILURE + || php_session_cache_limiter() == -2) { + PS(session_status) = php_session_none; + if (PS(id)) { + zend_string_release(PS(id)); + PS(id) = NULL; + } + return FAILURE; + } + return SUCCESS; } /* }}} */ @@ -2007,7 +2023,9 @@ static PHP_FUNCTION(session_regenerate_id) if (PS(use_cookies)) { PS(send_cookie) = 1; } - php_session_reset_id(); + if (php_session_reset_id() == FAILURE) { + RETURN_FALSE; + } RETURN_TRUE; } @@ -2208,6 +2226,12 @@ static PHP_FUNCTION(session_start) php_session_start(); if (PS(session_status) != php_session_active) { + IF_SESSION_VARS() { + zval *sess_var = Z_REFVAL(PS(http_session_vars)); + SEPARATE_ARRAY(sess_var); + /* Clean $_SESSION. */ + zend_hash_clean(Z_ARRVAL_P(sess_var)); + } RETURN_FALSE; } diff --git a/ext/session/tests/bug60860.phpt b/ext/session/tests/bug60860.phpt index 83185862f01f0..8cd43a83e2f3b 100644 --- a/ext/session/tests/bug60860.phpt +++ b/ext/session/tests/bug60860.phpt @@ -14,4 +14,5 @@ echo "ok\n"; --EXPECTF-- Warning: session_start(): user session functions not defined in %s on line 3 -Fatal error: session_start(): Failed to initialize storage module: user (path:%s) in %s on line 3 +Warning: session_start(): Failed to initialize storage module: user (path: ) in %s on line 3 +ok diff --git a/ext/session/tests/bug69111.phpt b/ext/session/tests/bug69111.phpt index c6d10c74a0e6b..ce14dc750c664 100644 --- a/ext/session/tests/bug69111.phpt +++ b/ext/session/tests/bug69111.phpt @@ -1,7 +1,5 @@ --TEST-- Bug #69111 Crash in SessionHandler::read() ---XFAIL-- -It is still a leak --SKIPIF-- --FILE-- @@ -19,4 +17,9 @@ $sh->write("foo", "bar"); var_dump($sh->read(@$id)); ?> --EXPECTF-- +Warning: SessionHandler::open(): Session is not active in %s on line 10 + +Warning: SessionHandler::write(): Session is not active in %s on line 11 + +Warning: SessionHandler::read(): Session is not active in %s on line 12 bool(false) diff --git a/ext/session/tests/rfc1867_sid_invalid.phpt b/ext/session/tests/rfc1867_sid_invalid.phpt index 7ff8f6bf0e4fe..a90bef9b7cf79 100644 --- a/ext/session/tests/rfc1867_sid_invalid.phpt +++ b/ext/session/tests/rfc1867_sid_invalid.phpt @@ -57,7 +57,7 @@ Warning: Unknown: The session id is too long or contains illegal characters, val Warning: Unknown: Failed to read session data: files (path: ) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0 -string(%d) "%s" +string(%d) "" bool(true) array(2) { [%u|b%"file1"]=> diff --git a/ext/session/tests/session_module_name_variation3.phpt b/ext/session/tests/session_module_name_variation3.phpt index de49195fe8445..22eb9e774f2bf 100644 --- a/ext/session/tests/session_module_name_variation3.phpt +++ b/ext/session/tests/session_module_name_variation3.phpt @@ -38,14 +38,14 @@ ob_end_flush(); ?> --EXPECTF-- *** Testing session_module_name() : variation *** -string(%d) "%s" +string(5) "files" string(4) "user" -Warning: Uncaught Exception: Stop...! in %s:%d +Warning: session_start(): Failed to initialize storage module: user (path: ) in %s on line 25 + +Fatal error: Uncaught Exception: Stop...! in %s:13 Stack trace: #0 [internal function]: open('', 'PHPSESSID') -#1 %s(%d): session_start() +#1 %s(25): session_start() #2 {main} - thrown in %s on line %d - -Fatal error: session_start(): Failed to initialize storage module: %s in %s%esession_module_name_variation3.php on line %d + thrown in %s on line 13 diff --git a/ext/session/tests/session_save_path_variation4.phpt b/ext/session/tests/session_save_path_variation4.phpt index a4c4e995d38c5..1d4d18aaf1cf4 100644 --- a/ext/session/tests/session_save_path_variation4.phpt +++ b/ext/session/tests/session_save_path_variation4.phpt @@ -51,9 +51,17 @@ var_dump(rmdir($sessions)); bool(true) bool(true) -Warning: ini_set(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line %d +Warning: ini_set(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line 24 string(0) "" -Warning: session_start(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line %d +Warning: session_start(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (.) in %s on line 26 -Fatal error: session_start(): Failed to initialize storage module: files (path: ) in %s on line %d +Warning: session_start(): Failed to initialize storage module: files (path: ) in %s on line 26 +bool(false) +string(0) "" + +Warning: session_destroy(): Trying to destroy uninitialized session in %s on line 28 +bool(false) +string(0) "" +bool(true) +Done diff --git a/ext/session/tests/session_set_save_handler_class_005.phpt b/ext/session/tests/session_set_save_handler_class_005.phpt index 1b8c1ce645ebd..b195fc4a53a96 100644 --- a/ext/session/tests/session_set_save_handler_class_005.phpt +++ b/ext/session/tests/session_set_save_handler_class_005.phpt @@ -50,7 +50,7 @@ Warning: SessionHandler::close(): Parent session handler is not open in %ssessio Warning: session_start(): Failed to read session data: user (%s) in %ssession_set_save_handler_class_005.php on line %d bool(false) -string(%d) "%s" +string(0) "" string(4) "user" array(0) { } diff --git a/ext/session/tests/session_set_save_handler_class_012.phpt b/ext/session/tests/session_set_save_handler_class_012.phpt index 0ce03f865e4c1..3671cebe2be4f 100644 --- a/ext/session/tests/session_set_save_handler_class_012.phpt +++ b/ext/session/tests/session_set_save_handler_class_012.phpt @@ -55,7 +55,7 @@ Warning: SessionHandler::close(): Parent session handler is not open in %s on li Warning: session_start(): Failed to read session data: user (%s) in %s on line %d bool(false) -string(%d) "%s" +string(0) "" string(5) "files" string(4) "user" int(2) diff --git a/ext/session/tests/session_set_save_handler_error3.phpt b/ext/session/tests/session_set_save_handler_error3.phpt index fdf306a4a52b1..b6e0ecf0dbe03 100644 --- a/ext/session/tests/session_set_save_handler_error3.phpt +++ b/ext/session/tests/session_set_save_handler_error3.phpt @@ -34,11 +34,11 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_save_handler() : error functionality *** -Warning: Uncaught Exception: Do something bad..! in %s:%d +Warning: session_start(): Failed to initialize storage module: user (path: ) in %s on line 23 + +Fatal error: Uncaught Exception: Do something bad..! in %s:13 Stack trace: #0 [internal function]: open('', 'PHPSESSID') -#1 %s(%d): session_start() +#1 %s(23): session_start() #2 {main} - thrown in %s on line %d - -Fatal error: session_start(): Failed to initialize storage module: %s in %ssession_set_save_handler_error3.php on line %d + thrown in %s on line 13 From fa6fa18c7a17f559bc934a4b08d09372a33834da Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 09:49:19 +0900 Subject: [PATCH 02/18] Add required return --- ext/session/session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/session/session.c b/ext/session/session.c index 0bb12265eef7f..87718f79216a9 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1440,6 +1440,7 @@ PHPAPI int php_session_start(void) /* {{{ */ switch (PS(session_status)) { case php_session_active: php_error(E_NOTICE, "A session had already been started - ignoring session_start()"); + return FAILURE; break; case php_session_disabled: From 637f72c1a952aa34782942856d0488ea496363ca Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 09:50:06 +0900 Subject: [PATCH 03/18] Since session_start() issue is fixed. Number of inconsistent behaviors can be fixed also. - Disallow nonsense function usage that has no effect - Return proper value on failure - Show proper errors on failure Additionally - Made session_flash()/session_commit()/session_write_close() report errors and return bool, parameter is checked as other functions. --- ext/session/session.c | 141 +++++++-- ext/session/tests/bug73100.phpt | 6 +- ext/session/tests/session_basic1.phpt | 4 +- ext/session/tests/session_basic2.phpt | 4 +- ext/session/tests/session_basic3.phpt | 2 +- ext/session/tests/session_basic5.phpt | 2 +- .../tests/session_cache_expire_basic.phpt | 2 + .../session_cache_expire_variation1.phpt | 2 + .../session_cache_expire_variation2.phpt | 2 + .../session_cache_expire_variation3.phpt | 2 + .../tests/session_cache_limiter_basic.phpt | 11 +- .../session_cache_limiter_variation1.phpt | 15 +- .../session_cache_limiter_variation2.phpt | 15 +- .../session_cache_limiter_variation3.phpt | 7 +- ext/session/tests/session_commit_basic.phpt | 2 +- ext/session/tests/session_commit_error.phpt | 49 ++- .../tests/session_commit_variation1.phpt | 11 +- .../tests/session_commit_variation2.phpt | 6 +- .../tests/session_commit_variation3.phpt | 2 +- .../tests/session_commit_variation4.phpt | 6 +- .../tests/session_commit_variation5.phpt | 6 +- .../tests/session_encode_variation1.phpt | 2 +- .../session_get_cookie_params_basic.phpt | 4 +- .../tests/session_module_name_variation4.phpt | 2 +- .../tests/session_save_path_error.phpt | 2 - .../tests/session_save_path_variation1.phpt | 25 +- .../session_set_cookie_params_basic.phpt | 7 +- .../session_set_cookie_params_error.phpt | 289 +++++++++--------- .../session_set_cookie_params_variation1.phpt | 9 +- .../session_set_cookie_params_variation2.phpt | 7 +- .../session_set_cookie_params_variation3.phpt | 7 +- .../session_set_cookie_params_variation4.phpt | 7 +- .../session_set_cookie_params_variation5.phpt | 7 +- .../session_set_save_handler_variation2.phpt | 2 + .../session_set_save_handler_variation3.phpt | 7 +- .../session_set_save_handler_variation4.phpt | 2 +- .../session_set_save_handler_variation5.phpt | 4 +- .../tests/session_start_variation1.phpt | 9 +- .../tests/session_start_variation3.phpt | 13 +- .../tests/session_start_variation5.phpt | 2 +- .../tests/session_start_variation6.phpt | 2 +- .../tests/session_start_variation9.phpt | 3 +- ext/session/tests/session_unset_basic.phpt | 2 +- ext/session/tests/session_unset_error.phpt | 97 ++++-- .../tests/session_unset_variation1.phpt | 2 +- .../tests/session_write_close_basic.phpt | 2 +- .../tests/session_write_close_error.phpt | 49 ++- .../tests/session_write_close_variation1.phpt | 11 +- .../tests/session_write_close_variation2.phpt | 7 +- .../tests/session_write_close_variation3.phpt | 2 +- .../tests/session_write_close_variation4.phpt | 6 +- 51 files changed, 572 insertions(+), 315 deletions(-) diff --git a/ext/session/session.c b/ext/session/session.c index 87718f79216a9..136e671f04597 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -96,8 +96,8 @@ zend_class_entry *php_session_update_timestamp_iface_entry; #define APPLY_TRANS_SID (PS(use_trans_sid) && !PS(use_only_cookies)) -static void php_session_send_cookie(void); -static void php_session_abort(void); +static int php_session_send_cookie(void); +static int php_session_abort(void); /* Dispatched by RINIT and by php_session_destroy */ static inline void php_rinit_session_globals(void) /* {{{ */ @@ -1239,7 +1239,7 @@ static void php_session_remove_cookie(void) { efree(session_cookie); } -static void php_session_send_cookie(void) /* {{{ */ +static int php_session_send_cookie(void) /* {{{ */ { smart_str ncookie = {0}; zend_string *date_fmt = NULL; @@ -1254,7 +1254,7 @@ static void php_session_send_cookie(void) /* {{{ */ } else { php_error_docref(NULL, E_WARNING, "Cannot send session cookie - headers already sent"); } - return; + return FAILURE; } /* URL encode session_name and id because they might be user supplied */ @@ -1312,6 +1312,8 @@ static void php_session_send_cookie(void) /* {{{ */ header, probably sent with setcookie() will be replaced! */ sapi_add_header_ex(estrndup(ZSTR_VAL(ncookie.s), ZSTR_LEN(ncookie.s)), ZSTR_LEN(ncookie.s), 0, 0); smart_str_free(&ncookie); + + return SUCCESS; } /* }}} */ @@ -1553,31 +1555,37 @@ PHPAPI int php_session_start(void) /* {{{ */ } /* }}} */ -static void php_session_flush(int write) /* {{{ */ +static int php_session_flush(int write) /* {{{ */ { if (PS(session_status) == php_session_active) { php_session_save_current_state(write); PS(session_status) = php_session_none; + return SUCCESS; } + return FAILURE; } /* }}} */ -static void php_session_abort(void) /* {{{ */ +static int php_session_abort(void) /* {{{ */ { if (PS(session_status) == php_session_active) { if (PS(mod_data) || PS(mod_user_implemented)) { PS(mod)->s_close(&PS(mod_data)); } PS(session_status) = php_session_none; + return SUCCESS; } + return FAILURE; } /* }}} */ -static void php_session_reset(void) /* {{{ */ +static int php_session_reset(void) /* {{{ */ { - if (PS(session_status) == php_session_active) { - php_session_initialize(); + if (PS(session_status) == php_session_active + && php_session_initialize()) { + return SUCCESS; } + return FAILURE; } /* }}} */ @@ -1612,33 +1620,55 @@ static PHP_FUNCTION(session_set_cookie_params) return; } + if (SG(headers_sent) && PS(use_cookies)) { + php_error_docref(NULL, E_WARNING, "Cannot set cookie parameters - headers already sent"); + RETURN_FALSE; + } + convert_to_string_ex(lifetime); ini_name = zend_string_init("session.cookie_lifetime", sizeof("session.cookie_lifetime") - 1, 0); - zend_alter_ini_entry(ini_name, Z_STR_P(lifetime), PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + if (zend_alter_ini_entry(ini_name, Z_STR_P(lifetime), PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) { + zend_string_release(ini_name); + RETURN_FALSE; + } zend_string_release(ini_name); if (path) { ini_name = zend_string_init("session.cookie_path", sizeof("session.cookie_path") - 1, 0); - zend_alter_ini_entry(ini_name, path, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + if (zend_alter_ini_entry(ini_name, path, PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) { + zend_string_release(ini_name); + RETURN_FALSE; + } zend_string_release(ini_name); } if (domain) { ini_name = zend_string_init("session.cookie_domain", sizeof("session.cookie_domain") - 1, 0); - zend_alter_ini_entry(ini_name, domain, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + if (zend_alter_ini_entry(ini_name, domain, PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) { + zend_string_release(ini_name); + RETURN_FALSE; + } zend_string_release(ini_name); } if (argc > 3) { ini_name = zend_string_init("session.cookie_secure", sizeof("session.cookie_secure") - 1, 0); - zend_alter_ini_entry_chars(ini_name, secure ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + if (zend_alter_ini_entry_chars(ini_name, secure ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) { + zend_string_release(ini_name); + RETURN_FALSE; + } zend_string_release(ini_name); } if (argc > 4) { ini_name = zend_string_init("session.cookie_httponly", sizeof("session.cookie_httponly") - 1, 0); - zend_alter_ini_entry_chars(ini_name, httponly ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + if (zend_alter_ini_entry_chars(ini_name, httponly ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == FAILURE) { + zend_string_release(ini_name); + RETURN_FALSE; + } zend_string_release(ini_name); } + + RETURN_TRUE; } /* }}} */ @@ -1671,6 +1701,11 @@ static PHP_FUNCTION(session_name) return; } + if (name && PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change session name when session is active"); + RETURN_FALSE; + } + RETVAL_STRING(PS(session_name)); if (name) { @@ -1692,6 +1727,11 @@ static PHP_FUNCTION(session_module_name) return; } + if (name && PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change save handler module when session is active"); + RETURN_FALSE; + } + /* Set return_value to current module name */ if (PS(mod) && PS(mod)->s_name) { RETVAL_STRING(PS(mod)->s_name); @@ -1727,7 +1767,8 @@ static PHP_FUNCTION(session_set_save_handler) zend_string *name; zend_string *ini_name, *ini_val; - if (PS(session_status) != php_session_none) { + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change save handler when session is active"); RETURN_FALSE; } @@ -1884,6 +1925,11 @@ static PHP_FUNCTION(session_save_path) return; } + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change save path when session is active"); + RETURN_FALSE; + } + RETVAL_STRING(PS(save_path)); if (name) { @@ -2093,6 +2139,11 @@ static PHP_FUNCTION(session_cache_limiter) zend_string *limiter = NULL; zend_string *ini_name; + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change cache limiter when session is active"); + RETURN_FALSE; + } + if (zend_parse_parameters(ZEND_NUM_ARGS(), "|S", &limiter) == FAILURE) { return; } @@ -2118,6 +2169,11 @@ static PHP_FUNCTION(session_cache_expire) return; } + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change cache expire when session is active"); + RETURN_LONG(PS(cache_expire)); + } + RETVAL_LONG(PS(cache_expire)); if (expires) { @@ -2154,15 +2210,15 @@ static PHP_FUNCTION(session_decode) { zend_string *str = NULL; + if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &str) == FAILURE) { + return; + } + if (PS(session_status) != php_session_active) { php_error_docref(NULL, E_WARNING, "Session is not active. You cannot decode session data"); RETURN_FALSE; } - if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &str) == FAILURE) { - return; - } - if (php_session_decode(str) == FAILURE) { RETURN_FALSE; } @@ -2196,6 +2252,11 @@ static PHP_FUNCTION(session_start) RETURN_FALSE; } + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_NOTICE, "A session had already been started - ignoring"); + RETURN_TRUE; + } + /* set options */ if (options) { ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(options), num_idx, str_idx, value) { @@ -2252,14 +2313,23 @@ static PHP_FUNCTION(session_destroy) return; } + if (PS(session_status) != php_session_active) { + php_error_docref(NULL, E_WARNING, "Trying to destroy uninitialized session"); + RETURN_FALSE; + } + RETURN_BOOL(php_session_destroy() == SUCCESS); } /* }}} */ -/* {{{ proto void session_unset(void) +/* {{{ proto bool session_unset(void) Unset all registered variables */ static PHP_FUNCTION(session_unset) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + if (PS(session_status) != php_session_active) { RETURN_FALSE; } @@ -2271,6 +2341,7 @@ static PHP_FUNCTION(session_unset) /* Clean $_SESSION. */ zend_hash_clean(Z_ARRVAL_P(sess_var)); } + RETURN_TRUE; } /* }}} */ @@ -2300,27 +2371,51 @@ static PHP_FUNCTION(session_gc) /* }}} */ -/* {{{ proto void session_write_close(void) +/* {{{ proto bool session_write_close(void) Write session data and end session */ static PHP_FUNCTION(session_write_close) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + + if (PS(session_status) != php_session_active) { + RETURN_FALSE; + } php_session_flush(1); + RETURN_TRUE; } /* }}} */ -/* {{{ proto void session_abort(void) +/* {{{ proto bool session_abort(void) Abort session and end session. Session data will not be written */ static PHP_FUNCTION(session_abort) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + + if (PS(session_status) != php_session_active) { + RETURN_FALSE; + } php_session_abort(); + RETURN_TRUE; } /* }}} */ -/* {{{ proto void session_reset(void) +/* {{{ proto bool session_reset(void) Reset session data from saved session data */ static PHP_FUNCTION(session_reset) { + if (zend_parse_parameters_none() == FAILURE) { + return; + } + + if (PS(session_status) != php_session_active) { + RETURN_FALSE; + } php_session_reset(); + RETURN_TRUE; } /* }}} */ diff --git a/ext/session/tests/bug73100.phpt b/ext/session/tests/bug73100.phpt index 0503541375ab0..8a3d8ca2b95bf 100644 --- a/ext/session/tests/bug73100.phpt +++ b/ext/session/tests/bug73100.phpt @@ -15,8 +15,6 @@ var_dump(session_destroy()); --EXPECTF-- bool(true) -Warning: session_module_name(): A session is active. You cannot change the session module's ini settings at this time in %s on line %d - -Warning: session_destroy(): Session object destruction failed in %s on line %d -bool(false) +Warning: session_module_name(): Cannot change save handler module when session is active in %s on line 4 +bool(true) ===DONE=== diff --git a/ext/session/tests/session_basic1.phpt b/ext/session/tests/session_basic1.phpt index 8a8f43661089b..fbce0890c4824 100644 --- a/ext/session/tests/session_basic1.phpt +++ b/ext/session/tests/session_basic1.phpt @@ -59,12 +59,12 @@ array(1) { ["lazy_write"]=> bool(false) } -NULL +bool(true) string(6) "testid" *** With lazy_write *** string(6) "testid" bool(true) -NULL +bool(true) string(6) "testid" *** Cleanup *** string(6) "testid" diff --git a/ext/session/tests/session_basic2.phpt b/ext/session/tests/session_basic2.phpt index 179b82971eacd..3406d2c03bdfc 100644 --- a/ext/session/tests/session_basic2.phpt +++ b/ext/session/tests/session_basic2.phpt @@ -64,13 +64,13 @@ string(0) "" string(6) "testid" bool(true) bool(true) -NULL +bool(true) string(32) "%s" *** With lazy_write *** string(32) "%s" bool(true) bool(true) -NULL +bool(true) string(32) "%s" *** Cleanup *** string(32) "%s" diff --git a/ext/session/tests/session_basic3.phpt b/ext/session/tests/session_basic3.phpt index 0337151cf0016..29bda63edb0bb 100644 --- a/ext/session/tests/session_basic3.phpt +++ b/ext/session/tests/session_basic3.phpt @@ -344,7 +344,7 @@ ob_end_flush(); -NULL +bool(true) *** Cleanup *** bool(true) string(6) "testid" diff --git a/ext/session/tests/session_basic5.phpt b/ext/session/tests/session_basic5.phpt index 7e3bb7fc216ad..351c69b41d128 100644 --- a/ext/session/tests/session_basic5.phpt +++ b/ext/session/tests/session_basic5.phpt @@ -439,7 +439,7 @@ ob_end_flush(); -NULL +bool(true) *** Cleanup *** bool(true) string(6) "testid" diff --git a/ext/session/tests/session_cache_expire_basic.phpt b/ext/session/tests/session_cache_expire_basic.phpt index 7166485937989..fb240006e7c30 100644 --- a/ext/session/tests/session_cache_expire_basic.phpt +++ b/ext/session/tests/session_cache_expire_basic.phpt @@ -32,6 +32,8 @@ int(180) int(180) int(1234567890) bool(true) + +Warning: session_cache_expire(): Cannot change cache expire when session is active in %s on line 17 int(180) bool(true) int(180) diff --git a/ext/session/tests/session_cache_expire_variation1.phpt b/ext/session/tests/session_cache_expire_variation1.phpt index 9d0ba27fea148..1a7324935fa71 100644 --- a/ext/session/tests/session_cache_expire_variation1.phpt +++ b/ext/session/tests/session_cache_expire_variation1.phpt @@ -34,6 +34,8 @@ int(360) int(360) int(1234567890) bool(true) + +Warning: session_cache_expire(): Cannot change cache expire when session is active in %s on line 17 int(180) bool(true) int(180) diff --git a/ext/session/tests/session_cache_expire_variation2.phpt b/ext/session/tests/session_cache_expire_variation2.phpt index f17f4711a9030..c3daae6c5567c 100644 --- a/ext/session/tests/session_cache_expire_variation2.phpt +++ b/ext/session/tests/session_cache_expire_variation2.phpt @@ -33,6 +33,8 @@ int(360) int(360) int(1234567890) bool(true) + +Warning: session_cache_expire(): Cannot change cache expire when session is active in %s on line 18 int(180) bool(true) int(180) diff --git a/ext/session/tests/session_cache_expire_variation3.phpt b/ext/session/tests/session_cache_expire_variation3.phpt index c243c1f1156d8..d9f78df491293 100644 --- a/ext/session/tests/session_cache_expire_variation3.phpt +++ b/ext/session/tests/session_cache_expire_variation3.phpt @@ -38,6 +38,8 @@ string(3) "180" int(180) string(10) "1234567890" bool(true) + +Warning: session_cache_expire(): Cannot change cache expire when session is active in %s on line 19 int(1234567890) string(10) "1234567890" bool(true) diff --git a/ext/session/tests/session_cache_limiter_basic.phpt b/ext/session/tests/session_cache_limiter_basic.phpt index d0531878f0367..559a89143c1c0 100644 --- a/ext/session/tests/session_cache_limiter_basic.phpt +++ b/ext/session/tests/session_cache_limiter_basic.phpt @@ -15,28 +15,28 @@ ob_start(); echo "*** Testing session_cache_limiter() : basic functionality ***\n"; -var_dump(session_start()); var_dump(session_cache_limiter()); var_dump(session_cache_limiter("public")); var_dump(session_cache_limiter()); +var_dump(session_start()); var_dump(session_destroy()); -var_dump(session_start()); var_dump(session_cache_limiter()); var_dump(session_cache_limiter("private")); var_dump(session_cache_limiter()); +var_dump(session_start()); var_dump(session_destroy()); -var_dump(session_start()); var_dump(session_cache_limiter()); var_dump(session_cache_limiter("nocache")); var_dump(session_cache_limiter()); +var_dump(session_start()); var_dump(session_destroy()); -var_dump(session_start()); var_dump(session_cache_limiter()); var_dump(session_cache_limiter("private_no_expire")); var_dump(session_cache_limiter()); +var_dump(session_start()); var_dump(session_destroy()); echo "Done"; @@ -44,7 +44,6 @@ ob_end_flush(); ?> --EXPECTF-- *** Testing session_cache_limiter() : basic functionality *** -bool(true) string(7) "nocache" string(7) "nocache" string(6) "public" @@ -64,5 +63,5 @@ string(7) "nocache" string(7) "nocache" string(17) "private_no_expire" bool(true) +bool(true) Done - diff --git a/ext/session/tests/session_cache_limiter_variation1.phpt b/ext/session/tests/session_cache_limiter_variation1.phpt index 7c6e71eb816a4..7ba621120ddca 100644 --- a/ext/session/tests/session_cache_limiter_variation1.phpt +++ b/ext/session/tests/session_cache_limiter_variation1.phpt @@ -32,10 +32,15 @@ ob_end_flush(); *** Testing session_cache_limiter() : variation *** string(7) "nocache" bool(true) -string(7) "nocache" -string(7) "nocache" -string(6) "public" + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 15 +bool(false) + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 16 +bool(false) + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 17 +bool(false) bool(true) -string(6) "public" +string(7) "nocache" Done - diff --git a/ext/session/tests/session_cache_limiter_variation2.phpt b/ext/session/tests/session_cache_limiter_variation2.phpt index b6d97a3ddab3e..94571017e1800 100644 --- a/ext/session/tests/session_cache_limiter_variation2.phpt +++ b/ext/session/tests/session_cache_limiter_variation2.phpt @@ -31,10 +31,15 @@ ob_end_flush(); *** Testing session_cache_limiter() : variation *** string(7) "nocache" bool(true) -string(7) "nocache" -string(7) "nocache" -string(6) "public" + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 16 +bool(false) + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 17 +bool(false) + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 18 +bool(false) bool(true) -string(6) "public" +string(7) "nocache" Done - diff --git a/ext/session/tests/session_cache_limiter_variation3.phpt b/ext/session/tests/session_cache_limiter_variation3.phpt index 7aab95b24eae0..11d452d46a0b6 100644 --- a/ext/session/tests/session_cache_limiter_variation3.phpt +++ b/ext/session/tests/session_cache_limiter_variation3.phpt @@ -31,9 +31,10 @@ ob_end_flush(); string(7) "nocache" bool(true) string(7) "nocache" + +Warning: session_cache_limiter(): Cannot change cache limiter when session is active in %s on line 16 +bool(false) string(7) "nocache" -string(6) "public" bool(true) -string(6) "public" +string(7) "nocache" Done - diff --git a/ext/session/tests/session_commit_basic.phpt b/ext/session/tests/session_commit_basic.phpt index c20db10933952..c72d3ba927039 100644 --- a/ext/session/tests/session_commit_basic.phpt +++ b/ext/session/tests/session_commit_basic.phpt @@ -32,7 +32,7 @@ ob_end_flush(); bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_commit_error.phpt b/ext/session/tests/session_commit_error.phpt index b867572ebcde8..79fa72e67b5eb 100644 --- a/ext/session/tests/session_commit_error.phpt +++ b/ext/session/tests/session_commit_error.phpt @@ -96,75 +96,122 @@ ob_end_flush(); *** Testing session_commit() : error functionality *** -- Iteration 1 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 2 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 3 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 4 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 5 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 6 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 7 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 8 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 9 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 10 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 11 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 12 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 13 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 14 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 15 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 16 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 17 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 18 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 19 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 20 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 21 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 22 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 23 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 24 -- + +Warning: session_commit() expects exactly 0 parameters, 1 given in %s on line 82 NULL Done - diff --git a/ext/session/tests/session_commit_variation1.phpt b/ext/session/tests/session_commit_variation1.phpt index 81240dac825a8..a58a562483478 100644 --- a/ext/session/tests/session_commit_variation1.phpt +++ b/ext/session/tests/session_commit_variation1.phpt @@ -30,12 +30,11 @@ ob_end_flush(); --EXPECTF-- *** Testing session_commit() : variation *** bool(true) -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(false) +bool(false) +bool(false) +bool(false) bool(true) bool(true) Done - diff --git a/ext/session/tests/session_commit_variation2.phpt b/ext/session/tests/session_commit_variation2.phpt index b38885a8d91f9..9bde83ce0a4ef 100644 --- a/ext/session/tests/session_commit_variation2.phpt +++ b/ext/session/tests/session_commit_variation2.phpt @@ -38,19 +38,19 @@ ob_end_flush(); bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_commit_variation3.phpt b/ext/session/tests/session_commit_variation3.phpt index 998e60340f350..ed4618a04e4dc 100644 --- a/ext/session/tests/session_commit_variation3.phpt +++ b/ext/session/tests/session_commit_variation3.phpt @@ -30,7 +30,7 @@ ob_end_flush(); *** Testing session_commit() : variation *** array(0) { } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_commit_variation4.phpt b/ext/session/tests/session_commit_variation4.phpt index fdc4ca51864a1..fb3ea73058d00 100644 --- a/ext/session/tests/session_commit_variation4.phpt +++ b/ext/session/tests/session_commit_variation4.phpt @@ -45,16 +45,16 @@ string(1) "0" string(0) "" bool(true) string(4) "test" -NULL +bool(true) string(4) "test" bool(true) string(1) "0" string(4) "test" -NULL +bool(true) string(4) "test" bool(true) string(4) "test" -NULL +bool(true) string(4) "test" bool(true) bool(true) diff --git a/ext/session/tests/session_commit_variation5.phpt b/ext/session/tests/session_commit_variation5.phpt index 62bd1c151132f..8b3535ba95120 100644 --- a/ext/session/tests/session_commit_variation5.phpt +++ b/ext/session/tests/session_commit_variation5.phpt @@ -49,19 +49,19 @@ string(0) "" bool(true) string(32) "%s" bool(true) -NULL +bool(true) bool(true) string(32) "%s" bool(true) bool(true) string(32) "%s" -NULL +bool(true) bool(true) string(32) "%s" bool(true) bool(true) string(32) "%s" -NULL +bool(true) bool(true) string(32) "%s" bool(true) diff --git a/ext/session/tests/session_encode_variation1.phpt b/ext/session/tests/session_encode_variation1.phpt index ce3a9216594f8..26722783db8e6 100644 --- a/ext/session/tests/session_encode_variation1.phpt +++ b/ext/session/tests/session_encode_variation1.phpt @@ -35,7 +35,7 @@ Warning: session_encode(): Cannot encode non-existent session in %s on line %d bool(false) bool(true) bool(false) -NULL +bool(true) bool(false) bool(true) bool(false) diff --git a/ext/session/tests/session_get_cookie_params_basic.phpt b/ext/session/tests/session_get_cookie_params_basic.phpt index e984f556e0962..5d328550eaef3 100644 --- a/ext/session/tests/session_get_cookie_params_basic.phpt +++ b/ext/session/tests/session_get_cookie_params_basic.phpt @@ -44,7 +44,7 @@ array(5) { ["httponly"]=> bool(false) } -NULL +bool(true) array(5) { ["lifetime"]=> int(3600) @@ -57,7 +57,7 @@ array(5) { ["httponly"]=> bool(false) } -NULL +bool(true) array(5) { ["lifetime"]=> int(1234567890) diff --git a/ext/session/tests/session_module_name_variation4.phpt b/ext/session/tests/session_module_name_variation4.phpt index 0748b3db2fe6b..3fd42e46d7251 100644 --- a/ext/session/tests/session_module_name_variation4.phpt +++ b/ext/session/tests/session_module_name_variation4.phpt @@ -51,7 +51,7 @@ array(3) { ["Guff"]=> int(1234567890) } -NULL +bool(true) array(3) { ["Blah"]=> string(12) "Hello World!" diff --git a/ext/session/tests/session_save_path_error.phpt b/ext/session/tests/session_save_path_error.phpt index 815feee6ba55e..8c940d0b4fbfc 100644 --- a/ext/session/tests/session_save_path_error.phpt +++ b/ext/session/tests/session_save_path_error.phpt @@ -84,7 +84,6 @@ $inputs = array( /*24*/ $fp ); -session_start(); $iterator = 1; foreach($inputs as $input) { @@ -93,7 +92,6 @@ foreach($inputs as $input) { $iterator++; }; -session_destroy(); fclose($fp); echo "Done"; ob_end_flush(); diff --git a/ext/session/tests/session_save_path_variation1.phpt b/ext/session/tests/session_save_path_variation1.phpt index d5f64d9851f08..d0db09fc239a3 100644 --- a/ext/session/tests/session_save_path_variation1.phpt +++ b/ext/session/tests/session_save_path_variation1.phpt @@ -11,21 +11,25 @@ session.name=PHPSESSID ob_start(); -/* +/* * Prototype : string session_save_path([string $path]) * Description : Get and/or set the current session save path - * Source code : ext/session/session.c + * Source code : ext/session/session.c */ echo "*** Testing session_save_path() : variation ***\n"; $directory = dirname(__FILE__); var_dump(session_save_path()); +var_dump(session_save_path($directory)); +var_dump(session_save_path()); + var_dump(session_start()); var_dump(session_save_path()); var_dump(session_save_path($directory)); var_dump(session_save_path()); var_dump(session_destroy()); + var_dump(session_save_path()); echo "Done"; @@ -34,11 +38,18 @@ ob_end_flush(); --EXPECTF-- *** Testing session_save_path() : variation *** string(0) "" -bool(true) -string(0) "" string(0) "" -string(%d) "%s" +string(76) "%stests" bool(true) -string(%d) "%s" -Done +Warning: session_save_path(): Cannot change save path when session is active in %s on line 19 +bool(false) + +Warning: session_save_path(): Cannot change save path when session is active in %s on line 20 +bool(false) + +Warning: session_save_path(): Cannot change save path when session is active in %s on line 21 +bool(false) +bool(true) +string(76) "%stests" +Done diff --git a/ext/session/tests/session_set_cookie_params_basic.phpt b/ext/session/tests/session_set_cookie_params_basic.phpt index 5055d1c6985be..35fa45be8a14f 100644 --- a/ext/session/tests/session_set_cookie_params_basic.phpt +++ b/ext/session/tests/session_set_cookie_params_basic.phpt @@ -26,10 +26,9 @@ ob_end_flush(); ?> --EXPECTF-- *** Testing session_set_cookie_params() : basic functionality *** -NULL bool(true) -NULL bool(true) -NULL +bool(true) +bool(true) +bool(true) Done - diff --git a/ext/session/tests/session_set_cookie_params_error.phpt b/ext/session/tests/session_set_cookie_params_error.phpt index 0dc531076185b..afd4c4bdb3a89 100644 --- a/ext/session/tests/session_set_cookie_params_error.phpt +++ b/ext/session/tests/session_set_cookie_params_error.phpt @@ -100,207 +100,206 @@ ob_end_flush(); *** Testing session_set_cookie_params() : error functionality *** -- Iteration 1 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 2 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 3 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 4 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 5 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 6 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 7 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 8 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 9 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 10 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 11 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 12 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 13 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 14 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 15 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 16 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 17 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 18 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 19 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 20 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 21 -- -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) -Warning: session_set_cookie_params() expects parameter 4 to be boolean, object given in %s on line %d +Warning: session_set_cookie_params() expects parameter 4 to be boolean, object given in /home/yohgaki/workspace/ext/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_error.php on line 84 NULL -Warning: session_set_cookie_params() expects parameter 5 to be boolean, object given in %s on line %d -NULL +Warning: session_set_cookie_params() expects parameter 5 to be boolean, object given in /home/yohgaki/workspace/ext/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_error.php on line 85 NULL +bool(true) -- Iteration 22 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 23 -- -NULL -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -- Iteration 24 -- -NULL +bool(true) -Warning: session_set_cookie_params() expects parameter 2 to be string, resource given in %s on line %d +Warning: session_set_cookie_params() expects parameter 2 to be string, resource given in %s on line 82 NULL -Warning: session_set_cookie_params() expects parameter 3 to be string, resource given in %s on line %d +Warning: session_set_cookie_params() expects parameter 3 to be string, resource given in %s on line 83 NULL -Warning: session_set_cookie_params() expects parameter 4 to be boolean, resource given in %s on line %d +Warning: session_set_cookie_params() expects parameter 4 to be boolean, resource given in %s on line 84 NULL -Warning: session_set_cookie_params() expects parameter 5 to be boolean, resource given in %s on line %d -NULL +Warning: session_set_cookie_params() expects parameter 5 to be boolean, resource given in %s on line 85 NULL +bool(true) Done - diff --git a/ext/session/tests/session_set_cookie_params_variation1.phpt b/ext/session/tests/session_set_cookie_params_variation1.phpt index 02b901f3cf088..c594fa033c5da 100644 --- a/ext/session/tests/session_set_cookie_params_variation1.phpt +++ b/ext/session/tests/session_set_cookie_params_variation1.phpt @@ -20,11 +20,13 @@ echo "*** Testing session_set_cookie_params() : variation ***\n"; var_dump(ini_get("session.cookie_lifetime")); var_dump(session_set_cookie_params(3600)); var_dump(ini_get("session.cookie_lifetime")); + var_dump(session_start()); var_dump(ini_get("session.cookie_lifetime")); var_dump(session_set_cookie_params(1800)); var_dump(ini_get("session.cookie_lifetime")); var_dump(session_destroy()); + var_dump(ini_get("session.cookie_lifetime")); var_dump(session_set_cookie_params(1234567890)); var_dump(ini_get("session.cookie_lifetime")); @@ -35,15 +37,14 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_cookie_params() : variation *** string(4) "3600" -NULL +bool(true) string(4) "3600" bool(true) string(4) "3600" -NULL +bool(true) string(4) "1800" bool(true) string(4) "1800" -NULL +bool(true) string(10) "1234567890" Done - diff --git a/ext/session/tests/session_set_cookie_params_variation2.phpt b/ext/session/tests/session_set_cookie_params_variation2.phpt index 5d7a01096f2d7..bcbd1e5164823 100644 --- a/ext/session/tests/session_set_cookie_params_variation2.phpt +++ b/ext/session/tests/session_set_cookie_params_variation2.phpt @@ -35,15 +35,14 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_cookie_params() : variation *** string(5) "/path" -NULL +bool(true) string(4) "/foo" bool(true) string(4) "/foo" -NULL +bool(true) string(5) "/blah" bool(true) string(5) "/blah" -NULL +bool(true) string(5) "/guff" Done - diff --git a/ext/session/tests/session_set_cookie_params_variation3.phpt b/ext/session/tests/session_set_cookie_params_variation3.phpt index 5e8f0ff5721c6..bac2775a786c9 100644 --- a/ext/session/tests/session_set_cookie_params_variation3.phpt +++ b/ext/session/tests/session_set_cookie_params_variation3.phpt @@ -35,15 +35,14 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_cookie_params() : variation *** string(3) "foo" -NULL +bool(true) string(4) "blah" bool(true) string(4) "blah" -NULL +bool(true) string(4) "guff" bool(true) string(4) "guff" -NULL +bool(true) string(3) "foo" Done - diff --git a/ext/session/tests/session_set_cookie_params_variation4.phpt b/ext/session/tests/session_set_cookie_params_variation4.phpt index 7b825968f8049..1a3acd4a0a5fb 100644 --- a/ext/session/tests/session_set_cookie_params_variation4.phpt +++ b/ext/session/tests/session_set_cookie_params_variation4.phpt @@ -35,15 +35,14 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_cookie_params() : variation *** string(1) "1" -NULL +bool(true) string(1) "0" bool(true) string(1) "0" -NULL +bool(true) string(1) "1" bool(true) string(1) "1" -NULL +bool(true) string(1) "0" Done - diff --git a/ext/session/tests/session_set_cookie_params_variation5.phpt b/ext/session/tests/session_set_cookie_params_variation5.phpt index 29559f7fd6c63..2ddef235bcc62 100644 --- a/ext/session/tests/session_set_cookie_params_variation5.phpt +++ b/ext/session/tests/session_set_cookie_params_variation5.phpt @@ -35,15 +35,14 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_cookie_params() : variation *** string(1) "1" -NULL +bool(true) string(1) "0" bool(true) string(1) "0" -NULL +bool(true) string(1) "1" bool(true) string(1) "1" -NULL +bool(true) string(1) "0" Done - diff --git a/ext/session/tests/session_set_save_handler_variation2.phpt b/ext/session/tests/session_set_save_handler_variation2.phpt index 1c019bb5a60e7..71f533d93d3c5 100644 --- a/ext/session/tests/session_set_save_handler_variation2.phpt +++ b/ext/session/tests/session_set_save_handler_variation2.phpt @@ -28,6 +28,8 @@ ob_end_flush(); *** Testing session_set_save_handler() : variation *** bool(true) + +Warning: session_set_save_handler(): Cannot change save handler when session is active in %s on line 17 bool(false) bool(true) diff --git a/ext/session/tests/session_set_save_handler_variation3.phpt b/ext/session/tests/session_set_save_handler_variation3.phpt index 774d0db489a54..7ac9834276289 100644 --- a/ext/session/tests/session_set_save_handler_variation3.phpt +++ b/ext/session/tests/session_set_save_handler_variation3.phpt @@ -19,6 +19,7 @@ echo "*** Testing session_set_save_handler() : variation ***\n"; require_once "save_handler.inc"; $path = dirname(__FILE__); +var_dump(session_status()); session_save_path($path); var_dump(session_set_save_handler("open", "close", "read", "write", "destroy", "gc")); var_dump(session_destroy()); @@ -28,6 +29,10 @@ ob_end_flush(); --EXPECTF-- *** Testing session_set_save_handler() : variation *** +int(2) + +Warning: session_save_path(): Cannot change save path when session is active in %s on line 16 + +Warning: session_set_save_handler(): Cannot change save handler when session is active in %s on line 17 bool(false) bool(true) - diff --git a/ext/session/tests/session_set_save_handler_variation4.phpt b/ext/session/tests/session_set_save_handler_variation4.phpt index a711fdea598b3..70a964d187d3b 100644 --- a/ext/session/tests/session_set_save_handler_variation4.phpt +++ b/ext/session/tests/session_set_save_handler_variation4.phpt @@ -65,7 +65,7 @@ array(3) { } Write [%s,%s,Blah|s:12:"Hello World!";Foo|b:0;Guff|i:1234567890;] Close [%s,PHPSESSID] -NULL +bool(true) Open [%s,PHPSESSID] Read [%s,%s] GC [0] diff --git a/ext/session/tests/session_set_save_handler_variation5.phpt b/ext/session/tests/session_set_save_handler_variation5.phpt index 6ad600e4d182e..fc6f2d5937680 100644 --- a/ext/session/tests/session_set_save_handler_variation5.phpt +++ b/ext/session/tests/session_set_save_handler_variation5.phpt @@ -69,7 +69,7 @@ bool(true) string(%d) "PHPT-%d" Write [%s,PHPT-%d,] Close [%s,PHPSESSID] -NULL +bool(true) string(%d) "PHPT-%d" *** With lazy_write *** string(%d) "PHPT-%d" @@ -82,7 +82,7 @@ GC [0] bool(true) Write [%s,PHPT-%d,] Close [%s,PHPSESSID] -NULL +bool(true) string(%d) "PHPT-%d" *** Cleanup *** string(%d) "PHPT-%d" diff --git a/ext/session/tests/session_start_variation1.phpt b/ext/session/tests/session_start_variation1.phpt index 1c8f3eb3b852e..e7eba3d28baee 100644 --- a/ext/session/tests/session_start_variation1.phpt +++ b/ext/session/tests/session_start_variation1.phpt @@ -29,16 +29,15 @@ ob_end_flush(); *** Testing session_start() : variation *** bool(true) -Notice: A session had already been started - ignoring session_start() in %s on line %d +Notice: session_start(): A session had already been started - ignoring in %s on line 14 bool(true) -Notice: A session had already been started - ignoring session_start() in %s on line %d +Notice: session_start(): A session had already been started - ignoring in %s on line 15 bool(true) -Notice: A session had already been started - ignoring session_start() in %s on line %d +Notice: session_start(): A session had already been started - ignoring in %s on line 16 bool(true) -Notice: A session had already been started - ignoring session_start() in %s on line %d +Notice: session_start(): A session had already been started - ignoring in %s on line 17 bool(true) Done - diff --git a/ext/session/tests/session_start_variation3.phpt b/ext/session/tests/session_start_variation3.phpt index e87f84bcea479..9ff1ff0139d2d 100644 --- a/ext/session/tests/session_start_variation3.phpt +++ b/ext/session/tests/session_start_variation3.phpt @@ -33,17 +33,16 @@ ob_end_flush(); --EXPECTF-- *** Testing session_start() : variation *** bool(true) -NULL bool(true) -NULL bool(true) -NULL bool(true) -NULL bool(true) -NULL +bool(true) +bool(true) +bool(true) +bool(true) +bool(true) -Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d +Warning: session_destroy(): Trying to destroy uninitialized session in %s on line 23 bool(false) Done - diff --git a/ext/session/tests/session_start_variation5.phpt b/ext/session/tests/session_start_variation5.phpt index 4dcafac33086c..bbc987e3c8466 100644 --- a/ext/session/tests/session_start_variation5.phpt +++ b/ext/session/tests/session_start_variation5.phpt @@ -43,7 +43,7 @@ array(4) { ["age"]=> int(6) } -NULL +bool(true) array(4) { ["colour"]=> string(5) "green" diff --git a/ext/session/tests/session_start_variation6.phpt b/ext/session/tests/session_start_variation6.phpt index 378554bbe397a..56471cc7f3347 100644 --- a/ext/session/tests/session_start_variation6.phpt +++ b/ext/session/tests/session_start_variation6.phpt @@ -44,7 +44,7 @@ array(4) { ["age"]=> int(6) } -NULL +bool(true) array(4) { ["colour"]=> string(5) "green" diff --git a/ext/session/tests/session_start_variation9.phpt b/ext/session/tests/session_start_variation9.phpt index 21523e0657f4b..2629b074b6ae9 100644 --- a/ext/session/tests/session_start_variation9.phpt +++ b/ext/session/tests/session_start_variation9.phpt @@ -30,10 +30,9 @@ ob_end_flush(); *** Testing session_start() : variation *** string(%d) "%s" -Notice: A session had already been started - ignoring session_start() in %s on line %d +Notice: session_start(): A session had already been started - ignoring in %s on line 14 bool(true) string(%d) "%s" bool(true) string(0) "" Done - diff --git a/ext/session/tests/session_unset_basic.phpt b/ext/session/tests/session_unset_basic.phpt index 21b12c4ddcd64..2e4d3bf5e86f7 100644 --- a/ext/session/tests/session_unset_basic.phpt +++ b/ext/session/tests/session_unset_basic.phpt @@ -33,7 +33,7 @@ array(1) { ["foo"]=> string(12) "Hello World!" } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_unset_error.phpt b/ext/session/tests/session_unset_error.phpt index 9478345508c51..e371bcb409686 100644 --- a/ext/session/tests/session_unset_error.phpt +++ b/ext/session/tests/session_unset_error.phpt @@ -96,75 +96,122 @@ ob_end_flush(); *** Testing session_unset() : error functionality *** -- Iteration 1 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 2 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 3 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 4 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 5 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 6 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 7 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 8 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 9 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 10 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 11 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 12 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 13 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 14 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 15 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 16 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 17 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 18 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 19 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 20 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 21 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 22 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 23 -- -bool(false) + +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL -- Iteration 24 -- -bool(false) -Done +Warning: session_unset() expects exactly 0 parameters, 1 given in %s on line 82 +NULL +Done diff --git a/ext/session/tests/session_unset_variation1.phpt b/ext/session/tests/session_unset_variation1.phpt index 17ab283a1b58b..5c1fc2c701f74 100644 --- a/ext/session/tests/session_unset_variation1.phpt +++ b/ext/session/tests/session_unset_variation1.phpt @@ -32,7 +32,7 @@ ob_end_flush(); *** Testing session_unset() : variation *** bool(false) bool(true) -NULL +bool(true) array(1) { ["foo"]=> string(12) "Hello World!" diff --git a/ext/session/tests/session_write_close_basic.phpt b/ext/session/tests/session_write_close_basic.phpt index 0841afed97eb2..5b32f5c266206 100644 --- a/ext/session/tests/session_write_close_basic.phpt +++ b/ext/session/tests/session_write_close_basic.phpt @@ -32,7 +32,7 @@ ob_end_flush(); bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_write_close_error.phpt b/ext/session/tests/session_write_close_error.phpt index cbdb55f26c5de..102ac413822be 100644 --- a/ext/session/tests/session_write_close_error.phpt +++ b/ext/session/tests/session_write_close_error.phpt @@ -96,75 +96,122 @@ ob_end_flush(); *** Testing session_write_close() : error functionality *** -- Iteration 1 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 2 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 3 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 4 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 5 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 6 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 7 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 8 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 9 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 10 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 11 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 12 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 13 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 14 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 15 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 16 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 17 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 18 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 19 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 20 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 21 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 22 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 23 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL -- Iteration 24 -- + +Warning: session_write_close() expects exactly 0 parameters, 1 given in %s on line 82 NULL Done - diff --git a/ext/session/tests/session_write_close_variation1.phpt b/ext/session/tests/session_write_close_variation1.phpt index 595796dbe764c..53452b45b94d2 100644 --- a/ext/session/tests/session_write_close_variation1.phpt +++ b/ext/session/tests/session_write_close_variation1.phpt @@ -30,12 +30,11 @@ ob_end_flush(); --EXPECTF-- *** Testing session_write_close() : variation *** bool(true) -NULL -NULL -NULL -NULL -NULL +bool(true) +bool(false) +bool(false) +bool(false) +bool(false) bool(true) bool(true) Done - diff --git a/ext/session/tests/session_write_close_variation2.phpt b/ext/session/tests/session_write_close_variation2.phpt index 40871c5cd0324..ac4f843caed34 100644 --- a/ext/session/tests/session_write_close_variation2.phpt +++ b/ext/session/tests/session_write_close_variation2.phpt @@ -38,22 +38,21 @@ ob_end_flush(); bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) array(0) { } -NULL +bool(true) array(0) { } bool(true) bool(true) Done - diff --git a/ext/session/tests/session_write_close_variation3.phpt b/ext/session/tests/session_write_close_variation3.phpt index 0f8061662c329..249b5730dfd80 100644 --- a/ext/session/tests/session_write_close_variation3.phpt +++ b/ext/session/tests/session_write_close_variation3.phpt @@ -30,7 +30,7 @@ ob_end_flush(); *** Testing session_write_close() : variation *** array(0) { } -NULL +bool(true) array(0) { } bool(true) diff --git a/ext/session/tests/session_write_close_variation4.phpt b/ext/session/tests/session_write_close_variation4.phpt index 9076dcf4a49ed..f1a7cb59d91ca 100644 --- a/ext/session/tests/session_write_close_variation4.phpt +++ b/ext/session/tests/session_write_close_variation4.phpt @@ -41,15 +41,15 @@ ob_end_flush(); string(0) "" bool(true) string(4) "test" -NULL +bool(true) string(4) "test" bool(true) string(4) "test" -NULL +bool(true) string(4) "test" bool(true) string(4) "test" -NULL +bool(true) string(4) "test" bool(true) bool(true) From 6ec20f2467dc990cbc1fa925ff17b3852596d0bb Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 11:11:21 +0900 Subject: [PATCH 04/18] Fix tests --- ext/session/tests/session_save_path_variation1.phpt | 4 ++-- ext/session/tests/session_set_cookie_params_error.phpt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ext/session/tests/session_save_path_variation1.phpt b/ext/session/tests/session_save_path_variation1.phpt index d0db09fc239a3..907cf77940e8c 100644 --- a/ext/session/tests/session_save_path_variation1.phpt +++ b/ext/session/tests/session_save_path_variation1.phpt @@ -39,7 +39,7 @@ ob_end_flush(); *** Testing session_save_path() : variation *** string(0) "" string(0) "" -string(76) "%stests" +string(%d) "%stests" bool(true) Warning: session_save_path(): Cannot change save path when session is active in %s on line 19 @@ -51,5 +51,5 @@ bool(false) Warning: session_save_path(): Cannot change save path when session is active in %s on line 21 bool(false) bool(true) -string(76) "%stests" +string(%d) "%stests" Done diff --git a/ext/session/tests/session_set_cookie_params_error.phpt b/ext/session/tests/session_set_cookie_params_error.phpt index afd4c4bdb3a89..3fdc3ac7689c8 100644 --- a/ext/session/tests/session_set_cookie_params_error.phpt +++ b/ext/session/tests/session_set_cookie_params_error.phpt @@ -264,10 +264,10 @@ bool(true) bool(true) bool(true) -Warning: session_set_cookie_params() expects parameter 4 to be boolean, object given in /home/yohgaki/workspace/ext/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_error.php on line 84 +Warning: session_set_cookie_params() expects parameter 4 to be boolean, object given in %s on line 84 NULL -Warning: session_set_cookie_params() expects parameter 5 to be boolean, object given in /home/yohgaki/workspace/ext/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_error.php on line 85 +Warning: session_set_cookie_params() expects parameter 5 to be boolean, object given in %s on line 85 NULL bool(true) From bcf6764d31140ba37ca3d23549a29257676ee578 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 12:10:47 +0900 Subject: [PATCH 05/18] Disallow nonsense INI changes --- ext/session/session.c | 74 +++++++++++++++---- .../session_set_cookie_params_error.phpt | 4 +- 2 files changed, 60 insertions(+), 18 deletions(-) diff --git a/ext/session/session.c b/ext/session/session.c index 136e671f04597..12575abf483ec 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -94,6 +94,12 @@ zend_class_entry *php_session_update_timestamp_iface_entry; return FAILURE; \ } +#define SESSION_CHECK_OUTPUT_STATE \ + if (SG(headers_sent) && stage != ZEND_INI_STAGE_DEACTIVATE) { \ + php_error_docref(NULL, E_WARNING, "Headers already sent. You cannot change the session module's ini settings at this time"); \ + return FAILURE; \ + } + #define APPLY_TRANS_SID (PS(use_trans_sid) && !PS(use_only_cookies)) static int php_session_send_cookie(void); @@ -591,8 +597,11 @@ static PHP_INI_MH(OnUpdateTransSid) /* {{{ */ } /* }}} */ + static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ { + SESSION_CHECK_ACTIVE_STATE; + /* Only do the safemode/open_basedir check at runtime */ if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) { char *p; @@ -617,13 +626,14 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ } } - OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); - return SUCCESS; + return OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } /* }}} */ static PHP_INI_MH(OnUpdateName) /* {{{ */ { + SESSION_CHECK_ACTIVE_STATE; + /* Numeric session.name won't work at all */ if ((!ZSTR_LEN(new_value) || is_numeric_string(ZSTR_VAL(new_value), ZSTR_LEN(new_value), NULL, NULL, 0))) { int err_type; @@ -641,11 +651,43 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */ return FAILURE; } - OnUpdateStringUnempty(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); - return SUCCESS; + return OnUpdateStringUnempty(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); +} +/* }}} */ + + +static PHP_INI_MH(OnUpdateSessionLongGEZero) /* {{{ */ +{ + SESSION_CHECK_OUTPUT_STATE; + return OnUpdateLongGEZero(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); +} +/* }}} */ + + +static PHP_INI_MH(OnUpdateSessionLong) /* {{{ */ +{ + SESSION_CHECK_OUTPUT_STATE; + return OnUpdateLong(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } /* }}} */ + +static PHP_INI_MH(OnUpdateSessionString) /* {{{ */ +{ + SESSION_CHECK_OUTPUT_STATE; + return OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); +} +/* }}} */ + + +static PHP_INI_MH(OnUpdateSessionBool) /* {{{ */ +{ + SESSION_CHECK_OUTPUT_STATE; + return OnUpdateBool(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); +} +/* }}} */ + + static PHP_INI_MH(OnUpdateSidLength) /* {{{ */ { zend_long val; @@ -714,21 +756,21 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.serialize_handler", "php", PHP_INI_ALL, OnUpdateSerializer) - STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateLong, cookie_lifetime, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cookie_path", "/", PHP_INI_ALL, OnUpdateString, cookie_path, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cookie_domain", "", PHP_INI_ALL, OnUpdateString, cookie_domain, php_ps_globals, ps_globals) - STD_PHP_INI_BOOLEAN("session.cookie_secure", "", PHP_INI_ALL, OnUpdateBool, cookie_secure, php_ps_globals, ps_globals) - STD_PHP_INI_BOOLEAN("session.cookie_httponly", "", PHP_INI_ALL, OnUpdateBool, cookie_httponly, php_ps_globals, ps_globals) - STD_PHP_INI_BOOLEAN("session.use_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_cookies, php_ps_globals, ps_globals) - STD_PHP_INI_BOOLEAN("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_only_cookies, php_ps_globals, ps_globals) - STD_PHP_INI_BOOLEAN("session.use_strict_mode", "0", PHP_INI_ALL, OnUpdateBool, use_strict_mode, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateString, extern_referer_chk, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cache_limiter", "nocache", PHP_INI_ALL, OnUpdateString, cache_limiter, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateLong, cache_expire, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateSessionLongGEZero, cookie_lifetime, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_path", "/", PHP_INI_ALL, OnUpdateSessionString, cookie_path, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_domain", "", PHP_INI_ALL, OnUpdateSessionString, cookie_domain, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_secure", "0", PHP_INI_ALL, OnUpdateSessionBool, cookie_secure, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_httponly", "0", PHP_INI_ALL, OnUpdateSessionBool, cookie_httponly, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.use_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_cookies, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_only_cookies, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.use_strict_mode", "0", PHP_INI_ALL, OnUpdateSessionBool, use_strict_mode, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateSessionString, extern_referer_chk, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cache_limiter", "nocache", PHP_INI_ALL, OnUpdateSessionString, cache_limiter, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateSessionLong, cache_expire, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.use_trans_sid", "0", PHP_INI_ALL, OnUpdateTransSid) PHP_INI_ENTRY("session.sid_length", "32", PHP_INI_ALL, OnUpdateSidLength) PHP_INI_ENTRY("session.sid_bits_per_character", "4", PHP_INI_ALL, OnUpdateSidBits) - STD_PHP_INI_BOOLEAN("session.lazy_write", "1", PHP_INI_ALL, OnUpdateBool, lazy_write, php_ps_globals, ps_globals) + STD_PHP_INI_BOOLEAN("session.lazy_write", "1", PHP_INI_ALL, OnUpdateSessionBool, lazy_write, php_ps_globals, ps_globals) /* Upload progress */ STD_PHP_INI_BOOLEAN("session.upload_progress.enabled", diff --git a/ext/session/tests/session_set_cookie_params_error.phpt b/ext/session/tests/session_set_cookie_params_error.phpt index 3fdc3ac7689c8..f10876ab0f6e1 100644 --- a/ext/session/tests/session_set_cookie_params_error.phpt +++ b/ext/session/tests/session_set_cookie_params_error.phpt @@ -124,7 +124,7 @@ bool(true) bool(true) -- Iteration 4 -- -bool(true) +bool(false) bool(true) bool(true) bool(true) @@ -140,7 +140,7 @@ bool(true) bool(true) -- Iteration 6 -- -bool(true) +bool(false) bool(true) bool(true) bool(true) From 2a77f716e6e61db2e6338cda195ba0264f9f0c8d Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 13:54:56 +0900 Subject: [PATCH 06/18] Update PHP_SESSION_API --- ext/session/php_session.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/session/php_session.h b/ext/session/php_session.h index 3c03e2aaac704..b51b878826c4b 100644 --- a/ext/session/php_session.h +++ b/ext/session/php_session.h @@ -27,7 +27,7 @@ # include "ext/hash/php_hash.h" #endif -#define PHP_SESSION_API 20150121 +#define PHP_SESSION_API 20161017 #include "php_version.h" #define PHP_SESSION_VERSION PHP_VERSION From 29882f3104880d7bbd97e03b4460ab7c424c97b4 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 18:14:49 +0900 Subject: [PATCH 07/18] Remove env dependecy from test --- ext/session/tests/session_save_path_variation4.phpt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/session/tests/session_save_path_variation4.phpt b/ext/session/tests/session_save_path_variation4.phpt index 1d4d18aaf1cf4..f18b72d796bc0 100644 --- a/ext/session/tests/session_save_path_variation4.phpt +++ b/ext/session/tests/session_save_path_variation4.phpt @@ -54,7 +54,7 @@ bool(true) Warning: ini_set(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line 24 string(0) "" -Warning: session_start(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (.) in %s on line 26 +Warning: session_start(): open_basedir restriction in effect. File(%s) is not within the allowed path(s): (.) in %s on line 26 Warning: session_start(): Failed to initialize storage module: files (path: ) in %s on line 26 bool(false) From bcae9698addf98f931ec9bbcc4393e933c21c2be Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Mon, 17 Oct 2016 19:53:10 +0900 Subject: [PATCH 08/18] Add missing SUCCESS --- ext/session/session.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/session/session.c b/ext/session/session.c index 12575abf483ec..4ab4342c182ed 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1624,7 +1624,7 @@ static int php_session_abort(void) /* {{{ */ static int php_session_reset(void) /* {{{ */ { if (PS(session_status) == php_session_active - && php_session_initialize()) { + && php_session_initialize() == SUCCESS) { return SUCCESS; } return FAILURE; From 27e436179255b08cde32a8e297f5d83c493ac19e Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Tue, 18 Oct 2016 11:20:11 +0900 Subject: [PATCH 09/18] Use dedicated PHP_MH names. Align INI entry defs --- ext/session/session.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/ext/session/session.c b/ext/session/session.c index 4ab4342c182ed..68061801d95a7 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -656,7 +656,7 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */ /* }}} */ -static PHP_INI_MH(OnUpdateSessionLongGEZero) /* {{{ */ +static PHP_INI_MH(OnUpdateCookieLifetime) /* {{{ */ { SESSION_CHECK_OUTPUT_STATE; return OnUpdateLongGEZero(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); @@ -664,7 +664,7 @@ static PHP_INI_MH(OnUpdateSessionLongGEZero) /* {{{ */ /* }}} */ -static PHP_INI_MH(OnUpdateSessionLong) /* {{{ */ +static PHP_INI_MH(OnUpdateCacheExpire) /* {{{ */ { SESSION_CHECK_OUTPUT_STATE; return OnUpdateLong(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); @@ -748,15 +748,15 @@ static PHP_INI_MH(OnUpdateRfc1867Freq) /* {{{ */ /* {{{ PHP_INI */ PHP_INI_BEGIN() - STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateSaveDir,save_path, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateName, session_name, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateSaveDir, save_path, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateName, session_name, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.save_handler", "files", PHP_INI_ALL, OnUpdateSaveHandler) - STD_PHP_INI_BOOLEAN("session.auto_start", "0", PHP_INI_PERDIR, OnUpdateBool, auto_start, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_probability", "1", PHP_INI_ALL, OnUpdateLong, gc_probability, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals) + STD_PHP_INI_BOOLEAN("session.auto_start", "0", PHP_INI_PERDIR, OnUpdateBool, auto_start, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_probability", "1", PHP_INI_ALL, OnUpdateLong, gc_probability, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.serialize_handler", "php", PHP_INI_ALL, OnUpdateSerializer) - STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateSessionLongGEZero, cookie_lifetime, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateCookieLifetime,cookie_lifetime, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cookie_path", "/", PHP_INI_ALL, OnUpdateSessionString, cookie_path, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cookie_domain", "", PHP_INI_ALL, OnUpdateSessionString, cookie_domain, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cookie_secure", "0", PHP_INI_ALL, OnUpdateSessionBool, cookie_secure, php_ps_globals, ps_globals) @@ -764,9 +764,9 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("session.use_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_cookies, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_only_cookies, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.use_strict_mode", "0", PHP_INI_ALL, OnUpdateSessionBool, use_strict_mode, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateSessionString, extern_referer_chk, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.referer_check", "0", PHP_INI_ALL, OnUpdateSessionString, extern_referer_chk, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cache_limiter", "nocache", PHP_INI_ALL, OnUpdateSessionString, cache_limiter, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateSessionLong, cache_expire, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateCacheExpire, cache_expire, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.use_trans_sid", "0", PHP_INI_ALL, OnUpdateTransSid) PHP_INI_ENTRY("session.sid_length", "32", PHP_INI_ALL, OnUpdateSidLength) PHP_INI_ENTRY("session.sid_bits_per_character", "4", PHP_INI_ALL, OnUpdateSidBits) From f2d06e0cbaca89618c85d9010106bad66d100c3f Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Tue, 18 Oct 2016 12:21:54 +0900 Subject: [PATCH 10/18] Base branch was wrong. Touch file to force travis to rebuild. --- ext/session/session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/session/session.c b/ext/session/session.c index 68061801d95a7..479abb8c63c33 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -630,6 +630,7 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ } /* }}} */ + static PHP_INI_MH(OnUpdateName) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; From e7cd7c1a0d1e7192dc46328298e8fd2de8b80e0a Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 14:23:10 +0900 Subject: [PATCH 11/18] Check active state rather than http header. Check negative cookie lifetime. Check active state for lazy_write --- ext/session/session.c | 27 ++++++++++++------- .../session_set_cookie_params_basic.phpt | 4 ++- .../session_set_cookie_params_error.phpt | 4 +++ .../session_set_cookie_params_variation1.phpt | 8 +++--- .../session_set_cookie_params_variation2.phpt | 8 +++--- .../session_set_cookie_params_variation3.phpt | 8 +++--- .../session_set_cookie_params_variation4.phpt | 8 +++--- .../session_set_cookie_params_variation5.phpt | 8 +++--- 8 files changed, 49 insertions(+), 26 deletions(-) diff --git a/ext/session/session.c b/ext/session/session.c index 479abb8c63c33..0a6e72fd3fc38 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -660,6 +660,10 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */ static PHP_INI_MH(OnUpdateCookieLifetime) /* {{{ */ { SESSION_CHECK_OUTPUT_STATE; + if (atol(ZSTR_VAL(new_value)) < 0) { + php_error_docref(NULL, E_WARNING, "CookieLifetime cannot be negative"); + return FAILURE; + } return OnUpdateLongGEZero(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } /* }}} */ @@ -726,6 +730,15 @@ static PHP_INI_MH(OnUpdateSidBits) /* {{{ */ /* }}} */ +static PHP_INI_MH(OnUpdateLazyWrite) /* {{{ */ +{ + SESSION_CHECK_ACTIVE_STATE; + return OnUpdateBool(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); +} +/* }}} */ + + + static PHP_INI_MH(OnUpdateRfc1867Freq) /* {{{ */ { int tmp; @@ -771,7 +784,7 @@ PHP_INI_BEGIN() PHP_INI_ENTRY("session.use_trans_sid", "0", PHP_INI_ALL, OnUpdateTransSid) PHP_INI_ENTRY("session.sid_length", "32", PHP_INI_ALL, OnUpdateSidLength) PHP_INI_ENTRY("session.sid_bits_per_character", "4", PHP_INI_ALL, OnUpdateSidBits) - STD_PHP_INI_BOOLEAN("session.lazy_write", "1", PHP_INI_ALL, OnUpdateSessionBool, lazy_write, php_ps_globals, ps_globals) + STD_PHP_INI_BOOLEAN("session.lazy_write", "1", PHP_INI_ALL, OnUpdateLazyWrite, lazy_write, php_ps_globals, ps_globals) /* Upload progress */ STD_PHP_INI_BOOLEAN("session.upload_progress.enabled", @@ -1403,7 +1416,6 @@ static void ppid2sid(zval *ppid) { } -/* Made to return int from 7.1, previously void */ PHPAPI int php_session_reset_id(void) /* {{{ */ { int module_number = PS(module_number); @@ -1474,7 +1486,6 @@ PHPAPI int php_session_reset_id(void) /* {{{ */ /* }}} */ -/* Made to return int from 7.1, previously void */ PHPAPI int php_session_start(void) /* {{{ */ { zval *ppid; @@ -1663,8 +1674,9 @@ static PHP_FUNCTION(session_set_cookie_params) return; } - if (SG(headers_sent) && PS(use_cookies)) { - php_error_docref(NULL, E_WARNING, "Cannot set cookie parameters - headers already sent"); + + if (PS(session_status) == php_session_active) { + php_error_docref(NULL, E_WARNING, "Cannot change session cookie parameters when session is active"); RETURN_FALSE; } @@ -2356,11 +2368,6 @@ static PHP_FUNCTION(session_destroy) return; } - if (PS(session_status) != php_session_active) { - php_error_docref(NULL, E_WARNING, "Trying to destroy uninitialized session"); - RETURN_FALSE; - } - RETURN_BOOL(php_session_destroy() == SUCCESS); } /* }}} */ diff --git a/ext/session/tests/session_set_cookie_params_basic.phpt b/ext/session/tests/session_set_cookie_params_basic.phpt index 35fa45be8a14f..a67aaa2bc4b4f 100644 --- a/ext/session/tests/session_set_cookie_params_basic.phpt +++ b/ext/session/tests/session_set_cookie_params_basic.phpt @@ -28,7 +28,9 @@ ob_end_flush(); *** Testing session_set_cookie_params() : basic functionality *** bool(true) bool(true) -bool(true) + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 15 +bool(false) bool(true) bool(true) Done diff --git a/ext/session/tests/session_set_cookie_params_error.phpt b/ext/session/tests/session_set_cookie_params_error.phpt index f10876ab0f6e1..9e68ab0359ed5 100644 --- a/ext/session/tests/session_set_cookie_params_error.phpt +++ b/ext/session/tests/session_set_cookie_params_error.phpt @@ -124,6 +124,8 @@ bool(true) bool(true) -- Iteration 4 -- + +Warning: session_set_cookie_params(): CookieLifetime cannot be negative in %s on line 81 bool(false) bool(true) bool(true) @@ -140,6 +142,8 @@ bool(true) bool(true) -- Iteration 6 -- + +Warning: session_set_cookie_params(): CookieLifetime cannot be negative in %s on line 81 bool(false) bool(true) bool(true) diff --git a/ext/session/tests/session_set_cookie_params_variation1.phpt b/ext/session/tests/session_set_cookie_params_variation1.phpt index c594fa033c5da..a6b1e36764ed7 100644 --- a/ext/session/tests/session_set_cookie_params_variation1.phpt +++ b/ext/session/tests/session_set_cookie_params_variation1.phpt @@ -41,10 +41,12 @@ bool(true) string(4) "3600" bool(true) string(4) "3600" + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in /Users/yohgaki/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_variation1.php on line 19 +bool(false) +string(4) "3600" bool(true) -string(4) "1800" -bool(true) -string(4) "1800" +string(4) "3600" bool(true) string(10) "1234567890" Done diff --git a/ext/session/tests/session_set_cookie_params_variation2.phpt b/ext/session/tests/session_set_cookie_params_variation2.phpt index bcbd1e5164823..1bf9bae848cb3 100644 --- a/ext/session/tests/session_set_cookie_params_variation2.phpt +++ b/ext/session/tests/session_set_cookie_params_variation2.phpt @@ -39,10 +39,12 @@ bool(true) string(4) "/foo" bool(true) string(4) "/foo" + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 18 +bool(false) +string(4) "/foo" bool(true) -string(5) "/blah" -bool(true) -string(5) "/blah" +string(4) "/foo" bool(true) string(5) "/guff" Done diff --git a/ext/session/tests/session_set_cookie_params_variation3.phpt b/ext/session/tests/session_set_cookie_params_variation3.phpt index bac2775a786c9..17d1e6a7713d0 100644 --- a/ext/session/tests/session_set_cookie_params_variation3.phpt +++ b/ext/session/tests/session_set_cookie_params_variation3.phpt @@ -39,10 +39,12 @@ bool(true) string(4) "blah" bool(true) string(4) "blah" + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 18 +bool(false) +string(4) "blah" bool(true) -string(4) "guff" -bool(true) -string(4) "guff" +string(4) "blah" bool(true) string(3) "foo" Done diff --git a/ext/session/tests/session_set_cookie_params_variation4.phpt b/ext/session/tests/session_set_cookie_params_variation4.phpt index 1a3acd4a0a5fb..2b10f3cc82bbb 100644 --- a/ext/session/tests/session_set_cookie_params_variation4.phpt +++ b/ext/session/tests/session_set_cookie_params_variation4.phpt @@ -39,10 +39,12 @@ bool(true) string(1) "0" bool(true) string(1) "0" + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 18 +bool(false) +string(1) "0" bool(true) -string(1) "1" -bool(true) -string(1) "1" +string(1) "0" bool(true) string(1) "0" Done diff --git a/ext/session/tests/session_set_cookie_params_variation5.phpt b/ext/session/tests/session_set_cookie_params_variation5.phpt index 2ddef235bcc62..ffdd29db2d48c 100644 --- a/ext/session/tests/session_set_cookie_params_variation5.phpt +++ b/ext/session/tests/session_set_cookie_params_variation5.phpt @@ -39,10 +39,12 @@ bool(true) string(1) "0" bool(true) string(1) "0" + +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 18 +bool(false) +string(1) "0" bool(true) -string(1) "1" -bool(true) -string(1) "1" +string(1) "0" bool(true) string(1) "0" Done From 1646d2f28107fabf084f44d0ea10c25e4cb37b5a Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 16:53:31 +0900 Subject: [PATCH 12/18] Add doc. Check both output and active status. Changes after header sent will never work. Should not change setting while session is active because it does not work. --- UPGRADING | 29 +++++++++++++++++++++++++++++ UPGRADING.INTERNALS | 5 +++++ ext/session/session.c | 28 ++++++++++++++++++++++------ 3 files changed, 56 insertions(+), 6 deletions(-) diff --git a/UPGRADING b/UPGRADING index 9040740cdacc0..21f70ab5a7cf9 100644 --- a/UPGRADING +++ b/UPGRADING @@ -25,6 +25,35 @@ PHP 7.2 UPGRADE NOTES . is_object() will now return true for objects of class __PHP_Incomplete_Class. +- Session: + . Session is made to manage session status corretly and prevents invalid operations. + Almost all functions and INIs are affected. + . Functions are made to set or return correct session status. + session_start(), session_status(), session_regenerate_id() + . Functions are made to return bool from null. These functions have void parameter + and void parameter is checked. + session_unset(), session_write_close()/session_commit(), session_abort(), + session_reset() + . Functions prohibit invalid operations with regard to session status and + HTTP header status, returns correct bool return value. + session_start(), session_set_cookie_params(), session_name(), session_module_name(), + session_set_save_handler(), session_regenerate_id(), session_cache_limiter(), + session_cache_expire(), session_unset(), session_destroy(), + session_write_close()/session_commit(), session_reset() + . INI value change by ini_set() returns update status correctly. Invalid INI modifications + are checked and made to fail. + session.name, session.save_path, session.cookie_lifetime, session.cookie_path, + session.cookie_domain, session.cookie_httponly, session.cookie_secure, + session.use_cookies, session.use_only_cookies, session.use_strict_mode, + session.referer_check, session.cache_limiter, session.cache_expire, + session.lazy_write, session.save_handler, session.serialize_handler, + session.gc_probability, session.gc_divior, session.gc_maxlifetime, + . Some E_ERRORs are changed to E_WARNING since session status is managed correctly. + session_start() + . Session no longer initialize $_SESSION for invalid and useless session. + session_start() + + ======================================== 2. New Features ======================================== diff --git a/UPGRADING.INTERNALS b/UPGRADING.INTERNALS index 71ade7becc00f..e13dc22010e7b 100644 --- a/UPGRADING.INTERNALS +++ b/UPGRADING.INTERNALS @@ -31,3 +31,8 @@ PHP 7.1 INTERNALS UPGRADE NOTES 3. Module changes ======================== +- Session: + . php_session_start()/session_reset_id() return value is changed from void to int. + It returns SUCCESS/FAILURE. + . Session module manages session status correctly. + diff --git a/ext/session/session.c b/ext/session/session.c index 05cfb97744cce..8e56416331678 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -528,7 +528,9 @@ static void php_session_normalize_vars() /* {{{ */ static PHP_INI_MH(OnUpdateSaveHandler) /* {{{ */ { ps_module *tmp; + SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; tmp = _php_find_ps_module(ZSTR_VAL(new_value)); @@ -558,7 +560,9 @@ static PHP_INI_MH(OnUpdateSaveHandler) /* {{{ */ static PHP_INI_MH(OnUpdateSerializer) /* {{{ */ { const ps_serializer *tmp; + SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; tmp = _php_find_ps_serializer(ZSTR_VAL(new_value)); @@ -586,6 +590,7 @@ static PHP_INI_MH(OnUpdateSerializer) /* {{{ */ static PHP_INI_MH(OnUpdateTransSid) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; if (!strncasecmp(ZSTR_VAL(new_value), "on", sizeof("on"))) { PS(use_trans_sid) = (zend_bool) 1; @@ -601,6 +606,7 @@ static PHP_INI_MH(OnUpdateTransSid) /* {{{ */ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; /* Only do the safemode/open_basedir check at runtime */ if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) { @@ -634,6 +640,7 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ static PHP_INI_MH(OnUpdateName) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; /* Numeric session.name won't work at all */ if ((!ZSTR_LEN(new_value) || is_numeric_string(ZSTR_VAL(new_value), ZSTR_LEN(new_value), NULL, NULL, 0))) { @@ -659,6 +666,7 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */ static PHP_INI_MH(OnUpdateCookieLifetime) /* {{{ */ { + SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; if (atol(ZSTR_VAL(new_value)) < 0) { php_error_docref(NULL, E_WARNING, "CookieLifetime cannot be negative"); @@ -669,8 +677,9 @@ static PHP_INI_MH(OnUpdateCookieLifetime) /* {{{ */ /* }}} */ -static PHP_INI_MH(OnUpdateCacheExpire) /* {{{ */ +static PHP_INI_MH(OnUpdateSessionLong) /* {{{ */ { + SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; return OnUpdateLong(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } @@ -679,6 +688,7 @@ static PHP_INI_MH(OnUpdateCacheExpire) /* {{{ */ static PHP_INI_MH(OnUpdateSessionString) /* {{{ */ { + SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; return OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } @@ -688,6 +698,7 @@ static PHP_INI_MH(OnUpdateSessionString) /* {{{ */ static PHP_INI_MH(OnUpdateSessionBool) /* {{{ */ { SESSION_CHECK_OUTPUT_STATE; + SESSION_CHECK_ACTIVE_STATE; return OnUpdateBool(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } /* }}} */ @@ -698,6 +709,8 @@ static PHP_INI_MH(OnUpdateSidLength) /* {{{ */ zend_long val; char *endptr = NULL; + SESSION_CHECK_OUTPUT_STATE; + SESSION_CHECK_ACTIVE_STATE; val = ZEND_STRTOL(ZSTR_VAL(new_value), &endptr, 10); if (endptr && (*endptr == '\0') && val >= 22 && val <= PS_MAX_SID_LENGTH) { @@ -716,6 +729,8 @@ static PHP_INI_MH(OnUpdateSidBits) /* {{{ */ zend_long val; char *endptr = NULL; + SESSION_CHECK_OUTPUT_STATE; + SESSION_CHECK_ACTIVE_STATE; val = ZEND_STRTOL(ZSTR_VAL(new_value), &endptr, 10); if (endptr && (*endptr == '\0') && val >= 4 && val <=6) { @@ -733,6 +748,7 @@ static PHP_INI_MH(OnUpdateSidBits) /* {{{ */ static PHP_INI_MH(OnUpdateLazyWrite) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; return OnUpdateBool(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } /* }}} */ @@ -766,9 +782,9 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateName, session_name, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.save_handler", "files", PHP_INI_ALL, OnUpdateSaveHandler) STD_PHP_INI_BOOLEAN("session.auto_start", "0", PHP_INI_PERDIR, OnUpdateBool, auto_start, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_probability", "1", PHP_INI_ALL, OnUpdateLong, gc_probability, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_probability", "1", PHP_INI_ALL, OnUpdateSessionLong, gc_probability, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateSessionLong, gc_divisor, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateSessionLong, gc_maxlifetime, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.serialize_handler", "php", PHP_INI_ALL, OnUpdateSerializer) STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateCookieLifetime,cookie_lifetime, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cookie_path", "/", PHP_INI_ALL, OnUpdateSessionString, cookie_path, php_ps_globals, ps_globals) @@ -778,9 +794,9 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY("session.use_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_cookies, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateSessionBool, use_only_cookies, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.use_strict_mode", "0", PHP_INI_ALL, OnUpdateSessionBool, use_strict_mode, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.referer_check", "0", PHP_INI_ALL, OnUpdateSessionString, extern_referer_chk, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateSessionString, extern_referer_chk, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.cache_limiter", "nocache", PHP_INI_ALL, OnUpdateSessionString, cache_limiter, php_ps_globals, ps_globals) - STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateCacheExpire, cache_expire, php_ps_globals, ps_globals) + STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateSessionLong, cache_expire, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.use_trans_sid", "0", PHP_INI_ALL, OnUpdateTransSid) PHP_INI_ENTRY("session.sid_length", "32", PHP_INI_ALL, OnUpdateSidLength) PHP_INI_ENTRY("session.sid_bits_per_character", "4", PHP_INI_ALL, OnUpdateSidBits) From f5bc23b4a18fdc5c0c7a4646edff19413be7e59f Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 16:58:54 +0900 Subject: [PATCH 13/18] Update to more descrictive sentence --- UPGRADING | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/UPGRADING b/UPGRADING index 21f70ab5a7cf9..16ec0615de200 100644 --- a/UPGRADING +++ b/UPGRADING @@ -27,7 +27,8 @@ PHP 7.2 UPGRADE NOTES - Session: . Session is made to manage session status corretly and prevents invalid operations. - Almost all functions and INIs are affected. + Only inappropriate codes are affected by this change. If you have problems with this, + it means you have problem in your code. . Functions are made to set or return correct session status. session_start(), session_status(), session_regenerate_id() . Functions are made to return bool from null. These functions have void parameter From 7315a5432b16c111767abcb98bd10308d842b749 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 17:02:03 +0900 Subject: [PATCH 14/18] Fix test --- ext/session/tests/session_set_cookie_params_variation1.phpt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ext/session/tests/session_set_cookie_params_variation1.phpt b/ext/session/tests/session_set_cookie_params_variation1.phpt index a6b1e36764ed7..93ac056d8982a 100644 --- a/ext/session/tests/session_set_cookie_params_variation1.phpt +++ b/ext/session/tests/session_set_cookie_params_variation1.phpt @@ -42,7 +42,7 @@ string(4) "3600" bool(true) string(4) "3600" -Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in /Users/yohgaki/git/oss/php.net/github-php-src/ext/session/tests/session_set_cookie_params_variation1.php on line 19 +Warning: session_set_cookie_params(): Cannot change session cookie parameters when session is active in %s on line 19 bool(false) string(4) "3600" bool(true) From 5a30738183276c89c462fbafbc0794e05bdeba7c Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 17:46:44 +0900 Subject: [PATCH 15/18] I should have checked header sent status in functions, too. --- ext/session/session.c | 62 +++++++++++++++++++--- ext/session/tests/004.phpt | 1 + ext/session/tests/005.phpt | 2 +- ext/session/tests/006.phpt | 3 +- ext/session/tests/009.phpt | 1 + ext/session/tests/024.phpt | 1 + ext/session/tests/025.phpt | 2 +- ext/session/tests/026.phpt | 1 + ext/session/tests/027.phpt | 1 + ext/session/tests/bug66481.phpt | 1 + ext/session/tests/rfc1867_sid_invalid.phpt | 49 ++++++++++++++++- 11 files changed, 114 insertions(+), 10 deletions(-) diff --git a/ext/session/session.c b/ext/session/session.c index 8e56416331678..9c3c4624a8342 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1675,7 +1675,7 @@ PHPAPI void session_adapt_url(const char *url, size_t urllen, char **new, size_t * Userspace exported functions * ******************************** */ -/* {{{ proto void session_set_cookie_params(int lifetime [, string path [, string domain [, bool secure[, bool httponly]]]]) +/* {{{ proto bool session_set_cookie_params(int lifetime [, string path [, string domain [, bool secure[, bool httponly]]]]) Set session cookie parameters */ static PHP_FUNCTION(session_set_cookie_params) { @@ -1696,6 +1696,11 @@ static PHP_FUNCTION(session_set_cookie_params) RETURN_FALSE; } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change session cookie parameters when headers already sent"); + RETURN_FALSE; + } + convert_to_string_ex(lifetime); ini_name = zend_string_init("session.cookie_lifetime", sizeof("session.cookie_lifetime") - 1, 0); @@ -1777,6 +1782,11 @@ static PHP_FUNCTION(session_name) RETURN_FALSE; } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change session name when headers already sent"); + RETURN_FALSE; + } + RETVAL_STRING(PS(session_name)); if (name) { @@ -1803,6 +1813,11 @@ static PHP_FUNCTION(session_module_name) RETURN_FALSE; } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change save handler module when headers already sent"); + RETURN_FALSE; + } + /* Set return_value to current module name */ if (PS(mod) && PS(mod)->s_name) { RETVAL_STRING(PS(mod)->s_name); @@ -1829,7 +1844,7 @@ static PHP_FUNCTION(session_module_name) } /* }}} */ -/* {{{ proto void session_set_save_handler(string open, string close, string read, string write, string destroy, string gc, string create_sid) +/* {{{ proto bool session_set_save_handler(string open, string close, string read, string write, string destroy, string gc, string create_sid) Sets user-level functions */ static PHP_FUNCTION(session_set_save_handler) { @@ -1843,6 +1858,11 @@ static PHP_FUNCTION(session_set_save_handler) RETURN_FALSE; } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change save handler when headers already sent"); + RETURN_FALSE; + } + if (argc > 0 && argc <= 2) { zval *obj = NULL; zend_string *func_name; @@ -2001,6 +2021,11 @@ static PHP_FUNCTION(session_save_path) RETURN_FALSE; } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change save path when headers already sent"); + RETURN_FALSE; + } + RETVAL_STRING(PS(save_path)); if (name) { @@ -2027,6 +2052,11 @@ static PHP_FUNCTION(session_id) return; } + if (name && SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change session id when headers already sent"); + RETURN_FALSE; + } + if (PS(id)) { /* keep compatibility for "\0" characters ??? * see: ext/session/tests/session_id_error3.phpt */ @@ -2065,7 +2095,7 @@ static PHP_FUNCTION(session_regenerate_id) RETURN_FALSE; } - if (SG(headers_sent) && PS(use_cookies)) { + if (SG(headers_sent)) { php_error_docref(NULL, E_WARNING, "Cannot regenerate session id - headers already sent"); RETURN_FALSE; } @@ -2149,7 +2179,7 @@ static PHP_FUNCTION(session_regenerate_id) } /* }}} */ -/* {{{ proto void session_create_id([string prefix]) +/* {{{ proto string session_create_id([string prefix]) Generate new session ID. Intended for user save handlers. */ /* This is not used yet */ static PHP_FUNCTION(session_create_id) @@ -2210,13 +2240,18 @@ static PHP_FUNCTION(session_cache_limiter) zend_string *limiter = NULL; zend_string *ini_name; + if (zend_parse_parameters(ZEND_NUM_ARGS(), "|S", &limiter) == FAILURE) { + return; + } + if (PS(session_status) == php_session_active) { php_error_docref(NULL, E_WARNING, "Cannot change cache limiter when session is active"); RETURN_FALSE; } - if (zend_parse_parameters(ZEND_NUM_ARGS(), "|S", &limiter) == FAILURE) { - return; + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change cache limiter when headers already sent"); + RETURN_FALSE; } RETVAL_STRING(PS(cache_limiter)); @@ -2245,6 +2280,11 @@ static PHP_FUNCTION(session_cache_expire) RETURN_LONG(PS(cache_expire)); } + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot change cache expire when headers already sent"); + RETURN_FALSE; + } + RETVAL_LONG(PS(cache_expire)); if (expires) { @@ -2328,6 +2368,16 @@ static PHP_FUNCTION(session_start) RETURN_TRUE; } + /* + * TODO: To prevent unusable session with trans sid, actual output started status is + * required. i.e. There shouldn't be any outputs in output buffer, otherwise session + * module is unable to rewrite output. + */ + if (SG(headers_sent)) { + php_error_docref(NULL, E_WARNING, "Cannot start session when headers already sent"); + RETURN_FALSE; + } + /* set options */ if (options) { ZEND_HASH_FOREACH_KEY_VAL(Z_ARRVAL_P(options), num_idx, str_idx, value) { diff --git a/ext/session/tests/004.phpt b/ext/session/tests/004.phpt index 4547c65574914..9e34b7123f927 100644 --- a/ext/session/tests/004.phpt +++ b/ext/session/tests/004.phpt @@ -11,6 +11,7 @@ session.serialize_handler=php --FILE-- --FILE-- + int(%d) + ["content_length"]=> + int(469) + ["bytes_processed"]=> + int(469) + ["done"]=> + bool(true) + ["files"]=> + array(2) { + [0]=> + array(7) { + ["field_name"]=> + string(5) "file1" + ["name"]=> + string(9) "file1.txt" + ["tmp_name"]=> + string(%d) "%s" + ["error"]=> + int(0) + ["done"]=> + bool(true) + ["start_time"]=> + int(%d) + ["bytes_processed"]=> + int(1) + } + [1]=> + array(7) { + ["field_name"]=> + string(5) "file2" + ["name"]=> + string(9) "file2.txt" + ["tmp_name"]=> + string(%d) "%s" + ["error"]=> + int(0) + ["done"]=> + bool(true) + ["start_time"]=> + int(%d) + ["bytes_processed"]=> + int(1) + } + } +} From 76f77f7dc7d8be8db512766c2814b562b9d91827 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 17:49:52 +0900 Subject: [PATCH 16/18] Add test for INI changes --- ext/session/tests/session_ini_set.phpt | 182 +++++++++++++++++++++++++ 1 file changed, 182 insertions(+) create mode 100644 ext/session/tests/session_ini_set.phpt diff --git a/ext/session/tests/session_ini_set.phpt b/ext/session/tests/session_ini_set.phpt new file mode 100644 index 0000000000000..58c3f837a7ea2 --- /dev/null +++ b/ext/session/tests/session_ini_set.phpt @@ -0,0 +1,182 @@ +--TEST-- +Test ini_set() for session : basic functionality +--SKIPIF-- + +--INI-- +session.save_path= +session.name="PHPSESSID" +session.save_handler="files" +session.auto_start="0" +session.gc_probability="1" +session.gc_divisor="100" +session.gc_maxlifetime="1440" +session.serialize_handler="php" +session.cookie_path="/" +session.cookie_domain="" +session.cookie_secure="0" +session.cookie_httponly="0" +session.use_cookies="1" +session.use_only_cookies="1" +session.use_strict_mode="0" +session.referer_check="" +session.cache_limiter="nocache" +session.cache_expire="180" +session.use_trans_sid="0" +session.sid_length="32" +session.sid_bits_per_character="4" +session.lazy_write="1" +--FILE-- + +--EXPECTF-- +*** Testing ini_set() for session ini: basic functionality *** +string(0) "" +string(9) "PHPSESSID" +string(5) "files" +bool(false) +string(1) "1" +string(3) "100" +string(4) "1440" +string(3) "php" +string(1) "/" +string(0) "" +string(1) "0" +string(1) "0" +string(1) "1" +string(1) "1" +string(1) "0" +string(0) "" +string(7) "nocache" +string(3) "180" +string(1) "0" +string(2) "32" +string(1) "4" +string(1) "1" +string(15) "session started" + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 38 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 39 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 40 +bool(false) +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 42 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 43 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 44 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 45 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 46 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 47 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 48 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 49 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 50 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 51 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 52 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 53 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 54 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 55 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 56 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 57 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 58 +bool(false) + +Warning: ini_set(): A session is active. You cannot change the session module's ini settings at this time in %s on line 59 +bool(false) +Done From 51e83df9fe7b9229e15cd4a0e1794fe0ff4e22a8 Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Sun, 23 Oct 2016 18:34:31 +0900 Subject: [PATCH 17/18] Fix test --- Zend/tests/unset_cv05.phpt | 1 + 1 file changed, 1 insertion(+) diff --git a/Zend/tests/unset_cv05.phpt b/Zend/tests/unset_cv05.phpt index 36fea3bc4039f..4e284459f6dc7 100644 --- a/Zend/tests/unset_cv05.phpt +++ b/Zend/tests/unset_cv05.phpt @@ -11,6 +11,7 @@ include(dirname(__FILE__).'/../../ext/session/tests/skipif.inc'); ?> --FILE-- Date: Thu, 17 Nov 2016 09:27:02 +0900 Subject: [PATCH 18/18] Fix test --- Zend/tests/unset_cv05.phpt | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Zend/tests/unset_cv05.phpt b/Zend/tests/unset_cv05.phpt index 4e284459f6dc7..e0352b6a84538 100644 --- a/Zend/tests/unset_cv05.phpt +++ b/Zend/tests/unset_cv05.phpt @@ -21,10 +21,6 @@ echo "\nok\n"; --EXPECTF-- ok -Warning: session_start(): Cannot send session cookie - headers already sent by (output started at %sunset_cv05.php on line %d - -Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at %sunset_cv05.php:%d) in %sunset_cv05.php on line %d - Notice: Array to string conversion in %sunset_cv05.php on line %d Array ok