From 6467a4eb367fd1174fbed79f014772321f68e8bc Mon Sep 17 00:00:00 2001 From: Yasuo Ohgaki Date: Thu, 7 Apr 2016 10:25:35 +0900 Subject: [PATCH] Fixed Bug #71974 Trans sid will always be send, even if cookies are available --- NEWS | 4 ++++ ext/session/session.c | 23 +++++++++++++++-------- ext/session/tests/bug71974.phpt | 23 +++++++++++++++++++++++ 3 files changed, 42 insertions(+), 8 deletions(-) create mode 100644 ext/session/tests/bug71974.phpt diff --git a/NEWS b/NEWS index 56e81c9d92..959f3eb625 100644 --- a/NEWS +++ b/NEWS @@ -63,6 +63,10 @@ PHP NEWS . Fixed bug #71820 (pg_fetch_object binds parameters before call constructor). (Anatol) +- Session: + . Fixed bug #71974 (Trans sid will always be send, even if cookies are + available). (Yasuo) + - SPL: . Fixed bug #71838 (Deserializing serialized SPLObjectStorage-Object can't access properties in PHP). (Nikita) diff --git a/ext/session/session.c b/ext/session/session.c index 238ae877f8..e745b96867 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1483,7 +1483,7 @@ static void ppid2sid(zval *ppid) { PHPAPI void php_session_reset_id(void) /* {{{ */ { int module_number = PS(module_number); - zval *sid; + zval *sid, *data, *ppid; if (!PS(id)) { php_error_docref(NULL, E_WARNING, "Cannot set session ID - session ID is not initialized"); @@ -1523,13 +1523,20 @@ PHPAPI void php_session_reset_id(void) /* {{{ */ } } - if (APPLY_TRANS_SID) { - /* FIXME: Resetting vars are required when - session is stop/start/regenerated. However, - php_url_scanner_reset_vars() resets all vars - including other URL rewrites set by elsewhere. */ - /* php_url_scanner_reset_vars(); */ - php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1); + /* Apply trans sid if sid cookie is not set */ + if (APPLY_TRANS_SID + && (data = zend_hash_str_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE") - 1))) { + ZVAL_DEREF(data); + if (Z_TYPE_P(data) == IS_ARRAY && (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), strlen(PS(session_name))))) { + ZVAL_DEREF(ppid); + } else { + /* FIXME: Resetting vars are required when + session is stop/start/regenerated. However, + php_url_scanner_reset_vars() resets all vars + including other URL rewrites set by elsewhere. */ + /* php_url_scanner_reset_vars(); */ + php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1); + } } } /* }}} */ diff --git a/ext/session/tests/bug71974.phpt b/ext/session/tests/bug71974.phpt new file mode 100644 index 0000000000..b692bce2c5 --- /dev/null +++ b/ext/session/tests/bug71974.phpt @@ -0,0 +1,23 @@ +--TEST-- +Bug #71974 Trans sid will always be send, even if cookies are available +--SKIPIF-- + +--INI-- +session.save_handler=files +session.auto_start=0 +session.use_cookies=1 +session.use_only_cookies=0 +session.use_trans_sid=1 +session.use_strict_mode=0 +--COOKIE-- +PHPSESSID=1234567890123456789012345678901234567890 +--FILE-- + +abc +--EXPECTF-- +abc + + -- 2.50.1