From: Ilia Alshanetsky Date: Mon, 22 Mar 2010 12:16:45 +0000 (+0000) Subject: Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). X-Git-Tag: php-5.3.3RC1~377 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=995d15ebcc02c5b14496553ffe3957d8436eea0a;p=php Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). --- diff --git a/NEWS b/NEWS index 3fb71d08b0..d432332a26 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,8 @@ PHP NEWS - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) +- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is + on). (Ilia, j dot jeising at gmail dot com) - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) - Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl version 7.10.1). (aron dot ujvari at microsec dot hu) diff --git a/ext/session/session.c b/ext/session/session.c index 0ef856c9bf..6456f68163 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1343,7 +1343,11 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ int nrand; int lensess; - PS(apply_trans_sid) = PS(use_trans_sid); + if (PS(use_only_cookies)) { + PS(apply_trans_sid) = 0; + } else { + PS(apply_trans_sid) = PS(use_trans_sid); + } switch (PS(session_status)) { case php_session_active: @@ -1445,7 +1449,7 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ efree(PS(id)); PS(id) = NULL; PS(send_cookie) = 1; - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } } @@ -1453,7 +1457,7 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ php_session_initialize(TSRMLS_C); if (!PS(use_cookies) && PS(send_cookie)) { - if (PS(use_trans_sid)) { + if (PS(use_trans_sid) && !PS(use_only_cookies)) { PS(apply_trans_sid) = 1; } PS(send_cookie) = 0;