tony2001 Fri May 20 06:28:35 2005 EDT Modified files: (Branch: PHP_4_3) /php-src NEWS /php-src/ext/session session.c Log: MFH: fix bug #32944 (Disabling session.use_cookies doesn't prevent reading session cookies) http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.906&r2=1.1247.2.907&ty=u Index: php-src/NEWS diff -u php-src/NEWS:1.1247.2.906 php-src/NEWS:1.1247.2.907 --- php-src/NEWS:1.1247.2.906 Fri May 20 02:36:56 2005 +++ php-src/NEWS Fri May 20 06:28:34 2005 @@ -12,6 +12,8 @@ - Fixed bug #33019 (socket errors cause memory leaks in php_strerror()). (jwozniak23 at poczta dot onet dot pl, Tony). - Fixed bug #32974 (pcntl calls malloc() from a signal handler). (Wez) +- Fixed bug #32944 (Disabling session.use_cookies doesn't prevent reading + session cookies). (Jani, Tony) - Fixed bug #32936 (http redirects URLs are not checked for control chars). (Ilia) - Fixed bug #32932 (Oracle LDAP: ldap_get_entries invalid pointer). (Jani) - Fixed bug #32904 (pg_get_notify() ignores result_type parameter). (Tony) http://cvs.php.net/diff.php/php-src/ext/session/session.c?r1=1.336.2.50&r2=1.336.2.51&ty=u Index: php-src/ext/session/session.c diff -u php-src/ext/session/session.c:1.336.2.50 php-src/ext/session/session.c:1.336.2.51 --- php-src/ext/session/session.c:1.336.2.50 Sun Feb 13 12:51:32 2005 +++ php-src/ext/session/session.c Fri May 20 06:28:35 2005 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: session.c,v 1.336.2.50 2005/02/13 17:51:32 sniper Exp $ */ +/* $Id: session.c,v 1.336.2.51 2005/05/20 10:28:35 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1015,7 +1015,7 @@ */ if (!PS(id)) { - if (zend_hash_find(&EG(symbol_table), "_COOKIE", + if (PS(use_cookies) && zend_hash_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE"), (void **) &data) == SUCCESS && Z_TYPE_PP(data) == IS_ARRAY && zend_hash_find(Z_ARRVAL_PP(data), PS(session_name),
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php