Add warning for change session id when session is active

diff --git a/ext/session/session.c b/ext/session/session.c
index f359c1faf9294dda74cc1d3b51938aefb701ea97..84da1073f012e813ed03c753665112b467f5eb34 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2040,6 +2040,11 @@ static PHP_FUNCTION(session_id)
                RETURN_FALSE;
        }
 
+       if (name && PS(session_status) == php_session_active) {
+               php_error_docref(NULL, E_WARNING, "Cannot change session id when session is active");
+               RETURN_FALSE;
+       }
+
        if (PS(id)) {
                /* keep compatibility for "\0" characters ???
                 * see: ext/session/tests/session_id_error3.phpt */

diff --git a/ext/session/tests/session_id_error2.phpt b/ext/session/tests/session_id_error2.phpt
index 05284e797befa868f303187235448fc87037a354..0d256564b622208f35e9a24c56568b2acaed438f 100644 (file)
--- a/ext/session/tests/session_id_error2.phpt
+++ b/ext/session/tests/session_id_error2.phpt
@@ -7,20 +7,20 @@ Test session_id() function : error functionality
 
 ob_start();
 
-/* 
+/*
  * Prototype : string session_id([string $id])
  * Description : Get and/or set the current session id
- * Source code : ext/session/session.c 
+ * Source code : ext/session/session.c
  */
 
 echo "*** Testing session_id() : error functionality ***\n";
 
-var_dump(session_id());
-var_dump(session_start());
 var_dump(session_id("test"));
 var_dump(session_id());
 var_dump(session_id("1234567890"));
 var_dump(session_id());
+var_dump(session_start());
+var_dump(session_id("1234567890"));
 var_dump(session_destroy());
 var_dump(session_id());
 
@@ -30,12 +30,13 @@ ob_end_flush();
 --EXPECTF--
 *** Testing session_id() : error functionality ***
 string(0) ""
-bool(true)
-string(%d) "%s"
 string(4) "test"
 string(4) "test"
 string(10) "1234567890"
 bool(true)
+
+Warning: session_id(): Cannot change session id when session is active in %s on line %d
+bool(false)
+bool(true)
 string(0) ""
 Done
-

diff --git a/ext/session/tests/session_id_error3.phpt b/ext/session/tests/session_id_error3.phpt
index fc291389d9e2e0ae681f3d41e5233313691aa3a1..e6404eb70e53211db65c09e0f8a782bebd6c8f02 100644 (file)
--- a/ext/session/tests/session_id_error3.phpt
+++ b/ext/session/tests/session_id_error3.phpt
@@ -15,40 +15,40 @@ ob_start();
 
 echo "*** Testing session_id() : error functionality ***\n";
 
-@session_start();
 var_dump(session_id());
 var_dump(session_id("!"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
-@session_start();
 var_dump(session_id());
 var_dump(session_id("?><"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
-@session_start();
 var_dump(session_id());
-var_dump(session_id("£$%^&*()"));
+var_dump(session_id("\xa3$%^&*()"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
-@session_start();
 var_dump(session_id());
 var_dump(session_id("\r\n"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
-@session_start();
 var_dump(session_id());
 var_dump(session_id("\0"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
-@session_start();
 var_dump(session_id());
-var_dump(session_id("¬``@~:{>?><,./[]+--"));
+var_dump(session_id("\xac``@~:{>?><,./[]+--"));
 var_dump(session_id());
+@session_start();
 @session_destroy();
 
 echo "Done";
@@ -56,24 +56,24 @@ ob_end_flush();
 ?>
 --EXPECTF--
 *** Testing session_id() : error functionality ***
-string(%d) "%s"
-string(%d) "%s"
+string(0) ""
+string(0) ""
 string(1) "!"
-string(%d) "%s"
-string(%d) "%s"
+string(0) ""
+string(0) ""
 string(3) "?><"
-string(%d) "%s"
-string(%d) "%s"
+string(0) ""
+string(0) ""
 string(8) "£$%^&*()"
-string(%d) "%s"
-string(%d) "%s"
+string(0) ""
+string(0) ""
 string(2) "
 "
-string(%d) "%s"
-string(%d) "%s"
 string(0) ""
-string(%d) "%s"
-string(%d) "%s"
+string(0) ""
+string(0) ""
+string(0) ""
+string(0) ""
 string(19) "¬``@~:{>?><,./[]+--"
 Done