From: Yasuo Ohgaki <yohgaki@php.net>
Date: Wed, 15 Jan 2014 02:03:07 +0000 (+0900)
Subject: Fixed session module is sending multiple set-cookie headers when session.use_strict_m... 
X-Git-Tag: php-5.6.0alpha1~30^2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f52c251f60c8c6d1bd01f3d87d69ed45f7a1bfa4;p=php

Fixed session module is sending multiple set-cookie headers when session.use_strict_mode=1
---

diff --git a/NEWS b/NEWS
index ae9bd7259b..5564c07e2d 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,10 @@ PHP                                                                        NEWS
   . Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style 
     ^M as lineend). (Laruence)
 
+- Session
+  . Fixed session module is sending multiple set-cookie headers when
+    session.use_strict_mode=1 (Yasuo)
+
 - Standard
   . Fixed bug #66395 (basename function doesn't remove drive letter). (Anatol)
 
diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index c365760eb7..4d5a18b36b 100644
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -342,6 +342,7 @@ PS_READ_FUNC(files)
 			PS(send_cookie) = 1;
 		}
 		php_session_reset_id(TSRMLS_C);
+		PS(session_status) = php_session_active;
 	}
 
 	ps_files_open(data, PS(id) TSRMLS_CC);
diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c
index 41df247e74..319f1d3c79 100644
--- a/ext/session/mod_mm.c
+++ b/ext/session/mod_mm.c
@@ -371,6 +371,7 @@ PS_READ_FUNC(mm)
 			PS(send_cookie) = 1;
 		}
 		php_session_reset_id(TSRMLS_C);
+		PS(session_status) = php_session_active;
 	}
 
 	sd = ps_sd_lookup(data, PS(id), 0);
diff --git a/ext/session/session.c b/ext/session/session.c
index c579f1b83b..c1bdf83633 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -492,18 +492,26 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */
 		}
 	}
 
-	php_session_reset_id(TSRMLS_C);
-	PS(session_status) = php_session_active;
+	/* Set session ID for compatibility for older/3rd party save handlers */
+	if (!PS(use_strict_mode)) {
+		php_session_reset_id(TSRMLS_C);
+		PS(session_status) = php_session_active;
+	}
 
 	/* Read data */
 	php_session_track_init(TSRMLS_C);
 	if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == FAILURE) {
 		/* Some broken save handler implementation returns FAILURE for non-existent session ID */
-		/* It's better to rase error for this, but disabled error for better compatibility */
+		/* It's better to raise error for this, but disabled error for better compatibility */
 		/*
 		php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
 		*/
 	}
+	/* Set session ID if session read didn't activated session */
+	if (PS(use_strict_mode) && PS(session_status) != php_session_active) {
+		php_session_reset_id(TSRMLS_C);
+		PS(session_status) = php_session_active;
+	}
 	if (val) {
 		php_session_decode(val, vallen TSRMLS_CC);
 		efree(val);