do not send cookie when session is passed in URL, same as it happens with GET/POST

author Stanislav Malyshev <stas@php.net>

Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)

committer Stanislav Malyshev <stas@php.net>

Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)
author Stanislav Malyshev <stas@php.net>
Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)
committer Stanislav Malyshev <stas@php.net>
Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)
diff --git a/ext/session/session.c b/ext/session/session.c

index cdb23ff2efa49479574d97e2f3d3623c7d8982c1..514817ed80283b65fa87d42058948bbb85ee1f46 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -1283,8 +1283,11 @@ PHPAPI void php_session_start(TSRMLS_D)
                 char *q;
  
                 p += lensess + 1;
-               if ((q = strpbrk(p, "/?\\")))
+               if ((q = strpbrk(p, "/?\\"))) {
                         PS(id) = estrndup(p, q - p);
+                       PS(send_cookie) = 0;
+               }
+
         }
  
         /* check whether the current request was referred to by
author	Stanislav Malyshev <stas@php.net>
	Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)
committer	Stanislav Malyshev <stas@php.net>
	Wed, 16 May 2007 01:18:14 +0000 (01:18 +0000)