2011/12/2 Daniel K. <[email protected]>:
> Yasuo Ohgaki wrote:
>>
>> 2011/12/2 Yasuo Ohgaki <[email protected]>:
>>>
>>> I think Daniel mean there are extra spaces for indent.
>>> I'll fix it.
>
>
> That's exactly it, however the updated patch still has problems.
>
> Search for a + followed by only tabs or spaces. Empty lines should be
> just that, empty.
Does CODING_STANDARDS mention this?
>>> Since Daniel mentioned that he cannot disable strict session,
>
>
> I did no such thing. from where did you get that idea?
>
Because you wrote this.
> This could never work with:
>
> session_id("foo");
> session_start();
>
> could it?
I think you understands it can be controlled by session.use_strict_mode now.
> I am in serious doubt as to whether the additonal restrictions on valid
> characters in session ids are appropriate, and I fear that some poor sod may
> be in for a nasty surpris because of this.
>
> Remember, this is not just about the return value of hash functions, as this
> is used to validate session_ids set with session_id() as well.
With strict session, user cannot set session ID. If user can, it's not
a strict session, but adoptive.
If user would like to use adoptive session, user may set
session.use_strict_mode=0.
Regards,
--
Yasuo Ohgaki
[email protected]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
