iliaa Sun Apr 24 13:52:21 2005 EDT
Modified files:
/php-src/main php_variables.c
Log:
Fixed bug #32802 (General cookie overrides more specific cookie).
http://cvs.php.net/diff.php/php-src/main/php_variables.c?r1=1.90&r2=1.91&ty=u
Index: php-src/main/php_variables.c
diff -u php-src/main/php_variables.c:1.90 php-src/main/php_variables.c:1.91
--- php-src/main/php_variables.c:1.90 Sat Apr 23 16:33:34 2005
+++ php-src/main/php_variables.c Sun Apr 24 13:52:21 2005
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_variables.c,v 1.90 2005/04/23 20:33:34 sniper Exp $ */
+/* $Id: php_variables.c,v 1.91 2005/04/24 17:52:21 iliaa Exp $ */
#include <stdio.h>
#include "php.h"
@@ -182,7 +182,19 @@
if (!index) {
zend_hash_next_index_insert(symtable1,
&gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else {
+ zval *tmp;
char *escaped_index = php_addslashes(index,
index_len, &index_len, 0 TSRMLS_CC);
+ /*
+ * According to rfc2965, more specific paths
are listed above the less specific ones.
+ * If we encounter a duplicate cookie name, we
should skip it, since it is not possible
+ * to have the same (plain text) cookie name
for the same path and we should not overwrite
+ * more specific cookies with the less specific
ones.
+ */
+ if (PG(http_globals)[TRACK_VARS_COOKIE] &&
symtable1 == Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) &&
+ zend_symtable_find(symtable1,
escaped_index, index_len+1, (void **) &tmp) != FAILURE) {
+ efree(escaped_index);
+ break;
+ }
zend_symtable_update(symtable1, escaped_index,
index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
efree(escaped_index);
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
