diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c index 87bcb7e3690fc..60c6bfc1bd4c7 100644 --- a/ext/session/mod_files.c +++ b/ext/session/mod_files.c @@ -103,7 +103,6 @@ const ps_module ps_mod_files = { PS_MOD_UPDATE_TIMESTAMP(files) }; - static char *ps_files_path_create(char *buf, size_t buflen, ps_files *data, const zend_string *key) { const char *p; @@ -153,7 +152,7 @@ static void ps_files_open(ps_files *data, /* const */ zend_string *key) { char buf[MAXPATHLEN]; #if !defined(O_NOFOLLOW) || !defined(PHP_WIN32) - struct stat sbuf = {0}; + struct stat sbuf = {0}; #endif int ret; @@ -183,7 +182,7 @@ static void ps_files_open(ps_files *data, /* const */ zend_string *key) #else /* Check to make sure that the opened file is not outside of allowable dirs. This is not 100% safe but it's hard to do something better without O_NOFOLLOW */ - if(PG(open_basedir) && lstat(buf, &sbuf) == 0 && S_ISLNK(sbuf.st_mode) && php_check_open_basedir(buf)) { + if (PG(open_basedir) && lstat(buf, &sbuf) == 0 && S_ISLNK(sbuf.st_mode) && php_check_open_basedir(buf)) { return; } data->fd = VCWD_OPEN_MODE(buf, O_CREAT | O_RDWR | O_BINARY, data->filemode); @@ -230,7 +229,7 @@ static zend_result ps_files_write(ps_files *data, zend_string *key, zend_string /* PS(id) may be changed by calling session_regenerate_id(). Re-initialization should be tried here. ps_files_open() checks - data->last_key and reopen when it is needed. */ + data->last_key and reopen when it is needed. */ ps_files_open(data, key); if (data->fd < 0) { return FAILURE; @@ -258,7 +257,7 @@ static zend_result ps_files_write(ps_files *data, zend_string *key, zend_string buf = wrote > -1 ? buf + wrote : 0; to_write = wrote > -1 ? SESS_FILE_BUF_SIZE(ZSTR_LEN(val) - n) : 0; - } while(wrote > 0); + } while (wrote > 0); } #else n = write(data->fd, ZSTR_VAL(val), ZSTR_LEN(val)); @@ -346,10 +345,8 @@ static zend_result ps_files_key_exists(ps_files *data, const zend_string *key) return SUCCESS; } - #define PS_FILES_DATA ps_files *data = PS_GET_MOD_DATA() - /* * Open save handler. Setup resources that are needed by the handler. * PARAMETERS: PS_OPEN_ARGS in php_session.h @@ -427,7 +424,6 @@ PS_OPEN_FUNC(files) return SUCCESS; } - /* * Clean up opened resources. * PARAMETERS: PS_CLOSE_ARGS in php_session.h @@ -456,7 +452,6 @@ PS_CLOSE_FUNC(files) return SUCCESS; } - /* * Read session data from opened resource. * PARAMETERS: PS_READ_ARGS in php_session.h @@ -508,7 +503,7 @@ PS_READ_FUNC(files) buf = read_in > -1 ? buf + read_in : 0; to_read = read_in > -1 ? SESS_FILE_BUF_SIZE(ZSTR_LEN(*val) - n) : 0; - } while(read_in > 0); + } while (read_in > 0); } #else @@ -531,7 +526,6 @@ PS_READ_FUNC(files) return SUCCESS; } - /* * Write session data. * PARAMETERS: PS_WRITE_ARGS in php_session.h @@ -547,7 +541,6 @@ PS_WRITE_FUNC(files) return ps_files_write(data, key, val); } - /* * Update session data modification/access time stamp. * PARAMETERS: PS_UPDATE_TIMESTAMP_ARGS in php_session.h @@ -582,7 +575,6 @@ PS_UPDATE_TIMESTAMP_FUNC(files) return SUCCESS; } - /* * Delete session data. * PARAMETERS: PS_DESTROY_ARGS in php_session.h @@ -617,7 +609,6 @@ PS_DESTROY_FUNC(files) return SUCCESS; } - /* * Cleanup expired session data. * PARAMETERS: PS_GC_ARGS in php_session.h @@ -646,7 +637,6 @@ PS_GC_FUNC(files) return *nrdels; } - /* * Create session ID. * PARAMETERS: PS_CREATE_SID_ARGS in php_session.h @@ -684,12 +674,11 @@ PS_CREATE_SID_FUNC(files) return NULL; } } - } while(!sid); + } while (!sid); return sid; } - /* * Check session ID existence for use_strict_mode support. * PARAMETERS: PS_VALIDATE_SID_ARGS in php_session.h diff --git a/ext/session/mod_mm.c b/ext/session/mod_mm.c index d6312c5fa1f3c..521e553d54f2e 100644 --- a/ext/session/mod_mm.c +++ b/ext/session/mod_mm.c @@ -40,11 +40,11 @@ typedef struct ps_sd { struct ps_sd *next; - uint32_t hv; /* hash value of key */ - time_t ctime; /* time of last change */ + uint32_t hv; /* hash value of key */ + time_t ctime; /* time of last change */ void *data; - size_t datalen; /* amount of valid data */ - size_t alloclen; /* amount of allocated memory for data */ + size_t datalen; /* amount of valid data */ + size_t alloclen; /* amount of allocated memory for data */ zend_string *key; } ps_sd; @@ -464,7 +464,7 @@ PS_CREATE_SID_FUNC(mm) return NULL; } } - } while(!sid); + } while (!sid); return sid; } diff --git a/ext/session/mod_user.c b/ext/session/mod_user.c index 90b91926a62c3..a83f1bd36f8bc 100644 --- a/ext/session/mod_user.c +++ b/ext/session/mod_user.c @@ -22,7 +22,6 @@ const ps_module ps_mod_user = { PS_MOD_UPDATE_TIMESTAMP(user) }; - static void ps_call_handler(zval *func, int argc, zval *argv, zval *retval) { int i; @@ -47,7 +46,7 @@ static void ps_call_handler(zval *func, int argc, zval *argv, zval *retval) #define PSF(a) PS(mod_user_names).ps_##a -static zend_result verify_bool_return_type_userland_calls(const zval* value) +static zend_result verify_bool_return_type_userland_calls(const zval *value) { /* Exit or exception in userland call */ if (Z_TYPE_P(value) == IS_UNDEF) { @@ -75,8 +74,8 @@ static zend_result verify_bool_return_type_userland_calls(const zval* value) } if (!EG(exception)) { zend_type_error("Session callback must have a return value of type bool, %s returned", zend_zval_value_name(value)); \ - } - return FAILURE; + } + return FAILURE; } PS_OPEN_FUNC(user) diff --git a/ext/session/mod_user_class.c b/ext/session/mod_user_class.c index eb5a47b19cee6..9adc97e67418b 100644 --- a/ext/session/mod_user_class.c +++ b/ext/session/mod_user_class.c @@ -17,7 +17,7 @@ #include "php.h" #include "php_session.h" -#define PS_SANITY_CHECK \ +#define PS_SANITY_CHECK \ if (PS(session_status) != php_session_active) { \ zend_throw_error(NULL, "Session is not active"); \ RETURN_THROWS(); \ @@ -27,11 +27,11 @@ RETURN_THROWS(); \ } -#define PS_SANITY_CHECK_IS_OPEN \ +#define PS_SANITY_CHECK_IS_OPEN \ PS_SANITY_CHECK; \ - if (!PS(mod_user_is_open)) { \ - php_error_docref(NULL, E_WARNING, "Parent session handler is not open"); \ - RETURN_FALSE; \ + if (!PS(mod_user_is_open)) { \ + php_error_docref(NULL, E_WARNING, "Parent session handler is not open"); \ + RETURN_FALSE; \ } PHP_METHOD(SessionHandler, open) diff --git a/ext/session/php_session.h b/ext/session/php_session.h index b7ed88a8f6c70..09a737cf64f3a 100644 --- a/ext/session/php_session.h +++ b/ext/session/php_session.h @@ -52,15 +52,15 @@ typedef struct ps_module_struct { #define PS_GET_MOD_DATA() *mod_data #define PS_SET_MOD_DATA(a) *mod_data = (a) -#define PS_OPEN_FUNC(x) zend_result ps_open_##x(PS_OPEN_ARGS) -#define PS_CLOSE_FUNC(x) zend_result ps_close_##x(PS_CLOSE_ARGS) -#define PS_READ_FUNC(x) zend_result ps_read_##x(PS_READ_ARGS) -#define PS_WRITE_FUNC(x) zend_result ps_write_##x(PS_WRITE_ARGS) -#define PS_DESTROY_FUNC(x) zend_result ps_delete_##x(PS_DESTROY_ARGS) -#define PS_GC_FUNC(x) zend_long ps_gc_##x(PS_GC_ARGS) -#define PS_CREATE_SID_FUNC(x) zend_string *ps_create_sid_##x(PS_CREATE_SID_ARGS) -#define PS_VALIDATE_SID_FUNC(x) zend_result ps_validate_sid_##x(PS_VALIDATE_SID_ARGS) -#define PS_UPDATE_TIMESTAMP_FUNC(x) zend_result ps_update_timestamp_##x(PS_UPDATE_TIMESTAMP_ARGS) +#define PS_OPEN_FUNC(x) zend_result ps_open_##x(PS_OPEN_ARGS) +#define PS_CLOSE_FUNC(x) zend_result ps_close_##x(PS_CLOSE_ARGS) +#define PS_READ_FUNC(x) zend_result ps_read_##x(PS_READ_ARGS) +#define PS_WRITE_FUNC(x) zend_result ps_write_##x(PS_WRITE_ARGS) +#define PS_DESTROY_FUNC(x) zend_result ps_delete_##x(PS_DESTROY_ARGS) +#define PS_GC_FUNC(x) zend_long ps_gc_##x(PS_GC_ARGS) +#define PS_CREATE_SID_FUNC(x) zend_string *ps_create_sid_##x(PS_CREATE_SID_ARGS) +#define PS_VALIDATE_SID_FUNC(x) zend_result ps_validate_sid_##x(PS_VALIDATE_SID_ARGS) +#define PS_UPDATE_TIMESTAMP_FUNC(x) zend_result ps_update_timestamp_##x(PS_UPDATE_TIMESTAMP_ARGS) /* Save handler module definitions without timestamp enabled */ #define PS_FUNCS(x) \ @@ -69,7 +69,7 @@ typedef struct ps_module_struct { PS_READ_FUNC(x); \ PS_WRITE_FUNC(x); \ PS_DESTROY_FUNC(x); \ - PS_GC_FUNC(x); \ + PS_GC_FUNC(x); \ PS_CREATE_SID_FUNC(x); \ PS_VALIDATE_SID_FUNC(x); @@ -95,7 +95,6 @@ typedef struct ps_module_struct { ps_delete_##x, ps_gc_##x, ps_create_sid_##x, \ ps_validate_sid_##x, ps_update_timestamp_##x - typedef enum { php_session_disabled, php_session_none, @@ -115,8 +114,8 @@ typedef struct _php_session_rfc1867_progress { zval data; /* the array exported to session data */ zval files; /* data["files"] array */ - zval *post_bytes_processed; /* data["bytes_processed"] */ - zval *current_file_bytes_processed; + zval *post_bytes_processed; /* data["bytes_processed"] */ + zval *current_file_bytes_processed; zval current_file; /* array of currently uploading file */ } php_session_rfc1867_progress; @@ -256,23 +255,23 @@ PHPAPI zend_result php_session_reset_id(void); /* Do not use a return statement in `code` because that may leak memory. * Break out of the loop instead. */ -#define PS_ENCODE_LOOP(code) do { \ - zval _zv; \ - /* protect against user interference */ \ - ZVAL_COPY(&_zv, Z_REFVAL(PS(http_session_vars))); \ +#define PS_ENCODE_LOOP(code) do { \ + zval _zv; \ + /* protect against user interference */ \ + ZVAL_COPY(&_zv, Z_REFVAL(PS(http_session_vars))); \ ZEND_HASH_FOREACH_KEY(Z_ARRVAL(_zv), zend_ulong num_key, zend_string * key) { \ - if (key == NULL) { \ - php_error_docref(NULL, E_WARNING, \ - "Skipping numeric key " ZEND_LONG_FMT, num_key);\ - continue; \ - } \ - zval *struc = php_get_session_var(key); \ - if (struc) { \ - code; \ - } \ - } ZEND_HASH_FOREACH_END(); \ - zval_ptr_dtor(&_zv); \ -} while(0) + if (key == NULL) { \ + php_error_docref(NULL, E_WARNING, \ + "Skipping numeric key " ZEND_LONG_FMT, num_key); \ + continue; \ + } \ + zval *struc = php_get_session_var(key); \ + if (struc) { \ + code; \ + } \ + } ZEND_HASH_FOREACH_END(); \ + zval_ptr_dtor(&_zv); \ +} while (0) PHPAPI ZEND_EXTERN_MODULE_GLOBALS(ps) diff --git a/ext/session/session.c b/ext/session/session.c index e790fa074d606..6cdd1c91eae6f 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -76,6 +76,7 @@ zend_class_entry *php_session_update_timestamp_iface_entry; #define PS_MAX_SID_LENGTH 256 + /* *********** * Helpers * *********** */ @@ -83,16 +84,16 @@ zend_class_entry *php_session_update_timestamp_iface_entry; #define IF_SESSION_VARS() \ if (Z_ISREF_P(&PS(http_session_vars)) && Z_TYPE_P(Z_REFVAL(PS(http_session_vars))) == IS_ARRAY) -#define SESSION_CHECK_ACTIVE_STATE \ - if (PS(session_status) == php_session_active) { \ - php_session_session_already_started_error(E_WARNING, "Session ini settings cannot be changed when a session is active"); \ - return FAILURE; \ +#define SESSION_CHECK_ACTIVE_STATE \ + if (PS(session_status) == php_session_active) { \ + php_session_session_already_started_error(E_WARNING, "Session ini settings cannot be changed when a session is active"); \ + return FAILURE; \ } -#define SESSION_CHECK_OUTPUT_STATE \ - if (SG(headers_sent) && stage != ZEND_INI_STAGE_DEACTIVATE) { \ - php_session_headers_already_sent_error(E_WARNING, "Session ini settings cannot be changed after headers have already been sent"); \ - return FAILURE; \ +#define SESSION_CHECK_OUTPUT_STATE \ + if (SG(headers_sent) && stage != ZEND_INI_STAGE_DEACTIVATE) { \ + php_session_headers_already_sent_error(E_WARNING, "Session ini settings cannot be changed after headers have already been sent"); \ + return FAILURE; \ } #define SESSION_FORBIDDEN_CHARS "=,;.[ \t\r\n\013\014" @@ -220,7 +221,7 @@ PHPAPI void php_add_session_var(zend_string *name) } } -PHPAPI zval* php_set_session_var(zend_string *name, zval *state_val, php_unserialize_data_t *var_hash) +PHPAPI zval *php_set_session_var(zend_string *name, zval *state_val, php_unserialize_data_t *var_hash) { IF_SESSION_VARS() { zval *sess_var = Z_REFVAL(PS(http_session_vars)); @@ -230,7 +231,7 @@ PHPAPI zval* php_set_session_var(zend_string *name, zval *state_val, php_unseria return NULL; } -PHPAPI zval* php_get_session_var(zend_string *name) +PHPAPI zval *php_get_session_var(zend_string *name) { IF_SESSION_VARS() { return zend_hash_find(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name); @@ -238,7 +239,7 @@ PHPAPI zval* php_get_session_var(zend_string *name) return NULL; } -PHPAPI zval* php_get_session_var_str(const char *name, size_t name_len) +PHPAPI zval *php_get_session_var_str(const char *name, size_t name_len) { IF_SESSION_VARS() { return zend_hash_str_find(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name, name_len); @@ -267,7 +268,7 @@ static void php_session_track_init(void) static zend_string *php_session_encode(void) { IF_SESSION_VARS() { - ZEND_ASSERT(PS(serializer)); + ZEND_ASSERT(PS(serializer)); return PS(serializer)->encode(); } else { php_error_docref(NULL, E_WARNING, "Cannot encode non-existent session"); @@ -284,7 +285,7 @@ static ZEND_COLD void php_session_cancel_decode(void) static zend_result php_session_decode(const zend_string *data) { - ZEND_ASSERT(PS(serializer)); + ZEND_ASSERT(PS(serializer)); zend_result result = SUCCESS; zend_try { if (PS(serializer)->decode(ZSTR_VAL(data), ZSTR_LEN(data)) == FAILURE) { @@ -386,7 +387,6 @@ PHPAPI zend_result php_session_valid_key(const char *key) return SUCCESS; } - static zend_long php_session_gc(bool immediate) { zend_long sessions_deleted = -1; @@ -564,25 +564,26 @@ static void php_session_normalize_vars(void) } } + /* ************************* * INI Settings/Handlers * ************************* */ static PHP_INI_MH(OnUpdateSaveHandler) { - const ps_module *tmp; + const ps_module *new_module; int err_type = E_ERROR; SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; - tmp = _php_find_ps_module(ZSTR_VAL(new_value)); + new_module = _php_find_ps_module(ZSTR_VAL(new_value)); if (stage == ZEND_INI_STAGE_RUNTIME) { err_type = E_WARNING; } - if (PG(modules_activated) && !tmp) { + if (PG(modules_activated) && !new_module) { /* Do not output error when restoring ini options. */ if (stage != ZEND_INI_STAGE_DEACTIVATE) { php_error_docref(NULL, err_type, "Session save handler \"%s\" cannot be found", ZSTR_VAL(new_value)); @@ -592,27 +593,27 @@ static PHP_INI_MH(OnUpdateSaveHandler) } /* "user" save handler should not be set by user */ - if (!PS(set_handler) && tmp == ps_user_ptr) { + if (!PS(set_handler) && new_module == ps_user_ptr) { php_error_docref(NULL, err_type, "Session save handler \"user\" cannot be set by ini_set()"); return FAILURE; } PS(default_mod) = PS(mod); - PS(mod) = tmp; + PS(mod) = new_module; return SUCCESS; } static PHP_INI_MH(OnUpdateSerializer) { - const ps_serializer *tmp; + const ps_serializer *new_serializer; SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; - tmp = _php_find_ps_serializer(ZSTR_VAL(new_value)); + new_serializer = _php_find_ps_serializer(ZSTR_VAL(new_value)); - if (PG(modules_activated) && !tmp) { + if (PG(modules_activated) && !new_serializer) { int err_type; if (stage == ZEND_INI_STAGE_RUNTIME) { @@ -627,7 +628,8 @@ static PHP_INI_MH(OnUpdateSerializer) } return FAILURE; } - PS(serializer) = tmp; + + PS(serializer) = new_serializer; return SUCCESS; } @@ -664,7 +666,6 @@ static PHP_INI_MH(OnUpdateSaveDir) return OnUpdateStr(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } - static PHP_INI_MH(OnUpdateName) { SESSION_CHECK_ACTIVE_STATE; @@ -695,7 +696,6 @@ static PHP_INI_MH(OnUpdateName) return OnUpdateStrNotEmpty(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } - static PHP_INI_MH(OnUpdateCookieLifetime) { SESSION_CHECK_ACTIVE_STATE; @@ -713,14 +713,15 @@ static PHP_INI_MH(OnUpdateCookieLifetime) } else if (v > maxcookie) { return SUCCESS; } + return OnUpdateLongGEZero(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } - static PHP_INI_MH(OnUpdateSessionLong) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + return OnUpdateLong(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } @@ -728,18 +729,18 @@ static PHP_INI_MH(OnUpdateSessionStr) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + return OnUpdateStr(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } - static PHP_INI_MH(OnUpdateSessionBool) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + return OnUpdateBool(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } - static PHP_INI_MH(OnUpdateSidLength) { zend_long val; @@ -747,19 +748,21 @@ static PHP_INI_MH(OnUpdateSidLength) SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + val = ZEND_STRTOL(ZSTR_VAL(new_value), &endptr, 10); + if (val != 32) { php_error_docref("session.configuration", E_DEPRECATED, "session.sid_length INI setting is deprecated"); } - if (endptr && (*endptr == '\0') - && val >= 22 && val <= PS_MAX_SID_LENGTH) { - /* Numeric value */ - PS(sid_length) = val; - return SUCCESS; + + if (!endptr || (*endptr != '\0') || (val < 22) || (val > PS_MAX_SID_LENGTH)) { + php_error_docref(NULL, E_WARNING, "session.configuration \"session.sid_length\" must be between 22 and 256"); + return FAILURE; } - php_error_docref(NULL, E_WARNING, "session.configuration \"session.sid_length\" must be between 22 and 256"); - return FAILURE; + PS(sid_length) = val; + + return SUCCESS; } static PHP_INI_MH(OnUpdateSidBits) @@ -769,73 +772,78 @@ static PHP_INI_MH(OnUpdateSidBits) SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + val = ZEND_STRTOL(ZSTR_VAL(new_value), &endptr, 10); + if (val != 4) { php_error_docref("session.configuration", E_DEPRECATED, "session.sid_bits_per_character INI setting is deprecated"); } - if (endptr && (*endptr == '\0') - && val >= 4 && val <=6) { - /* Numeric value */ - PS(sid_bits_per_character) = val; - return SUCCESS; + + if (!endptr || (*endptr != '\0') || (val < 4) || (val > 6)) { + php_error_docref(NULL, E_WARNING, "session.configuration \"session.sid_bits_per_character\" must be between 4 and 6"); + return FAILURE; } - php_error_docref(NULL, E_WARNING, "session.configuration \"session.sid_bits_per_character\" must be between 4 and 6"); - return FAILURE; + PS(sid_bits_per_character) = val; + + return SUCCESS; } static PHP_INI_MH(OnUpdateSessionGcProbability) { - SESSION_CHECK_ACTIVE_STATE; - SESSION_CHECK_OUTPUT_STATE; + SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; - zend_long tmp = zend_ini_parse_quantity_warn(new_value, entry->name); + zend_long new_probability = zend_ini_parse_quantity_warn(new_value, entry->name); - if (tmp < 0) { - php_error_docref("session.gc_probability", E_WARNING, "session.gc_probability must be greater than or equal to 0"); - return FAILURE; - } + if (new_probability < 0) { + php_error_docref("session.gc_probability", E_WARNING, "session.gc_probability must be greater than or equal to 0"); + return FAILURE; + } - zend_long *p = ZEND_INI_GET_ADDR(); - *p = tmp; + zend_long *p = ZEND_INI_GET_ADDR(); + *p = new_probability; - return SUCCESS; + return SUCCESS; } static PHP_INI_MH(OnUpdateSessionDivisor) { - SESSION_CHECK_ACTIVE_STATE; - SESSION_CHECK_OUTPUT_STATE; + SESSION_CHECK_ACTIVE_STATE; + SESSION_CHECK_OUTPUT_STATE; - zend_long tmp = zend_ini_parse_quantity_warn(new_value, entry->name); + zend_long new_divisor = zend_ini_parse_quantity_warn(new_value, entry->name); - if (tmp <= 0) { - php_error_docref("session.gc_divisor", E_WARNING, "session.gc_divisor must be greater than 0"); - return FAILURE; - } + if (new_divisor <= 0) { + php_error_docref("session.gc_divisor", E_WARNING, "session.gc_divisor must be greater than 0"); + return FAILURE; + } - zend_long *p = ZEND_INI_GET_ADDR(); - *p = tmp; + zend_long *p = ZEND_INI_GET_ADDR(); + *p = new_divisor; - return SUCCESS; + return SUCCESS; } static PHP_INI_MH(OnUpdateRfc1867Freq) { - int tmp = ZEND_ATOL(ZSTR_VAL(new_value)); - if(tmp < 0) { + int new_freq = ZEND_ATOL(ZSTR_VAL(new_value)); + + if (new_freq < 0) { php_error_docref(NULL, E_WARNING, "session.upload_progress.freq must be greater than or equal to 0"); return FAILURE; } - if(ZSTR_LEN(new_value) > 0 && ZSTR_VAL(new_value)[ZSTR_LEN(new_value)-1] == '%') { - if(tmp > 100) { + + if (ZSTR_LEN(new_value) > 0 && ZSTR_VAL(new_value)[ZSTR_LEN(new_value) - 1] == '%') { + if (new_freq > 100) { php_error_docref(NULL, E_WARNING, "session.upload_progress.freq must be less than or equal to 100%%"); return FAILURE; } - PS(rfc1867_freq) = -tmp; + PS(rfc1867_freq) = -new_freq; } else { - PS(rfc1867_freq) = tmp; + PS(rfc1867_freq) = new_freq; } + return SUCCESS; } @@ -843,11 +851,14 @@ static PHP_INI_MH(OnUpdateUseOnlyCookies) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + bool *p = ZEND_INI_GET_ADDR(); *p = zend_ini_parse_bool(new_value); + if (!*p) { php_error_docref("session.configuration", E_DEPRECATED, "Disabling session.use_only_cookies INI setting is deprecated"); } + return SUCCESS; } @@ -855,11 +866,14 @@ static PHP_INI_MH(OnUpdateUseTransSid) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + bool *p = ZEND_INI_GET_ADDR(); *p = zend_ini_parse_bool(new_value); + if (*p) { php_error_docref("session.configuration", E_DEPRECATED, "Enabling session.use_trans_sid INI setting is deprecated"); } + return SUCCESS; } @@ -867,9 +881,11 @@ static PHP_INI_MH(OnUpdateRefererCheck) { SESSION_CHECK_ACTIVE_STATE; SESSION_CHECK_OUTPUT_STATE; + if (ZSTR_LEN(new_value) != 0) { php_error_docref("session.configuration", E_DEPRECATED, "Usage of session.referer_check INI setting is deprecated"); } + return OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); } @@ -917,9 +933,11 @@ PHP_INI_BEGIN() /* PHP_INI_ENTRY("session.encode_sources", "globals,track", PHP_INI_ALL, NULL) */ PHP_INI_END() + /* *************** * Serializers * *************** */ + PS_SERIALIZER_ENCODE_FUNC(php_serialize) { smart_str buf = {0}; @@ -1130,6 +1148,7 @@ PHPAPI zend_result php_session_register_serializer(const char *name, zend_string return ret; } + /* ******************* * Storage Modules * ******************* */ @@ -1311,6 +1330,7 @@ static int php_session_cache_limiter(void) return -1; } + /* ********************* * Cookie Management * ********************* */ @@ -1408,8 +1428,8 @@ static zend_result php_session_send_cookie(void) smart_str_0(&ncookie); php_session_remove_cookie(); /* remove already sent session ID cookie */ - /* 'replace' must be 0 here, else a previous Set-Cookie - header, probably sent with setcookie() will be replaced! */ + /* 'replace' must be 0 here, else a previous Set-Cookie + header, probably sent with setcookie() will be replaced! */ sapi_add_header_ex(estrndup(ZSTR_VAL(ncookie.s), ZSTR_LEN(ncookie.s)), ZSTR_LEN(ncookie.s), false, false); smart_str_free(&ncookie); @@ -1548,7 +1568,6 @@ static void proposed_session_id_to_session_id(const zval *proposed_session_id) { } } - PHPAPI zend_result php_session_reset_id(void) { int module_number = PS(module_number); @@ -1627,7 +1646,6 @@ PHPAPI zend_result php_session_reset_id(void) return SUCCESS; } - PHPAPI zend_result php_session_start(void) { switch (PS(session_status)) { @@ -1738,6 +1756,7 @@ static bool php_session_reset(void) return PS(session_status) == php_session_active && php_session_initialize() == SUCCESS; } + /* ******************************** * Userspace exported functions * ******************************** */ @@ -2399,10 +2418,10 @@ PHP_FUNCTION(session_create_id) } if (prefix && ZSTR_LEN(prefix)) { - if (ZSTR_LEN(prefix) > PS_MAX_SID_LENGTH) { - zend_argument_value_error(1, "cannot be longer than %d characters", PS_MAX_SID_LENGTH); - RETURN_THROWS(); - } + if (ZSTR_LEN(prefix) > PS_MAX_SID_LENGTH) { + zend_argument_value_error(1, "cannot be longer than %d characters", PS_MAX_SID_LENGTH); + RETURN_THROWS(); + } if (php_session_valid_key(ZSTR_VAL(prefix)) == FAILURE) { /* E_ERROR raised for security reason. */ php_error_docref(NULL, E_WARNING, "Prefix cannot contain special characters. Only the A-Z, a-z, 0-9, \"-\", and \",\" characters are allowed"); @@ -2577,7 +2596,7 @@ PHP_FUNCTION(session_start) zend_argument_value_error(1, "must be of type array with keys as string"); RETURN_THROWS(); } - switch(Z_TYPE_P(value)) { + switch (Z_TYPE_P(value)) { case IS_STRING: case IS_TRUE: case IS_FALSE: @@ -2676,7 +2695,6 @@ PHP_FUNCTION(session_gc) RETURN_LONG(num); } - PHP_FUNCTION(session_write_close) { ZEND_PARSE_PARAMETERS_NONE(); @@ -2740,6 +2758,7 @@ PHP_FUNCTION(session_register_shutdown) } } + /* ******************************** * Module Setup and Destruction * ******************************** */ @@ -2787,7 +2806,6 @@ static PHP_RINIT_FUNCTION(session) ZVAL_UNDEF(&PS(mod_user_names).struct_name); \ } - static PHP_RSHUTDOWN_FUNCTION(session) { if (PS(session_status) == php_session_active) { @@ -2958,6 +2976,7 @@ static PHP_MINFO_FUNCTION(session) DISPLAY_INI_ENTRIES(); } + /* ************************ * Upload hook handling * ************************ */ @@ -3071,7 +3090,7 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_ progress = PS(rfc1867_progress); - switch(event) { + switch (event) { case MULTIPART_EVENT_START: { const multipart_event_start *data = event_data; progress = ecalloc(1, sizeof(php_session_rfc1867_progress));