From: Ilia Alshanetsky <iliaa@php.net>
Date: Thu, 27 Jul 2006 14:00:27 +0000 (+0000)
Subject: MFB: Fixed bug #38224 (session extension can't handle broken cookies).
X-Git-Tag: RELEASE_1_0_0RC1~2199
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=acbb531a1212b3008360685c506a42e9ba57c29c;p=php

MFB: Fixed bug #38224 (session extension can't handle broken cookies).
---

diff --git a/ext/session/session.c b/ext/session/session.c
index 1d910b8df5..b986570749 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -653,6 +653,7 @@ static void php_session_initialize(TSRMLS_D)
 {
 	char *val;
 	int vallen;
+	zend_bool new = 0;
 
 	/* check session name for invalid characters */
 	if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
@@ -672,8 +673,15 @@ static void php_session_initialize(TSRMLS_D)
 	}
 	
 	/* If there is no ID, use session module to create one */
-	if (!PS(id))
+	if (!PS(id)) {
+new_session:
 		PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
+php_error_docref(NULL TSRMLS_CC, E_WARNING, "Making a new session %s.", PS(id));
+		if (PS(use_cookies)) {
+			PS(send_cookie) = 1;
+		}
+		new = 1;
+	}
 	
 	/* Read data */
 	/* Question: if you create a SID here, should you also try to read data?
@@ -685,6 +693,8 @@ static void php_session_initialize(TSRMLS_D)
 	if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == SUCCESS) {
 		php_session_decode(val, vallen TSRMLS_CC);
 		efree(val);
+	} else if (!new) {
+		goto new_session;
 	}
 }