From: Yasuo Ohgaki <yohgaki@php.net>
Date: Wed, 15 Jan 2014 02:07:10 +0000 (+0900)
Subject: Merge branch 'PHP-5.5' into PHP-5.6
X-Git-Tag: php-5.6.0alpha1~30
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=167eaedcbdb494c87c4f83d2897a9fdb614e7062;p=php

Merge branch 'PHP-5.5' into PHP-5.6

* PHP-5.5:
  Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1
---

167eaedcbdb494c87c4f83d2897a9fdb614e7062
diff --cc ext/session/session.c
index 7a5254f8a9,c1bdf83633..cffdabb7b7
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@@ -504,18 -507,14 +507,23 @@@ static void php_session_initialize(TSRM
  		php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
  		*/
  	}
+ 	/* Set session ID if session read didn't activated session */
+ 	if (PS(use_strict_mode) && PS(session_status) != php_session_active) {
+ 		php_session_reset_id(TSRMLS_C);
+ 		PS(session_status) = php_session_active;
+ 	}
  	if (val) {
 +		PHP_MD5_CTX context;
 +
 +		/* Store read data's MD5 hash */
 +		PHP_MD5Init(&context);
 +		PHP_MD5Update(&context, val, vallen);
 +		PHP_MD5Final(PS(session_data_hash), &context);
 +
  		php_session_decode(val, vallen TSRMLS_CC);
 -		efree(val);
 +		str_efree(val);
 +	} else {
 +		memset(PS(session_data_hash),'\0', 16);
  	}
  
  	if (!PS(use_cookies) && PS(send_cookie)) {