Fix bug #71038 - session_start() returns true even when it failed

UPGRADING

@@ -36,6 +36,36 @@ PHP 7.2 UPGRADE NOTES
     keys. This fixes the behaviour of previous versions, where numeric string
     property names would become inaccessible string keys.
 
+- Session:
+  . Session is made to manage session status corretly and prevents invalid operations.
+    Only inappropriate codes are affected by this change. If you have problems with this,
+    it means you have problem in your code.
+    . Functions are made to set or return correct session status.
+        session_start(), session_status(), session_regenerate_id()
+    . Functions are made to return bool from null. These functions have void parameter
+      and void parameter is checked.
+        session_unset(), session_write_close()/session_commit(), session_abort(),
+        session_reset()
+    . Functions prohibit invalid operations with regard to session status and
+      HTTP header status, returns correct bool return value.
+        session_start(), session_set_cookie_params(), session_name(), session_module_name(),
+        session_set_save_handler(), session_regenerate_id(), session_cache_limiter(),
+        session_cache_expire(), session_unset(), session_destroy(),
+        session_write_close()/session_commit(), session_reset()
+    . INI value change by ini_set() returns update status correctly.　Invalid INI modifications
+      are checked and made to fail.
+        session.name, session.save_path, session.cookie_lifetime, session.cookie_path,
+        session.cookie_domain, session.cookie_httponly, session.cookie_secure,
+        session.use_cookies, session.use_only_cookies, session.use_strict_mode,
+        session.referer_check, session.cache_limiter, session.cache_expire,
+        session.lazy_write, session.save_handler, session.serialize_handler,
+        session.gc_probability, session.gc_divior, session.gc_maxlifetime,
+    . Some E_ERRORs are changed to E_WARNING since session status is managed correctly.
+        session_start()
+    . Session no longer initialize $_SESSION for invalid and useless session.
+        session_start()
+
+
 ========================================
 2. New Features
 ========================================

UPGRADING.INTERNALS

@@ -31,3 +31,8 @@ PHP 7.1 INTERNALS UPGRADE NOTES
 3. Module changes
 ========================
 
+- Session:
+  . php_session_start()/session_reset_id() return value is changed from void to int.
+    It returns SUCCESS/FAILURE.
+  . Session module manages session status correctly.
+

Zend/tests/unset_cv05.phpt

@@ -11,6 +11,7 @@ include(dirname(__FILE__).'/../../ext/session/tests/skipif.inc');
 ?>
 --FILE--
 <?php
+ob_start();
 $_SESSION = "ok\n";
 echo $_SESSION;
 session_start();
@@ -20,10 +21,6 @@ echo "\nok\n";
 --EXPECTF--
 ok
 
-Warning: session_start(): Cannot send session cookie - headers already sent by (output started at %sunset_cv05.php on line %d
-
-Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at %sunset_cv05.php:%d) in %sunset_cv05.php on line %d
-
 Notice: Array to string conversion in %sunset_cv05.php on line %d
 Array
 ok

ext/session/php_session.h

@@ -27,7 +27,7 @@
 # include "ext/hash/php_hash.h"
 #endif
 
-#define PHP_SESSION_API 20150121
+#define PHP_SESSION_API 20161017
 
 #include "php_version.h"
 #define PHP_SESSION_VERSION PHP_VERSION
@@ -265,13 +265,13 @@ PHPAPI int php_session_register_serializer(const char *name,
 	        int (*decode)(PS_SERIALIZER_DECODE_ARGS));
 
 PHPAPI void php_session_set_id(char *id);
-PHPAPI void php_session_start(void);
+PHPAPI int php_session_start(void);
 
 PHPAPI ps_module *_php_find_ps_module(char *name);
 PHPAPI const ps_serializer *_php_find_ps_serializer(char *name);
 
 PHPAPI int php_session_valid_key(const char *key);
-PHPAPI void php_session_reset_id(void);
+PHPAPI int php_session_reset_id(void);
 
 #define PS_ADD_VARL(name) do {										\
 	php_add_session_var(name);							\