- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
+- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
+ on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
int nrand;
int lensess;
- PS(apply_trans_sid) = PS(use_trans_sid);
+ if (PS(use_only_cookies)) {
+ PS(apply_trans_sid) = 0;
+ } else {
+ PS(apply_trans_sid) = PS(use_trans_sid);
+ }
switch (PS(session_status)) {
case php_session_active:
efree(PS(id));
PS(id) = NULL;
PS(send_cookie) = 1;
- if (PS(use_trans_sid)) {
+ if (PS(use_trans_sid) && !PS(use_only_cookies)) {
PS(apply_trans_sid) = 1;
}
}
php_session_initialize(TSRMLS_C);
if (!PS(use_cookies) && PS(send_cookie)) {
- if (PS(use_trans_sid)) {
+ if (PS(use_trans_sid) && !PS(use_only_cookies)) {
PS(apply_trans_sid) = 1;
}
PS(send_cookie) = 0;
projects / php / commitdiff