tony2001 Wed Dec 20 19:20:59 2006 UTC
Modified files:
/php-src/ext/session session.c
Log:
remove register_globals remains
maintain an internal reference of _SESSION, so that it won't be possible to
destroy it from userspace
http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.457&r2=1.458&diff_format=u
Index: php-src/ext/session/session.c
diff -u php-src/ext/session/session.c:1.457 php-src/ext/session/session.c:1.458
--- php-src/ext/session/session.c:1.457 Mon Dec 4 15:58:35 2006
+++ php-src/ext/session/session.c Wed Dec 20 19:20:59 2006
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.457 2006/12/04 15:58:35 tony2001 Exp $ */
+/* $Id: session.c,v 1.458 2006/12/20 19:20:59 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -493,14 +493,17 @@
zval *session_vars = NULL;
/* Unconditionally destroy existing arrays -- possible dirty data */
- zend_delete_global_variable("HTTP_SESSION_VARS",
sizeof("HTTP_SESSION_VARS")-1 TSRMLS_CC);
zend_delete_global_variable("_SESSION", sizeof("_SESSION")-1 TSRMLS_CC);
+ if (PS(http_session_vars)) {
+ zval_ptr_dtor(&PS(http_session_vars));
+ }
+
MAKE_STD_ZVAL(session_vars);
array_init(session_vars);
PS(http_session_vars) = session_vars;
- ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"),
PS(http_session_vars), 1, 0);
+ ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"),
PS(http_session_vars), 2, 1);
}
static char *php_session_encode(int *newlen TSRMLS_DC)
@@ -729,39 +732,6 @@
}
}
-static int migrate_global(HashTable *ht, HashPosition *pos TSRMLS_DC)
-{
- zstr str;
- uint str_len;
- ulong num_key;
- int n;
- zval **val;
- int ret = 0;
-
- n = zend_hash_get_current_key_ex(ht, &str, &str_len, &num_key, 0, pos);
-
- switch (n) {
- case HASH_KEY_IS_STRING:
- case HASH_KEY_IS_UNICODE:
- if (zend_u_hash_find(&EG(symbol_table), n, str,
str_len,
- (void **) &val) == SUCCESS
- && val && Z_TYPE_PP(val) != IS_NULL) {
- /* FIXME: Unicode support??? */
- ZEND_SET_SYMBOL_WITH_LENGTH(ht, str.s, str_len,
*val,
- (*val)->refcount + 1 , 1);
- ret = 1;
- }
- break;
- case HASH_KEY_IS_LONG:
- php_error_docref(NULL TSRMLS_CC, E_NOTICE, "The session
bug compatibility code will not "
- "try to locate the global variable $%lu
due to its "
- "numeric nature", num_key);
- break;
- }
-
- return ret;
-}
-
static void php_session_save_current_state(TSRMLS_D)
{
int ret = FAILURE;
@@ -1507,8 +1477,7 @@
} else {
convert_to_string_ex(entry);
- if ((strcmp(Z_STRVAL_PP(entry), "HTTP_SESSION_VARS") != 0) &&
- (strcmp(Z_STRVAL_PP(entry), "_SESSION") != 0)) {
+ if (strcmp(Z_STRVAL_PP(entry), "_SESSION") != 0) {
PS_ADD_VARL(Z_STRVAL_PP(entry), Z_STRLEN_PP(entry));
}
}
@@ -1617,6 +1586,10 @@
static void php_rshutdown_session_globals(TSRMLS_D)
{
+ if (PS(http_session_vars)) {
+ zval_ptr_dtor(&PS(http_session_vars));
+ PS(http_session_vars) = NULL;
+ }
if (PS(mod_data)) {
zend_try {
PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
