|
Revision tags: php-4.4.5RC1, php-5.2.1RC2 |
|
| #
4223aa4d |
| 01-Jan-2007 |
Sebastian Bergmann |
MFH: Bump year.
|
| #
ba645539 |
| 31-Dec-2006 |
Ilia Alshanetsky |
Added boundary checks to php_binary deserializer
|
| #
ffd41a50 |
| 26-Dec-2006 |
Ilia Alshanetsky |
Session deserializer protection.
|
| #
7d2142a5 |
| 20-Dec-2006 |
Antony Dovgal |
protect _SESSION, HTTP_SESSION_VARS and GLOBALS
maintain an internal reference of _SESSION, so that it won't be possible to destroy it from userspace
|
|
Revision tags: php-5.2.1RC1 |
|
| #
bcf457d8 |
| 04-Dec-2006 |
Antony Dovgal |
MFH: fix retval type
|
| #
35f78f22 |
| 04-Dec-2006 |
Ilia Alshanetsky |
Fixed bug #37627 (session save_path check checks the parent directory).
|
| #
5f3e233e |
| 01-Dec-2006 |
Ilia Alshanetsky |
Disallow \0 chars inside session.save_path
|
| #
050f94f7 |
| 03-Nov-2006 |
Hannes Magnusson |
MFH: Fix double "wron param count" messages
|
|
Revision tags: php-5.2.0, php-5.2.0RC6 |
|
| #
b1d8f7e0 |
| 06-Oct-2006 |
Ilia Alshanetsky |
Expose session storage module locater and serialization function via PHPAPI
|
|
Revision tags: php-5.2.0RC5 |
|
| #
154f70ac |
| 01-Oct-2006 |
Ilia Alshanetsky |
Fixed bug #38993 (Fixed safe_mode/open_basedir checks for
session.save_path, allowing them to account for extra parameters).
|
|
Revision tags: php-5.2.0RC4, php-5.2.0RC3 |
|
| #
b6ced951 |
| 30-Aug-2006 |
Antony Dovgal |
change ini handlers to produce E_ERROR if they are called during startup
|
| #
f8fd45a7 |
| 30-Aug-2006 |
Antony Dovgal |
MFH: change E_ERROR to E_WARNING when invalid argument has been passed
make sure ini_set() doesn't reset PS(mod) and PS(serializer) to invalid values
|
|
Revision tags: php-5.1.6, php-5.2.0RC2, php-5.1.5, php-4.4.4, php-4.4.4RC1, php-5.1.5RC1 |
|
| #
7dfae526 |
| 10-Aug-2006 |
Ilia Alshanetsky |
Fixed proto
|
| #
e5fe441c |
| 10-Aug-2006 |
Ilia Alshanetsky |
Added support for httpOnly flag for session extension and cookie setting
functions.
# Original patch by Scott MacVicar
|
| #
0c4ef446 |
| 02-Aug-2006 |
Antony Dovgal |
MFH: fix #38289 (segfault in session_decode() when _SESSION is NULL)
|
| #
52e6ede0 |
| 01-Aug-2006 |
Antony Dovgal |
MFH: fix #38278 (session_cache_expire()'s value does not match phpinfo's session.cache_expire)
|
|
Revision tags: php-4.4.3 |
|
| #
96324fb6 |
| 27-Jul-2006 |
Ilia Alshanetsky |
An improved fix for bug #38224
|
| #
bcc8854e |
| 27-Jul-2006 |
Ilia Alshanetsky |
make C++ compilers happy
|
| #
dcb4b314 |
| 27-Jul-2006 |
Ilia Alshanetsky |
removed debug code
|
| #
e5a11823 |
| 27-Jul-2006 |
Ilia Alshanetsky |
Fixed bug #38224 (session extension can't handle broken cookies).
|
|
Revision tags: php-5.2.0RC1 |
|
| #
1784db80 |
| 13-Jul-2006 |
Ilia Alshanetsky |
Fixed compiler warnings.
|
| #
33dbaff1 |
| 12-Jul-2006 |
Michael Wallner |
MFH: add note why replace is 0, so that I don't wonder again in 2 months
why session_regenerate_id() sends the session cookie twice
|
|
Revision tags: php-4.4.3RC2 |
|
| #
1dbaae27 |
| 15-Jun-2006 |
Dmitry Stogov |
Added automatic module globals management
|
|
Revision tags: BEFORE_NEW_OUTPUT_API, php-4.4.3RC1 |
|
| #
aa0172a4 |
| 18-May-2006 |
Marcus Boerger |
- MFH Fix bug #37510 session_regenerate_id changes session_id() even on failure
|
|
Revision tags: php-5.1.4, RELEASE_1_0_3, php-5.1.3, php-5.1.2, RELEASE_1_3, php-5.1.3RC3, php-5.1.3RC2, php-5.1.3RC1, RELEASE_1_2 |
|
| #
6cc9f92d |
| 10-Feb-2006 |
Rasmus Lerdorf |
(Missing patch from the PHP 4 tree that got lost in the shuffle)
See: http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.39&r2=1.336.2.40
- fix logic. if the client alre
(Missing patch from the PHP 4 tree that got lost in the shuffle)
See: http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.39&r2=1.336.2.40
- fix logic. if the client already sent us the cookie, we don't
need to send it again. if the id has been changed, we need to
update the client side.
show more ...
|
