|
Revision tags: PHP_5_0_dev_before_13561_fix, PHP_4_3_before_13561_fix |
|
| #
db8b4c67 |
| 16-Jan-2003 |
Sascha Schumann |
Add INI setting session.hash_bits_per_character which enables developers
to choose how session ids are represented, regardless of the hash algorithm.
|
| #
f2f1f94e |
| 12-Jan-2003 |
Sascha Schumann |
add INI setting session.hash_function
add support for creating session ids using SHA-1
source more entropy for session ids
|
| #
b506f5c8 |
| 31-Dec-2002 |
Sebastian Bergmann |
Bump year.
|
|
Revision tags: php-4.3.0, php-4.3.0RC4, RELEASE_1_0b3, php-4.3.0RC3, php-4.3.0RC2, RELEASE_1_0b2, BEFORE_RENAMING, php-4.3.0RC1, php-4.3.0pre2, RELEASE_1_0b1, php-4.3.0pre1 |
|
| #
13f5db1b |
| 03-Oct-2002 |
Sascha Schumann |
Make the interpretation of gc_probability configurable by adding
session.gc_dividend. The probability of running gc on each request is then
gc_probability/gc_dividend.
|
| #
b9077e5a |
| 03-Oct-2002 |
Sascha Schumann |
Nuke PS(vars), we keep the state of registered session variables now
completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes
Nuke PS(vars), we keep the state of registered session variables now
completely in PS(http_session_vars). This avoids bugs which are caused
by a lack of synchronization between the two hashes. We also don't need
to worry about prioritizing one of them.
Add session.bug_compat_42 and session.bug_compat_warn which are enabled
by default. The logic behind bug_compat_42:
IF bug_compat_42 is on, and
IF register_globals is off, and
IF any value of $_SESSION["key"] is NULL, and
IF there is a global variable $key, then
$_SESSION["key"] is set to $key.
The extension emits this warning once per script, unless told otherwise.
"Your script possibly relies on a session side-effect which existed until
PHP 4.2.3. Please be advised that the session extension does not consider
global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting
session.bug_compat_42 or session.bug_compat_warn.
show more ...
|
|
Revision tags: MODERN_SYMMETRIC_SESSION_BEHAVIOUR_20021003 |
|
| #
856cd5e1 |
| 01-Oct-2002 |
Sascha Schumann |
The session extension ensures now that get_session_var can rely
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.
This was
The session extension ensures now that get_session_var can rely
on the state of $_SESSION/$HTTP_SESSION_VARS. It does not look up
symbols in the global symbol table anymore.
This was achieved by actually planting references between every
$_SESSION["x"] and $x, not only when restoring a session, but also
when registering a session variable (in a register_globals=1 context).
Upon registering a new variable, this memory leak continues to show
up, regardless of register_globals.
ext/session/session.c(272) : Freeing 0x0818F01C (12 bytes), script=test
Obviously, the newly allocated empty zval is not properly freed. If anyone
has any idea on how to fix that, please step forward.
show more ...
|
|
Revision tags: RELEASE_0_91, php-4.3.0dev_zend2_alpha3, php-4.2.3, php-4.2.3RC2, php-4.2.3RC1 |
|
| #
900651b7 |
| 15-Aug-2002 |
Zeev Suraski |
Make unset($_SESSION['foo']) actually remove the variable from the session,
if register_globals is off.
|
|
Revision tags: dev, php-4.2.2, INITIAL_IMPORT_SOURCEFORGE, xmlrpc_epi_0_51_merge_pt, php-4.3.0dev_zend2_alpha2, php-4.3.0dev, php5_5_0 |
|
| #
dcf67c44 |
| 12-Jun-2002 |
Sascha Schumann |
This option enables administrators to make their users invulnerable to
attacks which involve passing session ids in URLs.
|
|
Revision tags: RELEASE_0_90, php-4.3.0dev_zend2_alpha1, BEFORE_OBJECTS_STORE, SAFEGUARD_3_0_BETA1_RC1_26062002, RELEASE_0_11, NEW_UI_API_BP, RELEASE_0_10, RELEASE_0_4, php-4.3.0dev-ZendEngine2, php-4.3.0dev-ZendEngine2-Preview1, php-4.2.1, php-4.2.1RC2 |
|
| #
23251ebd |
| 05-May-2002 |
Thies C. Arntzen |
re-add accidentily nuked session_adapt_url()
|
| #
9712a4b3 |
| 03-May-2002 |
Thies C. Arntzen |
@ - Added output_add_rewrite_var() and output_remove_rewrite_var() to inject
@ and remove variables from the URL-Rewriter. (thies)
i have also modified the session module to use this - so i
@ - Added output_add_rewrite_var() and output_remove_rewrite_var() to inject
@ and remove variables from the URL-Rewriter. (thies)
i have also modified the session module to use this - so it doesn't
need to fiddle with the output-system any more
show more ...
|
|
Revision tags: php-4.2.1RC1 |
|
| #
42158ef7 |
| 28-Apr-2002 |
Thies C. Arntzen |
revert session_set_userdata - diffent patch will come shortly
|
| #
eb105693 |
| 27-Apr-2002 |
Thies C. Arntzen |
@ - added session_set_userdata() which enables you to specify one variable
@ that will be kept in the browser in addition to the session-id. This
@ only works when using trans-sid session
@ - added session_set_userdata() which enables you to specify one variable
@ that will be kept in the browser in addition to the session-id. This
@ only works when using trans-sid sessions (no cookie). (thies)
show more ...
|
|
Revision tags: php-4.2.0, php-4.2.0RC4, php-4.2.0RC3, php-4.2.0RC2 |
|
| #
3a3acee3 |
| 30-Mar-2002 |
Sascha Schumann |
- Proper use of underscores (s/createsid/create_sid/)
- Bump the API date and remove extra cpp macro
- Pass TSRMLS appropiately to the create_sid function
|
| #
346d74a1 |
| 29-Mar-2002 |
Mark L. Woodward |
Added field to ps_module structure to hold function pointer for the creation
of the session ID string. Default PS_MOD() macro sets this to be the default
creation routine. PS_MOD_SID() macro
Added field to ps_module structure to hold function pointer for the creation
of the session ID string. Default PS_MOD() macro sets this to be the default
creation routine. PS_MOD_SID() macro sets this to a handlers session ID
creation routine.
show more ...
|
|
Revision tags: php-4.2.0RC1, help |
|
| #
8141c776 |
| 06-Mar-2002 |
Sascha Schumann |
Merge in session API changes (carry around tsrm context)
Now PHP_SESSION_API is defined to the date of the last change,
so that externa source-code can handle changes more gracefully.
|
| #
ca59cb7c |
| 06-Mar-2002 |
Sascha Schumann |
Weep out all recent commits of Yasuo.
I don't have time right now to leave in the good ones and remove
only the bad ones.
There are some semantical changes which I reject, becau
Weep out all recent commits of Yasuo.
I don't have time right now to leave in the good ones and remove
only the bad ones.
There are some semantical changes which I reject, because
they aim at fixing a bug which is at a completely other location.
Then SID does not gefined anymore properly. (This broken patch
has not been sent to me at all.)
Also, there were *so* many whitespace changes which already
make these commits bogus.
show more ...
|
| #
782462a4 |
| 06-Mar-2002 |
Yasuo Ohgaki |
More TSRM work
|
| #
90613d22 |
| 28-Feb-2002 |
Sebastian Bergmann |
Maintain headers.
|
|
Revision tags: php-4.1.2 |
|
| #
ed6d751c |
| 07-Feb-2002 |
Sterling Hughes |
move to the ZEND_DECLARE_MODULE_GLOBALS() and ZEND_EXTERN_MODULE_GLOBALS
macros
|
| #
86f123ba |
| 05-Feb-2002 |
foobar |
Export php_session_start().
|
|
Revision tags: BEFORE_NEW_OBJECT_MODEL, PRE_ISSET_PATCH |
|
| #
847fd9d5 |
| 16-Jan-2002 |
Yasuo Ohgaki |
Export php_session_register_module/serializer.
|
|
Revision tags: php-4.1.1, PRE_FUNC_RETURNS_OBJECT_PATCH, ChangeLog |
|
| #
38933514 |
| 11-Dec-2001 |
Sebastian Bergmann |
Update headers.
|
|
Revision tags: php-4.1.0 |
|
| #
a702dc02 |
| 06-Dec-2001 |
Zeev Suraski |
Fix session_unregister()
|
| #
2258453b |
| 06-Dec-2001 |
Zeev Suraski |
Remove PS_DEL_VAR macro, always use PS_DEL_VARL()
|
|
Revision tags: php-4.1.0RC5, php-4.1.0RC4, php-4.1.0RC3 |
|
| #
8dd296dd |
| 18-Nov-2001 |
Doug MacEachern |
AIX compiler doesn't like having a comma at the end of the enum
(Ryan Bloom <rbb@apache.org>)
|
