From: Ilia Alshanetsky Date: Thu, 14 Aug 2003 01:32:02 +0000 (+0000) Subject: MFH: Fixed bug #25084 (Make refer check not dependant on register_globals) X-Git-Tag: php-4.3.3RC4~21 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=30c26df3489fe71b02f29ca310567ca2b0831204;p=php MFH: Fixed bug #25084 (Make refer check not dependant on register_globals) --- diff --git a/NEWS b/NEWS index e22d88addc..7fb9112983 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,7 @@ PHP 4 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Aug 2003, Version 4.3.3RC4 +- Fixed bug #25084 (Make refer check not dependant on register_globals). (Ilia) - Fixed bug #25044 (header("Location:") changing HTTP status). (Marcus) - Fixed bug #25037 (Possible infinite loop inside SendText()). (Ilia) - Fixed bug #25007 (rand() & mt_rand() seed RNG every call). (Jani) diff --git a/ext/session/session.c b/ext/session/session.c index 429c127e31..bd301104ea 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1014,8 +1014,8 @@ PHPAPI void php_session_start(TSRMLS_D) '=' to allow URLs of the form http://yoursite/=/script.php */ - if (!PS(use_only_cookies) && !PS(id) && - zend_hash_find(&EG(symbol_table), "REQUEST_URI", + if (!PS(use_only_cookies) && !PS(id) && PG(http_globals)[TRACK_VARS_SERVER] && + zend_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "REQUEST_URI", sizeof("REQUEST_URI"), (void **) &data) == SUCCESS && Z_TYPE_PP(data) == IS_STRING && (p = strstr(Z_STRVAL_PP(data), PS(session_name))) && @@ -1032,7 +1032,8 @@ PHPAPI void php_session_start(TSRMLS_D) if (PS(id) && PS(extern_referer_chk)[0] != '\0' && - zend_hash_find(&EG(symbol_table), "HTTP_REFERER", + PG(http_globals)[TRACK_VARS_SERVER] && + zend_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "HTTP_REFERER", sizeof("HTTP_REFERER"), (void **) &data) == SUCCESS && Z_TYPE_PP(data) == IS_STRING && Z_STRLEN_PP(data) != 0 &&