- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
+- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
+ on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl
version 7.10.1). (aron dot ujvari at microsec dot hu)
int nrand;
int lensess;
- PS(apply_trans_sid) = PS(use_trans_sid);
+ if (PS(use_only_cookies)) {
+ PS(apply_trans_sid) = 0;
+ } else {
+ PS(apply_trans_sid) = PS(use_trans_sid);
+ }
switch (PS(session_status)) {
case php_session_active:
efree(PS(id));
PS(id) = NULL;
PS(send_cookie) = 1;
- if (PS(use_trans_sid)) {
+ if (PS(use_trans_sid) && !PS(use_only_cookies)) {
PS(apply_trans_sid) = 1;
}
}
php_session_initialize(TSRMLS_C);
if (!PS(use_cookies) && PS(send_cookie)) {
- if (PS(use_trans_sid)) {
+ if (PS(use_trans_sid) && !PS(use_only_cookies)) {
PS(apply_trans_sid) = 1;
}
PS(send_cookie) = 0;
projects / php / commitdiff