1--TEST-- 2Bug #73529 session_decode() silently fails on wrong input 3--SKIPIF-- 4<?php include('skipif.inc'); ?> 5--FILE-- 6<?php 7ob_start(); 8 9ini_set("session.serialize_handler", "php_serialize"); 10session_start(); 11 12$result1 = session_decode('foo|s:3:"bar";'); 13$session1 = $_SESSION; 14session_destroy(); 15 16ini_set("session.serialize_handler", "php"); 17session_start(); 18 19$result2 = session_decode(serialize(["foo" => "bar"])); 20$session2 = $_SESSION; 21session_destroy(); 22 23echo ob_get_clean(); 24 25var_dump($result1); 26var_dump($session1); 27var_dump($result2); 28var_dump($session2); 29 30?> 31--EXPECTF-- 32Warning: session_decode(): Failed to decode session object. Session has been destroyed in %s on line %d 33 34Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d 35 36Warning: session_decode(): Failed to decode session object. Session has been destroyed in %s on line %d 37 38Warning: session_destroy(): Trying to destroy uninitialized session in %s on line %d 39bool(false) 40array(0) { 41} 42bool(false) 43array(0) { 44} 45
