diff options
| author | Yasuo Ohgaki <yohgaki@php.net> | 2016-11-17 11:09:07 +0900 |
|---|---|---|
| committer | Yasuo Ohgaki <yohgaki@php.net> | 2016-11-17 11:09:07 +0900 |
| commit | 7f196e321fa464075248eced7d0d2c046b686b24 (patch) | |
| tree | 52fd6a5e389deacc1f98f6dfc8621a150239fd68 /UPGRADING | |
| parent | 552c95750052a5c4879a9c67e2f2ec126567222c (diff) | |
| download | php-git-7f196e321fa464075248eced7d0d2c046b686b24.tar.gz | |
Fix bug #71038 - session_start() returns true even when it failed
PR #2167
Diffstat (limited to 'UPGRADING')
| -rw-r--r-- | UPGRADING | 30 |
1 files changed, 30 insertions, 0 deletions
@@ -36,6 +36,36 @@ PHP 7.2 UPGRADE NOTES keys. This fixes the behaviour of previous versions, where numeric string property names would become inaccessible string keys. +- Session: + . Session is made to manage session status corretly and prevents invalid operations. + Only inappropriate codes are affected by this change. If you have problems with this, + it means you have problem in your code. + . Functions are made to set or return correct session status. + session_start(), session_status(), session_regenerate_id() + . Functions are made to return bool from null. These functions have void parameter + and void parameter is checked. + session_unset(), session_write_close()/session_commit(), session_abort(), + session_reset() + . Functions prohibit invalid operations with regard to session status and + HTTP header status, returns correct bool return value. + session_start(), session_set_cookie_params(), session_name(), session_module_name(), + session_set_save_handler(), session_regenerate_id(), session_cache_limiter(), + session_cache_expire(), session_unset(), session_destroy(), + session_write_close()/session_commit(), session_reset() + . INI value change by ini_set() returns update status correctly. Invalid INI modifications + are checked and made to fail. + session.name, session.save_path, session.cookie_lifetime, session.cookie_path, + session.cookie_domain, session.cookie_httponly, session.cookie_secure, + session.use_cookies, session.use_only_cookies, session.use_strict_mode, + session.referer_check, session.cache_limiter, session.cache_expire, + session.lazy_write, session.save_handler, session.serialize_handler, + session.gc_probability, session.gc_divior, session.gc_maxlifetime, + . Some E_ERRORs are changed to E_WARNING since session status is managed correctly. + session_start() + . Session no longer initialize $_SESSION for invalid and useless session. + session_start() + + ======================================== 2. New Features ======================================== |