summaryrefslogtreecommitdiff
path: root/ext/session/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/session/session.c')
-rw-r--r--ext/session/session.c20
1 files changed, 17 insertions, 3 deletions
diff --git a/ext/session/session.c b/ext/session/session.c
index 87f209dd6..37e56fd36 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: session.c,v 1.391.2.11 2005/03/24 00:17:53 tony2001 Exp $ */
+/* $Id: session.c,v 1.391.2.14 2005/05/22 12:57:45 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -131,13 +131,27 @@ static PHP_INI_MH(OnUpdateSerializer)
return SUCCESS;
}
+static PHP_INI_MH(OnUpdateSaveDir) {
+ /* Only do the safemode/open_basedir check at runtime */
+ if(stage == PHP_INI_STAGE_RUNTIME) {
+ if (PG(safe_mode) && (!php_checkuid(new_value, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+ return FAILURE;
+ }
+
+ if (php_check_open_basedir(new_value TSRMLS_CC)) {
+ return FAILURE;
+ }
+ }
+ OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);
+ return SUCCESS;
+}
/* {{{ PHP_INI
*/
PHP_INI_BEGIN()
STD_PHP_INI_BOOLEAN("session.bug_compat_42", "1", PHP_INI_ALL, OnUpdateBool, bug_compat, php_ps_globals, ps_globals)
STD_PHP_INI_BOOLEAN("session.bug_compat_warn", "1", PHP_INI_ALL, OnUpdateBool, bug_compat_warn, php_ps_globals, ps_globals)
- STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateString, save_path, php_ps_globals, ps_globals)
+ STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateSaveDir,save_path, php_ps_globals, ps_globals)
STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateString, session_name, php_ps_globals, ps_globals)
PHP_INI_ENTRY("session.save_handler", "files", PHP_INI_ALL, OnUpdateSaveHandler)
STD_PHP_INI_BOOLEAN("session.auto_start", "0", PHP_INI_ALL, OnUpdateBool, auto_start, php_ps_globals, ps_globals)
@@ -1134,7 +1148,7 @@ PHPAPI void php_session_start(TSRMLS_D)
*/
if (!PS(id)) {
- if (zend_hash_find(&EG(symbol_table), "_COOKIE",
+ if (PS(use_cookies) && zend_hash_find(&EG(symbol_table), "_COOKIE",
sizeof("_COOKIE"), (void **) &data) == SUCCESS &&
Z_TYPE_PP(data) == IS_ARRAY &&
zend_hash_find(Z_ARRVAL_PP(data), PS(session_name),
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-16 14:33:51 +0000