summaryrefslogtreecommitdiff
path: root/ext/session/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/session/session.c')
-rw-r--r--ext/session/session.c31
1 files changed, 7 insertions, 24 deletions
diff --git a/ext/session/session.c b/ext/session/session.c
index d440e6fdd..dfe5a4db5 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -2,7 +2,7 @@
+----------------------------------------------------------------------+
| PHP Version 5 |
+----------------------------------------------------------------------+
- | Copyright (c) 1997-2014 The PHP Group |
+ | Copyright (c) 1997-2015 The PHP Group |
+----------------------------------------------------------------------+
| This source file is subject to version 3.01 of the PHP license, |
| that is bundled with this package in the file LICENSE, and is |
@@ -514,17 +514,8 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */
PS(session_status) = php_session_active;
}
if (val) {
- PHP_MD5_CTX context;
-
- /* Store read data's MD5 hash */
- PHP_MD5Init(&context);
- PHP_MD5Update(&context, val, vallen);
- PHP_MD5Final(PS(session_data_hash), &context);
-
php_session_decode(val, vallen TSRMLS_CC);
str_efree(val);
- } else {
- memset(PS(session_data_hash),'\0', 16);
}
if (!PS(use_cookies) && PS(send_cookie)) {
@@ -547,19 +538,7 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */
val = php_session_encode(&vallen TSRMLS_CC);
if (val) {
- PHP_MD5_CTX context;
- unsigned char digest[16];
-
- /* Generate data's MD5 hash */
- PHP_MD5Init(&context);
- PHP_MD5Update(&context, val, vallen);
- PHP_MD5Final(digest, &context);
- /* Write only when save is required */
- if (memcmp(digest, PS(session_data_hash), 16)) {
- ret = PS(mod)->s_write(&PS(mod_data), PS(id), val, vallen TSRMLS_CC);
- } else {
- ret = SUCCESS;
- }
+ ret = PS(mod)->s_write(&PS(mod_data), PS(id), val, vallen TSRMLS_CC);
efree(val);
} else {
ret = PS(mod)->s_write(&PS(mod_data), PS(id), "", 0 TSRMLS_CC);
@@ -1994,7 +1973,6 @@ static PHP_FUNCTION(session_regenerate_id)
RETURN_FALSE;
}
efree(PS(id));
- memset(PS(session_data_hash),'\0', 16);
}
PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
@@ -2095,6 +2073,11 @@ static PHP_FUNCTION(session_decode)
static PHP_FUNCTION(session_start)
{
/* skipping check for non-zero args for performance reasons here ?*/
+ if (PS(id) && !strlen(PS(id))) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot start session with empty session ID");
+ RETURN_FALSE;
+ }
+
php_session_start(TSRMLS_C);
if (PS(session_status) != php_session_active) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-28 03:49:44 +0000