From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 13 Apr 2004 18:23:10 +0000 (+0000)
Subject: MFH: Fixed bug #27963 (Session lifetime setting may leak between requests).
X-Git-Tag: php-4.3.6~3
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c6af3e463a2d8263ac7ec771f9de2bc37919f36c;p=php

MFH: Fixed bug #27963 (Session lifetime setting may leak between requests).
---

diff --git a/NEWS b/NEWS
index 8a1b719bb5..68f6caf514 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,7 @@ PHP 4                                                                      NEWS
 - Fixed a bug that prevented building of the GD extension against external GD
   lib 1.X. (Ilia, Edin, Nick Talbott).
 - Synchronized bundled GD library with GD 2.0.22. (Ilia)
+- Fixed bug #27963 (Session lifetime setting may leak between requests). (Ilia)
 - Fixed bug #27849 (configure craps out on trivial syntax error). (Derick)
 - Fixed bug #27822 (is_resource() returns TRUE for closed resources). (Derick)
 - Fixed bug #27819 (problems returning reference to a reference parameter).
diff --git a/ext/session/session.c b/ext/session/session.c
index 01b6e79730..c44995969d 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -1110,8 +1110,8 @@ PHP_FUNCTION(session_set_cookie_params)
 		zend_get_parameters_ex(ZEND_NUM_ARGS(), &lifetime, &path, &domain, &secure) == FAILURE)
 		WRONG_PARAM_COUNT;
 
-	convert_to_long_ex(lifetime);
-	PS(cookie_lifetime) = Z_LVAL_PP(lifetime);
+	convert_to_string_ex(lifetime);
+	zend_alter_ini_entry("session.cookie_lifetime", sizeof("session.cookie_lifetime"), Z_STRVAL_PP(lifetime), Z_STRLEN_PP(lifetime), PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
 
 	if (ZEND_NUM_ARGS() > 1) {
 		convert_to_string_ex(path);
@@ -1174,32 +1174,28 @@ PHP_FUNCTION(session_module_name)
 {
 	zval **p_name;
 	int ac = ZEND_NUM_ARGS();
-	char *old;
 
 	if (ac < 0 || ac > 1 || zend_get_parameters_ex(ac, &p_name) == FAILURE)
 		WRONG_PARAM_COUNT;
-	
-	old = safe_estrdup(PS(mod)->s_name);
 
 	if (ac == 1) {
-		ps_module *tempmod;
-
 		convert_to_string_ex(p_name);
-		tempmod = _php_find_ps_module(Z_STRVAL_PP(p_name) TSRMLS_CC);
-		if (tempmod) {
-			if (PS(mod_data))
-				PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
-			PS(mod) = tempmod;
-			PS(mod_data) = NULL;
-		} else {
-			efree(old);
+		if (!_php_find_ps_module(Z_STRVAL_PP(p_name) TSRMLS_CC)) {
 			php_error_docref(NULL TSRMLS_CC, E_ERROR, "Cannot find named PHP session module (%s)",
 					Z_STRVAL_PP(p_name));
 			RETURN_FALSE;
 		}
-	}
+		if (PS(mod_data)) {
+			PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
+		}
+		PS(mod_data) = NULL;
 
-	RETVAL_STRING(old, 0);
+		RETVAL_STRING(safe_estrdup(PS(mod)->s_name), 0);
+
+		zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name), PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
+	} else {
+		RETURN_STRING(safe_estrdup(PS(mod)->s_name), 0);
+	}
 }
 /* }}} */