ID: 8978
User Update by: Maxim Derkachev <[EMAIL PROTECTED]>
Status: Analyzed
Bug Type: Feature/Change Request
Operating system: 
PHP Version: 4.0.4pl1
Description: Add a 'readonly' possibility to the session module

just made a patch against the current sources (session.c and php_session.h).

*** php_session.h.orig  Tue May 15 15:16:50 2001
--- php_session.h       Tue May 15 15:23:26 2001
***************
*** 96,100 ****
--- 96,103 ----
        zend_bool define_sid;
        zend_bool use_cookies;
+       int readonly;
  } php_ps_globals;
+
+ #define SESS_READONLY 1

  extern zend_module_entry session_module_entry;
*** session.c.orig      Tue May 15 15:16:04 2001
--- session.c   Wed May 16 11:54:31 2001
***************
*** 526,529 ****
--- 526,533 ----
        PLS_FETCH();

+       if (PS(readonly)) {
+               return;
+       }
+
        if (!PG(register_globals)) {
                if (!PS(http_session_vars)) {
***************
*** 899,902 ****
--- 903,911 ----
        zend_bool retval = SUCCESS;

+       if (PS(readonly)) {
+               php_error(E_WARNING, "Trying to destroy readonly session");
+               return FAILURE;
+       }
+
        if (PS(nr_open_sessions) == 0) {
                php_error(E_WARNING, "Trying to destroy uninitialized session");
***************
*** 1265,1270 ****
--- 1274,1297 ----
  PHP_FUNCTION(session_start)
  {
+       pval **flag;
        PSLS_FETCH();

+       if (ZEND_NUM_ARGS() > 1)
+               WRONG_PARAM_COUNT;
+
+       if (ZEND_NUM_ARGS() == 0 ) {
+               PS(readonly) = 0;
+       }
+       if (ZEND_NUM_ARGS() == 1 && zend_get_parameters_ex(1, &flag) != FAILURE) {
+               convert_to_long_ex(flag);
+               if (((int) ((*flag)->value.lval)) == SESS_READONLY) {
+                       PS(readonly) = 1;
+               }
+               else {
+                       PS(readonly) = 0;
+               }
+       }
+
+
        php_session_start(PSLS_C);

***************
*** 1314,1317 ****
--- 1341,1347 ----
        PSLS_FETCH();

+       if (PS(readonly))
+               return;
+
        if (PS(nr_open_sessions) == 0)
                RETURN_FALSE;
***************
*** 1353,1356 ****
--- 1383,1388 ----
        PSLS_FETCH();

+       REGISTER_LONG_CONSTANT("SESS_READ_ONLY", SESS_READONLY, CONST_CS);
+
        php_rinit_session_globals(PSLS_C);

***************
*** 1404,1407 ****
--- 1436,1440 ----
        PS(module_number) = module_number;
        REGISTER_INI_ENTRIES();
+       REGISTER_LONG_CONSTANT("SESS_READ_ONLY", SESS_READONLY, CONST_CS);
        return SUCCESS;
  }






Previous Comments:
---------------------------------------------------------------------------

[2001-01-29 06:21:31] Maxim Derkachev <[EMAIL PROTECTED]>
Just faced the fact that the possibility to call session 'readonly' 
should be added. 
For example, when somebody calls a framed pages where all 
frames are php scripts that needs session variables. But in this 
case only one of them should be allowed to write session state, 
because every frame would write session state in an unpredictable order, 
and variables registered/changed in one frame could be overwritten 
by other frames, and that would definitely break an application. 
I suggest session_start could take an optional READONLY flag to 
disable write of the session data during the page shutdown.
The idea is similar to call page_close() on only one frame in a framed page in 
PHPLib-based applications.

---------------------------------------------------------------------------


Full Bug description available at: http://bugs.php.net/?id=8978


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to