diff options
Diffstat (limited to 'ext/session/session.c')
| -rw-r--r-- | ext/session/session.c | 944 |
1 files changed, 449 insertions, 495 deletions
diff --git a/ext/session/session.c b/ext/session/session.c index 5b4820a65c..dae965b048 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1,8 +1,8 @@ /* +----------------------------------------------------------------------+ - | PHP Version 5 | + | PHP Version 7 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2013 The PHP Group | + | Copyright (c) 1997-2014 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -48,9 +48,10 @@ #include "ext/standard/url_scanner_ex.h" #include "ext/standard/php_rand.h" /* for RAND_MAX */ #include "ext/standard/info.h" -#include "ext/standard/php_smart_str.h" +#include "zend_smart_str.h" #include "ext/standard/url.h" #include "ext/standard/basic_functions.h" +#include "ext/standard/head.h" #include "mod_files.h" #include "mod_user.h" @@ -78,7 +79,7 @@ zend_class_entry *php_session_id_iface_entry; *********** */ #define IF_SESSION_VARS() \ - if (PS(http_session_vars) && PS(http_session_vars)->type == IS_ARRAY) + if (Z_ISREF_P(&PS(http_session_vars)) && Z_TYPE_P(Z_REFVAL(PS(http_session_vars))) == IS_ARRAY) #define SESSION_CHECK_ACTIVE_STATE \ if (PS(session_status) == php_session_active) { \ @@ -96,16 +97,16 @@ static inline void php_rinit_session_globals(TSRMLS_D) /* {{{ */ PS(mod_data) = NULL; PS(mod_user_is_open) = 0; /* Do NOT init PS(mod_user_names) here! */ - PS(http_session_vars) = NULL; + ZVAL_UNDEF(&PS(http_session_vars)); } /* }}} */ /* Dispatched by RSHUTDOWN and by php_session_destroy */ static inline void php_rshutdown_session_globals(TSRMLS_D) /* {{{ */ { - if (PS(http_session_vars)) { + if (!Z_ISUNDEF(PS(http_session_vars))) { zval_ptr_dtor(&PS(http_session_vars)); - PS(http_session_vars) = NULL; + ZVAL_UNDEF(&PS(http_session_vars)); } /* Do NOT destroy PS(mod_user_names) here! */ if (PS(mod_data) || PS(mod_user_implemented)) { @@ -114,7 +115,7 @@ static inline void php_rshutdown_session_globals(TSRMLS_D) /* {{{ */ } zend_end_try(); } if (PS(id)) { - efree(PS(id)); + zend_string_release(PS(id)); } } /* }}} */ @@ -140,78 +141,74 @@ static int php_session_destroy(TSRMLS_D) /* {{{ */ } /* }}} */ -PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC) /* {{{ */ +PHPAPI void php_add_session_var(zend_string *name TSRMLS_DC) /* {{{ */ { - zval **sym_track = NULL; + zval *sym_track = NULL; IF_SESSION_VARS() { - zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, (void *) &sym_track); + sym_track = zend_hash_find(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name); } else { return; } if (sym_track == NULL) { - zval *empty_var; + zval empty_var; - ALLOC_INIT_ZVAL(empty_var); - ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0); + ZVAL_NULL(&empty_var); + zend_hash_update(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name, &empty_var); } } /* }}} */ -PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC) /* {{{ */ +PHPAPI zval* php_set_session_var(zend_string *name, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC) /* {{{ */ { IF_SESSION_VARS() { - zend_set_hash_symbol(state_val, name, namelen, PZVAL_IS_REF(state_val), 1, Z_ARRVAL_P(PS(http_session_vars))); + return zend_hash_update(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name, state_val); } + return NULL; } /* }}} */ -PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC) /* {{{ */ +PHPAPI zval* php_get_session_var(zend_string *name TSRMLS_DC) /* {{{ */ { - int ret = FAILURE; - IF_SESSION_VARS() { - ret = zend_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, (void **) state_var); + return zend_hash_find(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), name); } - return ret; + return NULL; } /* }}} */ static void php_session_track_init(TSRMLS_D) /* {{{ */ { - zval *session_vars = NULL; - + zval session_vars; + zend_string *var_name = zend_string_init("_SESSION", sizeof("_SESSION") - 1, 0); /* Unconditionally destroy existing array -- possible dirty data */ - zend_delete_global_variable("_SESSION", sizeof("_SESSION")-1 TSRMLS_CC); + zend_delete_global_variable(var_name TSRMLS_CC); - if (PS(http_session_vars)) { + if (!Z_ISUNDEF(PS(http_session_vars))) { zval_ptr_dtor(&PS(http_session_vars)); } - MAKE_STD_ZVAL(session_vars); - array_init(session_vars); - PS(http_session_vars) = session_vars; - - ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 2, 1); + array_init(&session_vars); + ZVAL_NEW_REF(&PS(http_session_vars), &session_vars); + Z_ADDREF_P(&PS(http_session_vars)); + zend_hash_update_ind(&EG(symbol_table).ht, var_name, &PS(http_session_vars)); + zend_string_release(var_name); } /* }}} */ -static char *php_session_encode(int *newlen TSRMLS_DC) /* {{{ */ +static zend_string *php_session_encode(TSRMLS_D) /* {{{ */ { - char *ret = NULL; - IF_SESSION_VARS() { if (!PS(serializer)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown session.serialize_handler. Failed to encode session object"); - ret = NULL; - } else if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE) { - ret = NULL; - } + return NULL; + } + return PS(serializer)->encode(TSRMLS_C); } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot encode non-existent session"); } - return ret; + return NULL; } /* }}} */ @@ -250,7 +247,7 @@ static char *bin_to_readable(char *in, size_t inlen, char *out, char nbits) /* { int mask; int have; - p = (unsigned char *) in; + p = (unsigned char *)in; q = (unsigned char *)in + inlen; w = 0; @@ -281,7 +278,7 @@ static char *bin_to_readable(char *in, size_t inlen, char *out, char nbits) /* { } /* }}} */ -PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ +PHPAPI zend_string *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ { PHP_MD5_CTX md5_context; PHP_SHA1_CTX sha1_context; @@ -290,24 +287,25 @@ PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ #endif unsigned char *digest; int digest_len; - int j; - char *buf, *outid; + char *buf; struct timeval tv; - zval **array; - zval **token; + zval *array; + zval *token; + zend_string *outid; char *remote_addr = NULL; gettimeofday(&tv, NULL); - if (zend_hash_find(&EG(symbol_table), "_SERVER", sizeof("_SERVER"), (void **) &array) == SUCCESS && - Z_TYPE_PP(array) == IS_ARRAY && - zend_hash_find(Z_ARRVAL_PP(array), "REMOTE_ADDR", sizeof("REMOTE_ADDR"), (void **) &token) == SUCCESS + if ((array = zend_hash_str_find(&EG(symbol_table).ht, "_SERVER", sizeof("_SERVER") - 1)) && + Z_TYPE_P(array) == IS_ARRAY && + (token = zend_hash_str_find(Z_ARRVAL_P(array), "REMOTE_ADDR", sizeof("REMOTE_ADDR") - 1)) && + Z_TYPE_P(token) == IS_STRING ) { - remote_addr = Z_STRVAL_PP(token); + remote_addr = Z_STRVAL_P(token); } /* maximum 15+19+19+10 bytes */ - spprintf(&buf, 0, "%.15s%ld%ld%0.8F", remote_addr ? remote_addr : "", tv.tv_sec, (long int)tv.tv_usec, php_combined_lcg(TSRMLS_C) * 10); + spprintf(&buf, 0, "%.15s%ld" ZEND_LONG_FMT "%0.8F", remote_addr ? remote_addr : "", tv.tv_sec, (zend_long)tv.tv_usec, php_combined_lcg(TSRMLS_C) * 10); switch (PS(hash_func)) { case PS_HASH_FUNC_MD5: @@ -418,14 +416,10 @@ PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS) /* {{{ */ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The ini setting hash_bits_per_character is out of range (should be 4, 5, or 6) - using 4 for now"); } - outid = emalloc((size_t)((digest_len + 2) * ((8.0f / PS(hash_bits_per_character)) + 0.5))); - j = (int) (bin_to_readable((char *)digest, digest_len, outid, (char)PS(hash_bits_per_character)) - outid); + outid = zend_string_alloc((digest_len + 2) * ((8.0f / PS(hash_bits_per_character) + 0.5)), 0); + outid->len = (int)(bin_to_readable((char *)digest, digest_len, outid->val, (char)PS(hash_bits_per_character)) - (char *)&outid->val); efree(digest); - if (newlen) { - *newlen = j; - } - return outid; } /* }}} */ @@ -466,8 +460,7 @@ PHPAPI int php_session_valid_key(const char *key) /* {{{ */ static void php_session_initialize(TSRMLS_D) /* {{{ */ { - char *val = NULL; - int vallen; + zend_string *val = NULL; if (!PS(mod)) { php_error_docref(NULL TSRMLS_CC, E_ERROR, "No storage module chosen - failed to initialize session"); @@ -482,7 +475,7 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */ /* If there is no ID, use session module to create one */ if (!PS(id)) { - PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC); + PS(id) = PS(mod)->s_create_sid(&PS(mod_data) TSRMLS_CC); if (!PS(id)) { php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to create session ID: %s (path: %s)", PS(mod)->s_name, PS(save_path)); return; @@ -492,30 +485,38 @@ static void php_session_initialize(TSRMLS_D) /* {{{ */ } } - php_session_reset_id(TSRMLS_C); - PS(session_status) = php_session_active; + /* Set session ID for compatibility for older/3rd party save handlers */ + if (!PS(use_strict_mode)) { + php_session_reset_id(TSRMLS_C); + PS(session_status) = php_session_active; + } /* Read data */ php_session_track_init(TSRMLS_C); - if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == FAILURE) { + if (PS(mod)->s_read(&PS(mod_data), PS(id), &val TSRMLS_CC) == FAILURE) { /* Some broken save handler implementation returns FAILURE for non-existent session ID */ - /* It's better to rase error for this, but disabled error for better compatibility */ + /* It's better to raise error for this, but disabled error for better compatibility */ /* php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path)); */ } + /* Set session ID if session read didn't activated session */ + if (PS(use_strict_mode) && PS(session_status) != php_session_active) { + php_session_reset_id(TSRMLS_C); + PS(session_status) = php_session_active; + } if (val) { PHP_MD5_CTX context; /* Store read data's MD5 hash */ PHP_MD5Init(&context); - PHP_MD5Update(&context, val, vallen); + PHP_MD5Update(&context, val->val, val->len); PHP_MD5Final(PS(session_data_hash), &context); - php_session_decode(val, vallen TSRMLS_CC); - efree(val); + php_session_decode(val->val, val->len TSRMLS_CC); + zend_string_release(val); } else { - memset(PS(session_data_hash),'\0', 16); + memset(PS(session_data_hash),'\0', 16); } if (!PS(use_cookies) && PS(send_cookie)) { @@ -533,31 +534,30 @@ static void php_session_save_current_state(TSRMLS_D) /* {{{ */ IF_SESSION_VARS() { if (PS(mod_data) || PS(mod_user_implemented)) { - char *val; - int vallen; + zend_string *val; - val = php_session_encode(&vallen TSRMLS_CC); + val = php_session_encode(TSRMLS_C); if (val) { PHP_MD5_CTX context; unsigned char digest[16]; /* Generate data's MD5 hash */ PHP_MD5Init(&context); - PHP_MD5Update(&context, val, vallen); + PHP_MD5Update(&context, val->val, val->len); PHP_MD5Final(digest, &context); /* Write only when save is required */ if (memcmp(digest, PS(session_data_hash), 16)) { - ret = PS(mod)->s_write(&PS(mod_data), PS(id), val, vallen TSRMLS_CC); + ret = PS(mod)->s_write(&PS(mod_data), PS(id), val TSRMLS_CC); } else { ret = SUCCESS; } - efree(val); + zend_string_release(val); } else { - ret = PS(mod)->s_write(&PS(mod_data), PS(id), "", 0 TSRMLS_CC); + ret = PS(mod)->s_write(&PS(mod_data), PS(id), STR_EMPTY_ALLOC() TSRMLS_CC); } } - if (ret == FAILURE) { + if ((ret == FAILURE) && !EG(exception)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to write session data (%s). Please " "verify that the current setting of session.save_path " "is correct (%s)", @@ -581,7 +581,7 @@ static PHP_INI_MH(OnUpdateSaveHandler) /* {{{ */ ps_module *tmp; SESSION_CHECK_ACTIVE_STATE; - tmp = _php_find_ps_module(new_value TSRMLS_CC); + tmp = _php_find_ps_module(new_value->val TSRMLS_CC); if (PG(modules_activated) && !tmp) { int err_type; @@ -594,7 +594,7 @@ static PHP_INI_MH(OnUpdateSaveHandler) /* {{{ */ /* Do not output error when restoring ini options. */ if (stage != ZEND_INI_STAGE_DEACTIVATE) { - php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find save handler '%s'", new_value); + php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find save handler '%s'", new_value->val); } return FAILURE; } @@ -611,7 +611,7 @@ static PHP_INI_MH(OnUpdateSerializer) /* {{{ */ const ps_serializer *tmp; SESSION_CHECK_ACTIVE_STATE; - tmp = _php_find_ps_serializer(new_value TSRMLS_CC); + tmp = _php_find_ps_serializer(new_value->val TSRMLS_CC); if (PG(modules_activated) && !tmp) { int err_type; @@ -624,7 +624,7 @@ static PHP_INI_MH(OnUpdateSerializer) /* {{{ */ /* Do not output error when restoring ini options. */ if (stage != ZEND_INI_STAGE_DEACTIVATE) { - php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find serialization handler '%s'", new_value); + php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find serialization handler '%s'", new_value->val); } return FAILURE; } @@ -638,10 +638,10 @@ static PHP_INI_MH(OnUpdateTransSid) /* {{{ */ { SESSION_CHECK_ACTIVE_STATE; - if (!strncasecmp(new_value, "on", sizeof("on"))) { + if (!strncasecmp(new_value->val, "on", sizeof("on"))) { PS(use_trans_sid) = (zend_bool) 1; } else { - PS(use_trans_sid) = (zend_bool) atoi(new_value); + PS(use_trans_sid) = (zend_bool) atoi(new_value->val); } return SUCCESS; @@ -654,19 +654,19 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) { char *p; - if (memchr(new_value, '\0', new_value_length) != NULL) { + if (memchr(new_value->val, '\0', new_value->len) != NULL) { return FAILURE; } /* we do not use zend_memrchr() since path can contain ; itself */ - if ((p = strchr(new_value, ';'))) { + if ((p = strchr(new_value->val, ';'))) { char *p2; p++; if ((p2 = strchr(p, ';'))) { p = p2 + 1; } } else { - p = new_value; + p = new_value->val; } if (PG(open_basedir) && *p && php_check_open_basedir(p TSRMLS_CC)) { @@ -674,7 +674,7 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ } } - OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); + OnUpdateString(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); return SUCCESS; } /* }}} */ @@ -682,11 +682,10 @@ static PHP_INI_MH(OnUpdateSaveDir) /* {{{ */ static PHP_INI_MH(OnUpdateName) /* {{{ */ { /* Numeric session.name won't work at all */ - if (PG(modules_activated) && - (!new_value_length || is_numeric_string(new_value, new_value_length, NULL, NULL, 0))) { + if ((!new_value->len || is_numeric_string(new_value->val, new_value->len, NULL, NULL, 0))) { int err_type; - if (stage == ZEND_INI_STAGE_RUNTIME) { + if (stage == ZEND_INI_STAGE_RUNTIME || stage == ZEND_INI_STAGE_ACTIVATE || stage == ZEND_INI_STAGE_STARTUP) { err_type = E_WARNING; } else { err_type = E_ERROR; @@ -694,26 +693,26 @@ static PHP_INI_MH(OnUpdateName) /* {{{ */ /* Do not output error when restoring ini options. */ if (stage != ZEND_INI_STAGE_DEACTIVATE) { - php_error_docref(NULL TSRMLS_CC, err_type, "session.name cannot be a numeric or empty '%s'", new_value); + php_error_docref(NULL TSRMLS_CC, err_type, "session.name cannot be a numeric or empty '%s'", new_value->val); } return FAILURE; } - OnUpdateStringUnempty(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); + OnUpdateStringUnempty(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC); return SUCCESS; } /* }}} */ static PHP_INI_MH(OnUpdateHashFunc) /* {{{ */ { - long val; + zend_long val; char *endptr = NULL; #if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) PS(hash_ops) = NULL; #endif - val = strtol(new_value, &endptr, 10); + val = ZEND_STRTOL(new_value->val, &endptr, 10); if (endptr && (*endptr == '\0')) { /* Numeric value */ PS(hash_func) = val ? 1 : 0; @@ -721,15 +720,15 @@ static PHP_INI_MH(OnUpdateHashFunc) /* {{{ */ return SUCCESS; } - if (new_value_length == (sizeof("md5") - 1) && - strncasecmp(new_value, "md5", sizeof("md5") - 1) == 0) { + if (new_value->len == (sizeof("md5") - 1) && + strncasecmp(new_value->val, "md5", sizeof("md5") - 1) == 0) { PS(hash_func) = PS_HASH_FUNC_MD5; return SUCCESS; } - if (new_value_length == (sizeof("sha1") - 1) && - strncasecmp(new_value, "sha1", sizeof("sha1") - 1) == 0) { + if (new_value->len == (sizeof("sha1") - 1) && + strncasecmp(new_value->val, "sha1", sizeof("sha1") - 1) == 0) { PS(hash_func) = PS_HASH_FUNC_SHA1; return SUCCESS; @@ -737,7 +736,7 @@ static PHP_INI_MH(OnUpdateHashFunc) /* {{{ */ #if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) /* {{{ */ { - php_hash_ops *ops = (php_hash_ops*)php_hash_fetch_ops(new_value, new_value_length); + php_hash_ops *ops = (php_hash_ops*)php_hash_fetch_ops(new_value->val, new_value->len); if (ops) { PS(hash_func) = PS_HASH_FUNC_OTHER; @@ -748,7 +747,7 @@ static PHP_INI_MH(OnUpdateHashFunc) /* {{{ */ } #endif /* HAVE_HASH_EXT }}} */ - php_error_docref(NULL TSRMLS_CC, E_WARNING, "session.configuration 'session.hash_function' must be existing hash function. %s does not exist.", new_value); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "session.configuration 'session.hash_function' must be existing hash function. %s does not exist.", new_value->val); return FAILURE; } /* }}} */ @@ -756,12 +755,12 @@ static PHP_INI_MH(OnUpdateHashFunc) /* {{{ */ static PHP_INI_MH(OnUpdateRfc1867Freq) /* {{{ */ { int tmp; - tmp = zend_atoi(new_value, new_value_length); + tmp = zend_atoi(new_value->val, new_value->len); if(tmp < 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "session.upload_progress.freq must be greater than or equal to zero"); return FAILURE; } - if(new_value_length > 0 && new_value[new_value_length-1] == '%') { + if(new_value->len > 0 && new_value->val[new_value->len-1] == '%') { if(tmp > 100) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "session.upload_progress.freq cannot be over 100%%"); return FAILURE; @@ -773,25 +772,6 @@ static PHP_INI_MH(OnUpdateRfc1867Freq) /* {{{ */ return SUCCESS; } /* }}} */ -static ZEND_INI_MH(OnUpdateSmartStr) /* {{{ */ -{ - smart_str *p; -#ifndef ZTS - char *base = (char *) mh_arg2; -#else - char *base; - - base = (char *) ts_resource(*((int *) mh_arg2)); -#endif - - p = (smart_str *) (base+(size_t) mh_arg1); - - smart_str_sets(p, new_value); - - return SUCCESS; -} -/* }}} */ - /* {{{ PHP_INI */ PHP_INI_BEGIN() @@ -834,9 +814,9 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("session.upload_progress.cleanup", "1", ZEND_INI_PERDIR, OnUpdateBool, rfc1867_cleanup, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.upload_progress.prefix", - "upload_progress_", ZEND_INI_PERDIR, OnUpdateSmartStr, rfc1867_prefix, php_ps_globals, ps_globals) + "upload_progress_", ZEND_INI_PERDIR, OnUpdateString, rfc1867_prefix, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.upload_progress.name", - "PHP_SESSION_UPLOAD_PROGRESS", ZEND_INI_PERDIR, OnUpdateSmartStr, rfc1867_name, php_ps_globals, ps_globals) + "PHP_SESSION_UPLOAD_PROGRESS", ZEND_INI_PERDIR, OnUpdateString, rfc1867_name, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.upload_progress.freq", "1%", ZEND_INI_PERDIR, OnUpdateRfc1867Freq, rfc1867_freq, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.upload_progress.min_freq", "1", ZEND_INI_PERDIR, OnUpdateReal, rfc1867_min_freq,php_ps_globals, ps_globals) @@ -855,35 +835,33 @@ PS_SERIALIZER_ENCODE_FUNC(php_serialize) /* {{{ */ php_serialize_data_t var_hash; PHP_VAR_SERIALIZE_INIT(var_hash); - php_var_serialize(&buf, &PS(http_session_vars), &var_hash TSRMLS_CC); + php_var_serialize(&buf, Z_REFVAL(PS(http_session_vars)), &var_hash TSRMLS_CC); PHP_VAR_SERIALIZE_DESTROY(var_hash); - if (newlen) { - *newlen = buf.len; - } - smart_str_0(&buf); - *newstr = buf.c; - return SUCCESS; + return buf.s; } /* }}} */ PS_SERIALIZER_DECODE_FUNC(php_serialize) /* {{{ */ { const char *endptr = val + vallen; - zval *session_vars; + zval session_vars; php_unserialize_data_t var_hash; + zend_string *var_name = zend_string_init("_SESSION", sizeof("_SESSION") - 1, 0); + ZVAL_NULL(&session_vars); PHP_VAR_UNSERIALIZE_INIT(var_hash); - ALLOC_INIT_ZVAL(session_vars); - php_var_unserialize(&session_vars, &val, endptr, &var_hash TSRMLS_CC); + php_var_unserialize(&session_vars, (const unsigned char **)&val, endptr, &var_hash TSRMLS_CC); PHP_VAR_UNSERIALIZE_DESTROY(var_hash); - if (PS(http_session_vars)) { + if (!Z_ISUNDEF(PS(http_session_vars))) { zval_ptr_dtor(&PS(http_session_vars)); } - if (Z_TYPE_P(session_vars) == IS_NULL) { - array_init(session_vars); - } - PS(http_session_vars) = session_vars; - ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 2, 1); + if (Z_TYPE(session_vars) == IS_NULL) { + array_init(&session_vars); + } + ZVAL_NEW_REF(&PS(http_session_vars), &session_vars); + Z_ADDREF_P(&PS(http_session_vars)); + zend_hash_update_ind(&EG(symbol_table).ht, var_name, &PS(http_session_vars)); + zend_string_release(var_name); return SUCCESS; } /* }}} */ @@ -901,41 +879,37 @@ PS_SERIALIZER_ENCODE_FUNC(php_binary) /* {{{ */ PHP_VAR_SERIALIZE_INIT(var_hash); PS_ENCODE_LOOP( - if (key_length > PS_BIN_MAX) continue; - smart_str_appendc(&buf, (unsigned char) key_length); - smart_str_appendl(&buf, key, key_length); + if (key->len > PS_BIN_MAX) continue; + smart_str_appendc(&buf, (unsigned char)key->len); + smart_str_appendl(&buf, key->val, key->len); php_var_serialize(&buf, struc, &var_hash TSRMLS_CC); } else { - if (key_length > PS_BIN_MAX) continue; - smart_str_appendc(&buf, (unsigned char) (key_length & PS_BIN_UNDEF)); - smart_str_appendl(&buf, key, key_length); + if (key->len > PS_BIN_MAX) continue; + smart_str_appendc(&buf, (unsigned char) (key->len & PS_BIN_UNDEF)); + smart_str_appendl(&buf, key->val, key->len); ); - if (newlen) { - *newlen = buf.len; - } smart_str_0(&buf); - *newstr = buf.c; PHP_VAR_SERIALIZE_DESTROY(var_hash); - return SUCCESS; + return buf.s; } /* }}} */ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */ { const char *p; - char *name; const char *endptr = val + vallen; - zval *current; - int namelen; + zval current; int has_value; + int namelen; + zend_string *name; php_unserialize_data_t var_hash; PHP_VAR_UNSERIALIZE_INIT(var_hash); for (p = val; p < endptr; ) { - zval **tmp; + zval *tmp; namelen = ((unsigned char)(*p)) & (~PS_BIN_UNDEF); if (namelen < 0 || namelen > PS_BIN_MAX || (p + namelen) >= endptr) { @@ -944,26 +918,28 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) /* {{{ */ has_value = *p & PS_BIN_UNDEF ? 0 : 1; - name = estrndup(p + 1, namelen); + name = zend_string_init(p + 1, namelen, 0); p += namelen + 1; - if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) { - if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) { + if ((tmp = zend_hash_find(&EG(symbol_table).ht, name))) { + if ((Z_TYPE_P(tmp) == IS_ARRAY && Z_ARRVAL_P(tmp) == &EG(symbol_table).ht) || tmp == &PS(http_session_vars)) { efree(name); continue; } } if (has_value) { - ALLOC_INIT_ZVAL(current); + ZVAL_UNDEF(¤t); if (php_var_unserialize(¤t, (const unsigned char **) &p, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) { - php_set_session_var(name, namelen, current, &var_hash TSRMLS_CC); + zval *zv = php_set_session_var(name, ¤t, &var_hash TSRMLS_CC); + var_replace(&var_hash, ¤t, zv); + } else { + zval_ptr_dtor(¤t); } - zval_ptr_dtor(¤t); } - PS_ADD_VARL(name, namelen); - efree(name); + PS_ADD_VARL(name); + zend_string_release(name); } PHP_VAR_UNSERIALIZE_DESTROY(var_hash); @@ -984,40 +960,36 @@ PS_SERIALIZER_ENCODE_FUNC(php) /* {{{ */ PHP_VAR_SERIALIZE_INIT(var_hash); PS_ENCODE_LOOP( - smart_str_appendl(&buf, key, key_length); - if (memchr(key, PS_DELIMITER, key_length) || memchr(key, PS_UNDEF_MARKER, key_length)) { + smart_str_appendl(&buf, key->val, key->len); + if (memchr(key->val, PS_DELIMITER, key->len) || memchr(key->val, PS_UNDEF_MARKER, key->len)) { PHP_VAR_SERIALIZE_DESTROY(var_hash); smart_str_free(&buf); - return FAILURE; + return NULL; } smart_str_appendc(&buf, PS_DELIMITER); php_var_serialize(&buf, struc, &var_hash TSRMLS_CC); } else { smart_str_appendc(&buf, PS_UNDEF_MARKER); - smart_str_appendl(&buf, key, key_length); + smart_str_appendl(&buf, key->val, key->len); smart_str_appendc(&buf, PS_DELIMITER); ); - if (newlen) { - *newlen = buf.len; - } smart_str_0(&buf); - *newstr = buf.c; PHP_VAR_SERIALIZE_DESTROY(var_hash); - return SUCCESS; + return buf.s; } /* }}} */ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ { const char *p, *q; - char *name; const char *endptr = val + vallen; - zval *current; - int namelen; + zval current; int has_value; + int namelen; + zend_string *name; php_unserialize_data_t var_hash; PHP_VAR_UNSERIALIZE_INIT(var_hash); @@ -1025,7 +997,7 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ p = val; while (p < endptr) { - zval **tmp; + zval *tmp; q = p; while (*q != PS_DELIMITER) { if (++q >= endptr) goto break_outer_loop; @@ -1038,25 +1010,27 @@ PS_SERIALIZER_DECODE_FUNC(php) /* {{{ */ } namelen = q - p; - name = estrndup(p, namelen); + name = zend_string_init(p, namelen, 0); q++; - if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) { - if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) { + if ((tmp = zend_hash_find(&EG(symbol_table).ht, name))) { + if ((Z_TYPE_P(tmp) == IS_ARRAY && Z_ARRVAL_P(tmp) == &EG(symbol_table).ht) || tmp == &PS(http_session_vars)) { goto skip; } } if (has_value) { - ALLOC_INIT_ZVAL(current); + ZVAL_UNDEF(¤t); if (php_var_unserialize(¤t, (const unsigned char **) &q, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) { - php_set_session_var(name, namelen, current, &var_hash TSRMLS_CC); + zval *zv = php_set_session_var(name, ¤t, &var_hash TSRMLS_CC); + var_replace(&var_hash, ¤t, zv); + } else { + zval_ptr_dtor(¤t); } - zval_ptr_dtor(¤t); } - PS_ADD_VARL(name, namelen); + PS_ADD_VARL(name); skip: - efree(name); + zend_string_release(name); p = q; } @@ -1077,7 +1051,7 @@ static ps_serializer ps_serializers[MAX_SERIALIZERS + 1] = { PS_SERIALIZER_ENTRY(php_binary) }; -PHPAPI int php_session_register_serializer(const char *name, int (*encode)(PS_SERIALIZER_ENCODE_ARGS), int (*decode)(PS_SERIALIZER_DECODE_ARGS)) /* {{{ */ +PHPAPI int php_session_register_serializer(const char *name, zend_string *(*encode)(PS_SERIALIZER_ENCODE_ARGS), int (*decode)(PS_SERIALIZER_DECODE_ARGS)) /* {{{ */ { int ret = -1; int i; @@ -1174,7 +1148,7 @@ static inline void strcpy_gmt(char *ubuf, time_t *when) /* {{{ */ static inline void last_modified(TSRMLS_D) /* {{{ */ { const char *path; - struct stat sb; + zend_stat_t sb; char buf[MAX_STR + 1]; path = SG(request_info).path_translated; @@ -1204,7 +1178,7 @@ CACHE_LIMITER_FUNC(public) /* {{{ */ strcpy_gmt(buf + sizeof(EXPIRES) - 1, &now); ADD_HEADER(buf); - snprintf(buf, sizeof(buf) , "Cache-Control: public, max-age=%ld", PS(cache_expire) * 60); /* SAFE */ + snprintf(buf, sizeof(buf) , "Cache-Control: public, max-age=" ZEND_LONG_FMT, PS(cache_expire) * 60); /* SAFE */ ADD_HEADER(buf); last_modified(TSRMLS_C); @@ -1215,7 +1189,7 @@ CACHE_LIMITER_FUNC(private_no_expire) /* {{{ */ { char buf[MAX_STR + 1]; - snprintf(buf, sizeof(buf), "Cache-Control: private, max-age=%ld, pre-check=%ld", PS(cache_expire) * 60, PS(cache_expire) * 60); /* SAFE */ + snprintf(buf, sizeof(buf), "Cache-Control: private, max-age=" ZEND_LONG_FMT ", pre-check=" ZEND_LONG_FMT, PS(cache_expire) * 60, PS(cache_expire) * 60); /* SAFE */ ADD_HEADER(buf); last_modified(TSRMLS_C); @@ -1282,19 +1256,56 @@ static int php_session_cache_limiter(TSRMLS_D) /* {{{ */ * Cookie Management * ********************* */ -#define COOKIE_SET_COOKIE "Set-Cookie: " -#define COOKIE_EXPIRES "; expires=" -#define COOKIE_MAX_AGE "; Max-Age=" -#define COOKIE_PATH "; path=" -#define COOKIE_DOMAIN "; domain=" -#define COOKIE_SECURE "; secure" -#define COOKIE_HTTPONLY "; HttpOnly" +/* + * Remove already sent session ID cookie. + * It must be directly removed from SG(sapi_header) because sapi_add_header_ex() + * removes all of matching cookie. i.e. It deletes all of Set-Cookie headers. + */ +static void php_session_remove_cookie(TSRMLS_D) { + sapi_header_struct *header; + zend_llist *l = &SG(sapi_headers).headers; + zend_llist_element *next; + zend_llist_element *current; + char *session_cookie; + zend_string *e_session_name; + int session_cookie_len; + uint len = sizeof("Set-Cookie")-1; + + e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name))); + spprintf(&session_cookie, 0, "Set-Cookie: %s=", e_session_name->val); + zend_string_free(e_session_name); + + session_cookie_len = strlen(session_cookie); + current = l->head; + while (current) { + header = (sapi_header_struct *)(current->data); + next = current->next; + if (header->header_len > len && header->header[len] == ':' + && !strncmp(header->header, session_cookie, session_cookie_len)) { + if (current->prev) { + current->prev->next = next; + } else { + l->head = next; + } + if (next) { + next->prev = current->prev; + } else { + l->tail = current->prev; + } + sapi_free_header(header); + efree(current); + --l->count; + } + current = next; + } + efree(session_cookie); +} static void php_session_send_cookie(TSRMLS_D) /* {{{ */ { smart_str ncookie = {0}; - char *date_fmt = NULL; - char *e_session_name, *e_id; + zend_string *date_fmt = NULL; + zend_string *e_session_name, *e_id; if (SG(headers_sent)) { const char *output_start_filename = php_output_get_start_filename(TSRMLS_C); @@ -1309,16 +1320,16 @@ static void php_session_send_cookie(TSRMLS_D) /* {{{ */ } /* URL encode session_name and id because they might be user supplied */ - e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL); - e_id = php_url_encode(PS(id), strlen(PS(id)), NULL); + e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name))); + e_id = php_url_encode(PS(id)->val, PS(id)->len); - smart_str_appends(&ncookie, COOKIE_SET_COOKIE); - smart_str_appends(&ncookie, e_session_name); + smart_str_appendl(&ncookie, "Set-Cookie: ", sizeof("Set-Cookie: ")-1); + smart_str_appendl(&ncookie, e_session_name->val, e_session_name->len); smart_str_appendc(&ncookie, '='); - smart_str_appends(&ncookie, e_id); + smart_str_appendl(&ncookie, e_id->val, e_id->len); - efree(e_session_name); - efree(e_id); + zend_string_release(e_session_name); + zend_string_release(e_id); if (PS(cookie_lifetime) > 0) { struct timeval tv; @@ -1330,8 +1341,8 @@ static void php_session_send_cookie(TSRMLS_D) /* {{{ */ if (t > 0) { date_fmt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, t, 0 TSRMLS_CC); smart_str_appends(&ncookie, COOKIE_EXPIRES); - smart_str_appends(&ncookie, date_fmt); - efree(date_fmt); + smart_str_appendl(&ncookie, date_fmt->val, date_fmt->len); + zend_string_release(date_fmt); smart_str_appends(&ncookie, COOKIE_MAX_AGE); smart_str_append_long(&ncookie, PS(cookie_lifetime)); @@ -1358,9 +1369,11 @@ static void php_session_send_cookie(TSRMLS_D) /* {{{ */ smart_str_0(&ncookie); + php_session_remove_cookie(TSRMLS_C); /* remove already sent session ID cookie */ /* 'replace' must be 0 here, else a previous Set-Cookie header, probably sent with setcookie() will be replaced! */ - sapi_add_header_ex(ncookie.c, ncookie.len, 0, 0 TSRMLS_CC); + sapi_add_header_ex(estrndup(ncookie.s->val, ncookie.s->len), ncookie.s->len, 0, 0 TSRMLS_CC); + smart_str_free(&ncookie); } /* }}} */ @@ -1395,9 +1408,16 @@ PHPAPI const ps_serializer *_php_find_ps_serializer(char *name TSRMLS_DC) /* {{{ } /* }}} */ -#define PPID2SID \ - convert_to_string((*ppid)); \ - PS(id) = estrndup(Z_STRVAL_PP(ppid), Z_STRLEN_PP(ppid)) +static void ppid2sid(zval *ppid TSRMLS_DC) { + if (Z_TYPE_P(ppid) != IS_STRING) { + PS(id) = NULL; + PS(send_cookie) = 1; + } else { + convert_to_string(ppid); + PS(id) = zend_string_init(Z_STRVAL_P(ppid), Z_STRLEN_P(ppid), 0); + PS(send_cookie) = 0; + } +} PHPAPI void php_session_reset_id(TSRMLS_D) /* {{{ */ { @@ -1414,31 +1434,32 @@ PHPAPI void php_session_reset_id(TSRMLS_D) /* {{{ */ } /* if the SID constant exists, destroy it. */ - zend_hash_del(EG(zend_constants), "sid", sizeof("sid")); + zend_hash_str_del(EG(zend_constants), "sid", sizeof("sid") - 1); if (PS(define_sid)) { smart_str var = {0}; smart_str_appends(&var, PS(session_name)); smart_str_appendc(&var, '='); - smart_str_appends(&var, PS(id)); + smart_str_appends(&var, PS(id)->val); smart_str_0(&var); - REGISTER_STRINGL_CONSTANT("SID", var.c, var.len, 0); + REGISTER_STRINGL_CONSTANT("SID", var.s->val, var.s->len, 0); + smart_str_free(&var); } else { - REGISTER_STRINGL_CONSTANT("SID", STR_EMPTY_ALLOC(), 0, 0); + REGISTER_STRINGL_CONSTANT("SID", "", 0, 0); } if (PS(apply_trans_sid)) { php_url_scanner_reset_vars(TSRMLS_C); - php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), PS(id), strlen(PS(id)), 1 TSRMLS_CC); + php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), PS(id)->val, PS(id)->len, 1 TSRMLS_CC); } } /* }}} */ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ { - zval **ppid; - zval **data; + zval *ppid; + zval *data; char *p, *value; int nrand; int lensess; @@ -1456,7 +1477,7 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ break; case php_session_disabled: - value = zend_ini_string("session.save_handler", sizeof("session.save_handler"), 0); + value = zend_ini_string("session.save_handler", sizeof("session.save_handler") - 1, 0); if (!PS(mod) && value) { PS(mod) = _php_find_ps_module(value TSRMLS_CC); if (!PS(mod)) { @@ -1464,7 +1485,7 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ return; } } - value = zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler"), 0); + value = zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler") - 1, 0); if (!PS(serializer) && value) { PS(serializer) = _php_find_ps_serializer(value TSRMLS_CC); if (!PS(serializer)) { @@ -1487,32 +1508,29 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ * cookie and get variables will be available. */ if (!PS(id)) { - if (PS(use_cookies) && zend_hash_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE"), (void **) &data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY && - zend_hash_find(Z_ARRVAL_PP(data), PS(session_name), lensess + 1, (void **) &ppid) == SUCCESS + if (PS(use_cookies) && (data = zend_hash_str_find(&EG(symbol_table).ht, "_COOKIE", sizeof("_COOKIE") - 1)) && + Z_TYPE_P(data) == IS_ARRAY && + (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), lensess)) ) { - PPID2SID; + ppid2sid(ppid TSRMLS_CC); PS(apply_trans_sid) = 0; - PS(send_cookie) = 0; PS(define_sid) = 0; } if (!PS(use_only_cookies) && !PS(id) && - zend_hash_find(&EG(symbol_table), "_GET", sizeof("_GET"), (void **) &data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY && - zend_hash_find(Z_ARRVAL_PP(data), PS(session_name), lensess + 1, (void **) &ppid) == SUCCESS + (data = zend_hash_str_find(&EG(symbol_table).ht, "_GET", sizeof("_GET") - 1)) && + Z_TYPE_P(data) == IS_ARRAY && + (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), lensess)) ) { - PPID2SID; - PS(send_cookie) = 0; + ppid2sid(ppid TSRMLS_CC); } if (!PS(use_only_cookies) && !PS(id) && - zend_hash_find(&EG(symbol_table), "_POST", sizeof("_POST"), (void **) &data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY && - zend_hash_find(Z_ARRVAL_PP(data), PS(session_name), lensess + 1, (void **) &ppid) == SUCCESS + (data = zend_hash_str_find(&EG(symbol_table).ht, "_POST", sizeof("_POST") - 1)) && + Z_TYPE_P(data) == IS_ARRAY && + (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), lensess)) ) { - PPID2SID; - PS(send_cookie) = 0; + ppid2sid(ppid TSRMLS_CC); } } @@ -1520,17 +1538,17 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ * '<session-name>=<session-id>' to allow URLs of the form * http://yoursite/<session-name>=<session-id>/script.php */ - if (!PS(use_only_cookies) && !PS(id) && PG(http_globals)[TRACK_VARS_SERVER] && - zend_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "REQUEST_URI", sizeof("REQUEST_URI"), (void **) &data) == SUCCESS && - Z_TYPE_PP(data) == IS_STRING && - (p = strstr(Z_STRVAL_PP(data), PS(session_name))) && + if (!PS(use_only_cookies) && !PS(id) && !Z_ISUNDEF(PG(http_globals)[TRACK_VARS_SERVER]) && + (data = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), "REQUEST_URI", sizeof("REQUEST_URI") - 1)) && + Z_TYPE_P(data) == IS_STRING && + (p = strstr(Z_STRVAL_P(data), PS(session_name))) && p[lensess] == '=' ) { char *q; p += lensess + 1; if ((q = strpbrk(p, "/?\\"))) { - PS(id) = estrndup(p, q - p); + PS(id) = zend_string_init(p, q - p, 0); PS(send_cookie) = 0; } } @@ -1540,13 +1558,13 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ if (PS(id) && PS(extern_referer_chk)[0] != '\0' && - PG(http_globals)[TRACK_VARS_SERVER] && - zend_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "HTTP_REFERER", sizeof("HTTP_REFERER"), (void **) &data) == SUCCESS && - Z_TYPE_PP(data) == IS_STRING && - Z_STRLEN_PP(data) != 0 && - strstr(Z_STRVAL_PP(data), PS(extern_referer_chk)) == NULL + !Z_ISUNDEF(PG(http_globals)[TRACK_VARS_SERVER]) && + (data = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), "HTTP_REFERER", sizeof("HTTP_REFERER") - 1)) && + Z_TYPE_P(data) == IS_STRING && + Z_STRLEN_P(data) != 0 && + strstr(Z_STRVAL_P(data), PS(extern_referer_chk)) == NULL ) { - efree(PS(id)); + zend_string_release(PS(id)); PS(id) = NULL; PS(send_cookie) = 1; if (PS(use_trans_sid) && !PS(use_only_cookies)) { @@ -1554,10 +1572,10 @@ PHPAPI void php_session_start(TSRMLS_D) /* {{{ */ } } - /* Finally check session id for dangarous characters + /* Finally check session id for dangerous characters * Security note: session id may be embedded in HTML pages.*/ - if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) { - efree(PS(id)); + if (PS(id) && strpbrk(PS(id)->val, "\r\n\t <>'\"\\")) { + zend_string_release(PS(id)); PS(id) = NULL; } @@ -1612,7 +1630,7 @@ static void php_session_reset(TSRMLS_D) /* {{{ */ PHPAPI void session_adapt_url(const char *url, size_t urllen, char **new, size_t *newlen TSRMLS_DC) /* {{{ */ { if (PS(apply_trans_sid) && (PS(session_status) == php_session_active)) { - *new = php_url_scanner_adapt_single_url(url, urllen, PS(session_name), PS(id), newlen TSRMLS_CC); + *new = php_url_scanner_adapt_single_url(url, urllen, PS(session_name), PS(id)->val, newlen TSRMLS_CC); } } /* }}} */ @@ -1625,32 +1643,43 @@ PHPAPI void session_adapt_url(const char *url, size_t urllen, char **new, size_t Set session cookie parameters */ static PHP_FUNCTION(session_set_cookie_params) { - zval **lifetime = NULL; - char *path = NULL, *domain = NULL; - int path_len, domain_len, argc = ZEND_NUM_ARGS(); + zval *lifetime; + zend_string *path = NULL, *domain = NULL; + int argc = ZEND_NUM_ARGS(); zend_bool secure = 0, httponly = 0; + zend_string *ini_name; if (!PS(use_cookies) || - zend_parse_parameters(argc TSRMLS_CC, "Z|ssbb", &lifetime, &path, &path_len, &domain, &domain_len, &secure, &httponly) == FAILURE) { + zend_parse_parameters(argc TSRMLS_CC, "z|SSbb", &lifetime, &path, &domain, &secure, &httponly) == FAILURE) { return; } convert_to_string_ex(lifetime); - zend_alter_ini_entry("session.cookie_lifetime", sizeof("session.cookie_lifetime"), Z_STRVAL_PP(lifetime), Z_STRLEN_PP(lifetime), PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cookie_lifetime", sizeof("session.cookie_lifetime") - 1, 0); + zend_alter_ini_entry(ini_name, Z_STR_P(lifetime), PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); if (path) { - zend_alter_ini_entry("session.cookie_path", sizeof("session.cookie_path"), path, path_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cookie_path", sizeof("session.cookie_path") - 1, 0); + zend_alter_ini_entry(ini_name, path, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } if (domain) { - zend_alter_ini_entry("session.cookie_domain", sizeof("session.cookie_domain"), domain, domain_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cookie_domain", sizeof("session.cookie_domain") - 1, 0); + zend_alter_ini_entry(ini_name, domain, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } if (argc > 3) { - zend_alter_ini_entry("session.cookie_secure", sizeof("session.cookie_secure"), secure ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cookie_secure", sizeof("session.cookie_secure") - 1, 0); + zend_alter_ini_entry_chars(ini_name, secure ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } if (argc > 4) { - zend_alter_ini_entry("session.cookie_httponly", sizeof("session.cookie_httponly"), httponly ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cookie_httponly", sizeof("session.cookie_httponly") - 1, 0); + zend_alter_ini_entry_chars(ini_name, httponly ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -1666,8 +1695,8 @@ static PHP_FUNCTION(session_get_cookie_params) array_init(return_value); add_assoc_long(return_value, "lifetime", PS(cookie_lifetime)); - add_assoc_string(return_value, "path", PS(cookie_path), 1); - add_assoc_string(return_value, "domain", PS(cookie_domain), 1); + add_assoc_string(return_value, "path", PS(cookie_path)); + add_assoc_string(return_value, "domain", PS(cookie_domain)); add_assoc_bool(return_value, "secure", PS(cookie_secure)); add_assoc_bool(return_value, "httponly", PS(cookie_httponly)); } @@ -1677,17 +1706,19 @@ static PHP_FUNCTION(session_get_cookie_params) Return the current session name. If newname is given, the session name is replaced with newname */ static PHP_FUNCTION(session_name) { - char *name = NULL; - int name_len; + zend_string *name = NULL; + zend_string *ini_name; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &name, &name_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|S", &name) == FAILURE) { return; } - RETVAL_STRING(PS(session_name), 1); + RETVAL_STRING(PS(session_name)); if (name) { - zend_alter_ini_entry("session.name", sizeof("session.name"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.name", sizeof("session.name") - 1, 0); + zend_alter_ini_entry(ini_name, name, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -1696,23 +1727,23 @@ static PHP_FUNCTION(session_name) Return the current module name used for accessing session data. If newname is given, the module name is replaced with newname */ static PHP_FUNCTION(session_module_name) { - char *name = NULL; - int name_len; + zend_string *name = NULL; + zend_string *ini_name; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &name, &name_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|S", &name) == FAILURE) { return; } /* Set return_value to current module name */ if (PS(mod) && PS(mod)->s_name) { - RETVAL_STRING(safe_estrdup(PS(mod)->s_name), 0); + RETVAL_STRING(PS(mod)->s_name); } else { RETVAL_EMPTY_STRING(); } if (name) { - if (!_php_find_ps_module(name TSRMLS_CC)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find named PHP session module (%s)", name); + if (!_php_find_ps_module(name->val TSRMLS_CC)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find named PHP session module (%s)", name->val); zval_dtor(return_value); RETURN_FALSE; @@ -1722,32 +1753,9 @@ static PHP_FUNCTION(session_module_name) } PS(mod_data) = NULL; - zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); - } -} -/* }}} */ - -/* {{{ proto mixed session_serializer_name([string newname]) - Return the current serializer name used for encode/decode session data. If newname is given, the serialzer name is replaced with newname and return bool */ -static PHP_FUNCTION(session_serializer_name) -{ - char *name = NULL; - int name_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &name, &name_len) == FAILURE) { - return; - } - - /* Return serializer name */ - if (!name) { - RETURN_STRING(zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler"), 0), 1); - } - - /* Set serializer name */ - if (zend_alter_ini_entry("session.serialize_handler", sizeof("session.serialize_handler"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME) == SUCCESS) { - RETURN_TRUE; - } else { - RETURN_FALSE; + ini_name = zend_string_init("session.save_handler", sizeof("session.save_handler") - 1, 0); + zend_alter_ini_entry(ini_name, name, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -1756,22 +1764,19 @@ static PHP_FUNCTION(session_serializer_name) Sets user-level functions */ static PHP_FUNCTION(session_set_save_handler) { - zval ***args = NULL; + zval *args = NULL; int i, num_args, argc = ZEND_NUM_ARGS(); - char *name; + zend_string *name; + zend_string *ini_name, *ini_val; if (PS(session_status) != php_session_none) { RETURN_FALSE; } if (argc > 0 && argc <= 2) { - zval *obj = NULL, *callback = NULL; - zend_uint func_name_len; - char *func_name; - HashPosition pos; - zend_function *default_mptr, *current_mptr; - ulong func_index; - php_shutdown_function_entry shutdown_function_entry; + zval *obj = NULL; + zend_string *func_name; + zend_function *current_mptr; zend_bool register_shutdown = 1; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "O|b", &obj, php_session_iface_entry, ®ister_shutdown) == FAILURE) { @@ -1779,76 +1784,67 @@ static PHP_FUNCTION(session_set_save_handler) } /* Find implemented methods - SessionHandlerInterface */ - zend_hash_internal_pointer_reset_ex(&php_session_iface_entry->function_table, &pos); i = 0; - while (zend_hash_get_current_data_ex(&php_session_iface_entry->function_table, (void **) &default_mptr, &pos) == SUCCESS) { - zend_hash_get_current_key_ex(&php_session_iface_entry->function_table, &func_name, &func_name_len, &func_index, 0, &pos); - - if (zend_hash_find(&Z_OBJCE_P(obj)->function_table, func_name, func_name_len, (void **)¤t_mptr) == SUCCESS) { - if (PS(mod_user_names).names[i] != NULL) { + ZEND_HASH_FOREACH_STR_KEY(&php_session_iface_entry->function_table, func_name) { + if ((current_mptr = zend_hash_find_ptr(&Z_OBJCE_P(obj)->function_table, func_name))) { + if (!Z_ISUNDEF(PS(mod_user_names).names[i])) { zval_ptr_dtor(&PS(mod_user_names).names[i]); } - MAKE_STD_ZVAL(callback); - array_init_size(callback, 2); + array_init_size(&PS(mod_user_names).names[i], 2); Z_ADDREF_P(obj); - add_next_index_zval(callback, obj); - add_next_index_stringl(callback, func_name, func_name_len - 1, 1); - PS(mod_user_names).names[i] = callback; + add_next_index_zval(&PS(mod_user_names).names[i], obj); + add_next_index_str(&PS(mod_user_names).names[i], zend_string_copy(func_name)); } else { php_error_docref(NULL TSRMLS_CC, E_ERROR, "Session handler's function table is corrupt"); RETURN_FALSE; } - zend_hash_move_forward_ex(&php_session_iface_entry->function_table, &pos); ++i; - } + } ZEND_HASH_FOREACH_END(); /* Find implemented methods - SessionIdInterface (optional) */ - zend_hash_internal_pointer_reset_ex(&php_session_id_iface_entry->function_table, &pos); - while (zend_hash_get_current_data_ex(&php_session_id_iface_entry->function_table, (void **) &default_mptr, &pos) == SUCCESS) { - zend_hash_get_current_key_ex(&php_session_id_iface_entry->function_table, &func_name, &func_name_len, &func_index, 0, &pos); - - if (zend_hash_find(&Z_OBJCE_P(obj)->function_table, func_name, func_name_len, (void **)¤t_mptr) == SUCCESS) { - if (PS(mod_user_names).names[i] != NULL) { + ZEND_HASH_FOREACH_STR_KEY(&php_session_id_iface_entry->function_table, func_name) { + if ((current_mptr = zend_hash_find_ptr(&Z_OBJCE_P(obj)->function_table, func_name))) { + if (!Z_ISUNDEF(PS(mod_user_names).names[i])) { zval_ptr_dtor(&PS(mod_user_names).names[i]); } - MAKE_STD_ZVAL(callback); - array_init_size(callback, 2); + array_init_size(&PS(mod_user_names).names[i], 2); Z_ADDREF_P(obj); - add_next_index_zval(callback, obj); - add_next_index_stringl(callback, func_name, func_name_len - 1, 1); - PS(mod_user_names).names[i] = callback; + add_next_index_zval(&PS(mod_user_names).names[i], obj); + add_next_index_str(&PS(mod_user_names).names[i], zend_string_copy(func_name)); } - zend_hash_move_forward_ex(&php_session_id_iface_entry->function_table, &pos); ++i; - } + } ZEND_HASH_FOREACH_END(); if (register_shutdown) { /* create shutdown function */ + php_shutdown_function_entry shutdown_function_entry; shutdown_function_entry.arg_count = 1; - shutdown_function_entry.arguments = (zval **) safe_emalloc(sizeof(zval *), 1, 0); + shutdown_function_entry.arguments = (zval *) safe_emalloc(sizeof(zval), 1, 0); - MAKE_STD_ZVAL(callback); - ZVAL_STRING(callback, "session_register_shutdown", 1); - shutdown_function_entry.arguments[0] = callback; + ZVAL_STRING(&shutdown_function_entry.arguments[0], "session_register_shutdown"); /* add shutdown function, removing the old one if it exists */ - if (!register_user_shutdown_function("session_shutdown", sizeof("session_shutdown"), &shutdown_function_entry TSRMLS_CC)) { - zval_ptr_dtor(&callback); + if (!register_user_shutdown_function("session_shutdown", sizeof("session_shutdown") - 1, &shutdown_function_entry TSRMLS_CC)) { + zval_ptr_dtor(&shutdown_function_entry.arguments[0]); efree(shutdown_function_entry.arguments); php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to register session shutdown function"); RETURN_FALSE; } } else { /* remove shutdown function */ - remove_user_shutdown_function("session_shutdown", sizeof("session_shutdown") TSRMLS_CC); + remove_user_shutdown_function("session_shutdown", sizeof("session_shutdown") - 1 TSRMLS_CC); } if (PS(mod) && PS(session_status) == php_session_none && PS(mod) != &ps_mod_user) { - zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), "user", sizeof("user")-1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.save_handler", sizeof("session.save_handler") - 1, 0); + ini_val = zend_string_init("user", sizeof("user") - 1, 0); + zend_alter_ini_entry(ini_name, ini_val, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_val); + zend_string_release(ini_name); } RETURN_TRUE; @@ -1863,32 +1859,33 @@ static PHP_FUNCTION(session_set_save_handler) } /* remove shutdown function */ - remove_user_shutdown_function("session_shutdown", sizeof("session_shutdown") TSRMLS_CC); + remove_user_shutdown_function("session_shutdown", sizeof("session_shutdown") - 1 TSRMLS_CC); /* at this point argc can only be 6 or 7 */ for (i = 0; i < argc; i++) { - if (!zend_is_callable(*args[i], 0, &name TSRMLS_CC)) { - efree(args); + if (!zend_is_callable(&args[i], 0, &name TSRMLS_CC)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Argument %d is not a valid callback", i+1); - efree(name); + zend_string_release(name); RETURN_FALSE; } - efree(name); + zend_string_release(name); } if (PS(mod) && PS(mod) != &ps_mod_user) { - zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), "user", sizeof("user")-1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.save_handler", sizeof("session.save_handler") - 1, 0); + ini_val = zend_string_init("user", sizeof("user") - 1, 0); + zend_alter_ini_entry(ini_name, ini_val, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_val); + zend_string_release(ini_name); } for (i = 0; i < argc; i++) { - if (PS(mod_user_names).names[i] != NULL) { + if (!Z_ISUNDEF(PS(mod_user_names).names[i])) { zval_ptr_dtor(&PS(mod_user_names).names[i]); } - Z_ADDREF_PP(args[i]); - PS(mod_user_names).names[i] = *args[i]; + ZVAL_COPY(&PS(mod_user_names).names[i], &args[i]); } - efree(args); RETURN_TRUE; } /* }}} */ @@ -1897,22 +1894,24 @@ static PHP_FUNCTION(session_set_save_handler) Return the current save path passed to module_name. If newname is given, the save path is replaced with newname */ static PHP_FUNCTION(session_save_path) { - char *name = NULL; - int name_len; + zend_string *name = NULL; + zend_string *ini_name; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &name, &name_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|S", &name) == FAILURE) { return; } - RETVAL_STRING(PS(save_path), 1); + RETVAL_STRING(PS(save_path)); if (name) { - if (memchr(name, '\0', name_len) != NULL) { + if (memchr(name->val, '\0', name->len) != NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "The save_path cannot contain NULL characters"); zval_dtor(return_value); RETURN_FALSE; } - zend_alter_ini_entry("session.save_path", sizeof("session.save_path"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.save_path", sizeof("session.save_path") - 1, 0); + zend_alter_ini_entry(ini_name, name, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -1921,24 +1920,31 @@ static PHP_FUNCTION(session_save_path) Return the current session id. If newid is given, the session id is replaced with newid */ static PHP_FUNCTION(session_id) { - char *name = NULL; - int name_len, argc = ZEND_NUM_ARGS(); + zend_string *name = NULL; + int argc = ZEND_NUM_ARGS(); - if (zend_parse_parameters(argc TSRMLS_CC, "|s", &name, &name_len) == FAILURE) { + if (zend_parse_parameters(argc TSRMLS_CC, "|S", &name) == FAILURE) { return; } if (PS(id)) { - RETVAL_STRING(PS(id), 1); + /* keep compatibility for "\0" characters ??? + * see: ext/session/tests/session_id_error3.phpt */ + int len = strlen(PS(id)->val); + if (UNEXPECTED(len != PS(id)->len)) { + RETVAL_STR(zend_string_init(PS(id)->val, len, 0)); + } else { + RETVAL_STR(zend_string_copy(PS(id))); + } } else { RETVAL_EMPTY_STRING(); } if (name) { if (PS(id)) { - efree(PS(id)); + zend_string_release(PS(id)); } - PS(id) = estrndup(name, name_len); + PS(id) = zend_string_copy(name); } } /* }}} */ @@ -1964,11 +1970,11 @@ static PHP_FUNCTION(session_regenerate_id) php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session object destruction failed"); RETURN_FALSE; } - efree(PS(id)); - PS(id) = NULL; + zend_string_release(PS(id)); + memset(PS(session_data_hash),'\0', 16); } - PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC); + PS(id) = PS(mod)->s_create_sid(&PS(mod_data) TSRMLS_CC); if (PS(id)) { PS(send_cookie) = 1; php_session_reset_id(TSRMLS_C); @@ -1985,17 +1991,19 @@ static PHP_FUNCTION(session_regenerate_id) Return the current cache limiter. If new_cache_limited is given, the current cache_limiter is replaced with new_cache_limiter */ static PHP_FUNCTION(session_cache_limiter) { - char *limiter = NULL; - int limiter_len; + zend_string *limiter = NULL; + zend_string *ini_name; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &limiter, &limiter_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|S", &limiter) == FAILURE) { return; } - RETVAL_STRING(PS(cache_limiter), 1); + RETVAL_STRING(PS(cache_limiter)); if (limiter) { - zend_alter_ini_entry("session.cache_limiter", sizeof("session.cache_limiter"), limiter, limiter_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cache_limiter", sizeof("session.cache_limiter") - 1, 0); + zend_alter_ini_entry(ini_name, limiter, PHP_INI_USER, PHP_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -2004,18 +2012,20 @@ static PHP_FUNCTION(session_cache_limiter) Return the current cache expire. If new_cache_expire is given, the current cache_expire is replaced with new_cache_expire */ static PHP_FUNCTION(session_cache_expire) { - zval **expires = NULL; - int argc = ZEND_NUM_ARGS(); + zval *expires = NULL; + zend_string *ini_name; - if (zend_parse_parameters(argc TSRMLS_CC, "|Z", &expires) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|z", &expires) == FAILURE) { return; } RETVAL_LONG(PS(cache_expire)); - if (argc == 1) { + if (expires) { convert_to_string_ex(expires); - zend_alter_ini_entry("session.cache_expire", sizeof("session.cache_expire"), Z_STRVAL_PP(expires), Z_STRLEN_PP(expires), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); + ini_name = zend_string_init("session.cache_expire", sizeof("session.cache_expire") - 1, 0); + zend_alter_ini_entry(ini_name, Z_STR_P(expires), ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME); + zend_string_release(ini_name); } } /* }}} */ @@ -2024,19 +2034,18 @@ static PHP_FUNCTION(session_cache_expire) Serializes the current setup and returns the serialized representation */ static PHP_FUNCTION(session_encode) { - int len; - char *enc; + zend_string *enc; if (zend_parse_parameters_none() == FAILURE) { return; } - enc = php_session_encode(&len TSRMLS_CC); + enc = php_session_encode(TSRMLS_C); if (enc == NULL) { RETURN_FALSE; } - RETVAL_STRINGL(enc, len, 0); + RETURN_STR(enc); } /* }}} */ @@ -2045,7 +2054,7 @@ static PHP_FUNCTION(session_encode) static PHP_FUNCTION(session_decode) { char *str; - int str_len; + size_t str_len; if (PS(session_status) == php_session_none) { RETURN_FALSE; @@ -2096,10 +2105,7 @@ static PHP_FUNCTION(session_unset) } IF_SESSION_VARS() { - HashTable *ht_sess_var; - - SEPARATE_ZVAL_IF_NOT_REF(&PS(http_session_vars)); - ht_sess_var = Z_ARRVAL_P(PS(http_session_vars)); + HashTable *ht_sess_var = Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))); /* Clean $_SESSION. */ zend_hash_clean(ht_sess_var); @@ -2143,45 +2149,11 @@ static PHP_FUNCTION(session_status) } /* }}} */ -/* {{{ proto int session_gc([int maxlifetime]) - Execute garbage collection returns number of deleted data */ -static PHP_FUNCTION(session_gc) -{ - int nrdels = -1; - long maxlifetime = PS(gc_maxlifetime); - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|l", &maxlifetime) == FAILURE) { - return; - } - - /* Session must be active to have PS(mod) */ - if (PS(session_status) != php_session_active) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Trying to garbage collect without active session"); - RETURN_FALSE; - } - - if (!PS(mod) || !PS(mod)->s_gc) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session save handler does not have gc()"); - RETURN_FALSE; - } - PS(mod)->s_gc(&PS(mod_data), maxlifetime, &nrdels TSRMLS_CC); - - if (nrdels < 0) { - /* Files save handler return -1 if there is not a permission to remove. - Save handlder should return negative nrdels when something wrong. */ - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session gc failed. Check permission or session storage"); - RETURN_FALSE; - } - RETURN_LONG((long)nrdels); -} -/* }}} */ - /* {{{ proto void session_register_shutdown(void) Registers session_write_close() as a shutdown function */ static PHP_FUNCTION(session_register_shutdown) { php_shutdown_function_entry shutdown_function_entry; - zval *callback; /* This function is registered itself as a shutdown function by * session_set_save_handler($obj). The reason we now register another @@ -2191,14 +2163,12 @@ static PHP_FUNCTION(session_register_shutdown) */ shutdown_function_entry.arg_count = 1; - shutdown_function_entry.arguments = (zval **) safe_emalloc(sizeof(zval *), 1, 0); + shutdown_function_entry.arguments = (zval *) safe_emalloc(sizeof(zval), 1, 0); - MAKE_STD_ZVAL(callback); - ZVAL_STRING(callback, "session_write_close", 1); - shutdown_function_entry.arguments[0] = callback; + ZVAL_STRING(&shutdown_function_entry.arguments[0], "session_write_close"); if (!append_user_shutdown_function(shutdown_function_entry TSRMLS_CC)) { - zval_ptr_dtor(&callback); + zval_ptr_dtor(&shutdown_function_entry.arguments[0]); efree(shutdown_function_entry.arguments); /* Unable to register shutdown function, presumably because of lack @@ -2222,10 +2192,6 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_session_module_name, 0, 0, 0) ZEND_ARG_INFO(0, module) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO_EX(arginfo_session_serializer_name, 0, 0, 0) - ZEND_ARG_INFO(0, module) -ZEND_END_ARG_INFO() - ZEND_BEGIN_ARG_INFO_EX(arginfo_session_save_path, 0, 0, 0) ZEND_ARG_INFO(0, path) ZEND_END_ARG_INFO() @@ -2271,10 +2237,6 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_session_set_cookie_params, 0, 0, 1) ZEND_ARG_INFO(0, httponly) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO(arginfo_session_gc, 0) - ZEND_ARG_INFO(0, maxlifetime) -ZEND_END_ARG_INFO() - ZEND_BEGIN_ARG_INFO(arginfo_session_class_open, 0) ZEND_ARG_INFO(0, save_path) ZEND_ARG_INFO(0, session_name) @@ -2309,7 +2271,6 @@ ZEND_END_ARG_INFO() static const zend_function_entry session_functions[] = { PHP_FE(session_name, arginfo_session_name) PHP_FE(session_module_name, arginfo_session_module_name) - PHP_FE(session_serializer_name, arginfo_session_serializer_name) PHP_FE(session_save_path, arginfo_session_save_path) PHP_FE(session_id, arginfo_session_id) PHP_FE(session_regenerate_id, arginfo_session_regenerate_id) @@ -2327,7 +2288,6 @@ static const zend_function_entry session_functions[] = { PHP_FE(session_abort, arginfo_session_void) PHP_FE(session_reset, arginfo_session_void) PHP_FE(session_status, arginfo_session_void) - PHP_FE(session_gc, arginfo_session_gc) PHP_FE(session_register_shutdown, arginfo_session_void) PHP_FALIAS(session_commit, session_write_close, arginfo_session_void) PHP_FE_END @@ -2380,7 +2340,7 @@ static int php_rinit_session(zend_bool auto_start TSRMLS_DC) /* {{{ */ if (PS(mod) == NULL) { char *value; - value = zend_ini_string("session.save_handler", sizeof("session.save_handler"), 0); + value = zend_ini_string("session.save_handler", sizeof("session.save_handler") - 1, 0); if (value) { PS(mod) = _php_find_ps_module(value TSRMLS_CC); } @@ -2389,7 +2349,7 @@ static int php_rinit_session(zend_bool auto_start TSRMLS_DC) /* {{{ */ if (PS(serializer) == NULL) { char *value; - value = zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler"), 0); + value = zend_ini_string("session.serialize_handler", sizeof("session.serialize_handler") - 1, 0); if (value) { PS(serializer) = _php_find_ps_serializer(value TSRMLS_CC); } @@ -2425,9 +2385,9 @@ static PHP_RSHUTDOWN_FUNCTION(session) /* {{{ */ /* this should NOT be done in php_rshutdown_session_globals() */ for (i = 0; i < 7; i++) { - if (PS(mod_user_names).names[i] != NULL) { + if (!Z_ISUNDEF(PS(mod_user_names).names[i])) { zval_ptr_dtor(&PS(mod_user_names).names[i]); - PS(mod_user_names).names[i] = NULL; + ZVAL_UNDEF(&PS(mod_user_names).names[i]); } } @@ -2450,9 +2410,9 @@ static PHP_GINIT_FUNCTION(ps) /* {{{ */ ps_globals->mod_user_implemented = 0; ps_globals->mod_user_is_open = 0; for (i = 0; i < 7; i++) { - ps_globals->mod_user_names.names[i] = NULL; + ZVAL_UNDEF(&ps_globals->mod_user_names.names[i]); } - ps_globals->http_session_vars = NULL; + ZVAL_UNDEF(&ps_globals->http_session_vars); } /* }}} */ @@ -2460,7 +2420,7 @@ static PHP_MINIT_FUNCTION(session) /* {{{ */ { zend_class_entry ce; - zend_register_auto_global("_SESSION", sizeof("_SESSION")-1, 0, NULL TSRMLS_CC); + zend_register_auto_global(zend_string_init("_SESSION", sizeof("_SESSION") - 1, 1), 0, NULL TSRMLS_CC); PS(module_number) = module_number; /* if we really need this var we need to init it in zts mode as well! */ @@ -2544,17 +2504,17 @@ static PHP_MINFO_FUNCTION(session) /* {{{ */ php_info_print_table_start(); php_info_print_table_row(2, "Session Support", "enabled" ); - if (save_handlers.c) { + if (save_handlers.s) { smart_str_0(&save_handlers); - php_info_print_table_row(2, "Registered save handlers", save_handlers.c); + php_info_print_table_row(2, "Registered save handlers", save_handlers.s->val); smart_str_free(&save_handlers); } else { php_info_print_table_row(2, "Registered save handlers", "none"); } - if (ser_handlers.c) { + if (ser_handlers.s) { smart_str_0(&ser_handlers); - php_info_print_table_row(2, "Registered serializer handlers", ser_handlers.c); + php_info_print_table_row(2, "Registered serializer handlers", ser_handlers.s->val); smart_str_free(&ser_handlers); } else { php_info_print_table_row(2, "Registered serializer handlers", "none"); @@ -2579,16 +2539,16 @@ static const zend_module_dep session_deps[] = { /* {{{ */ static zend_bool early_find_sid_in(zval *dest, int where, php_session_rfc1867_progress *progress TSRMLS_DC) /* {{{ */ { - zval **ppid; + zval *ppid; - if (!PG(http_globals)[where]) { + if (Z_ISUNDEF(PG(http_globals)[where])) { return 0; } - if (zend_hash_find(Z_ARRVAL_P(PG(http_globals)[where]), PS(session_name), progress->sname_len+1, (void **)&ppid) == SUCCESS - && Z_TYPE_PP(ppid) == IS_STRING) { + if ((ppid = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[where]), PS(session_name), progress->sname_len)) + && Z_TYPE_P(ppid) == IS_STRING) { zval_dtor(dest); - ZVAL_ZVAL(dest, *ppid, 1, 0); + ZVAL_ZVAL(dest, ppid, 1, 0); return 1; } @@ -2614,18 +2574,18 @@ static void php_session_rfc1867_early_find_sid(php_session_rfc1867_progress *pro static zend_bool php_check_cancel_upload(php_session_rfc1867_progress *progress TSRMLS_DC) /* {{{ */ { - zval **progress_ary, **cancel_upload; + zval *progress_ary, *cancel_upload; - if (zend_symtable_find(Z_ARRVAL_P(PS(http_session_vars)), progress->key.c, progress->key.len+1, (void**)&progress_ary) != SUCCESS) { + if ((progress_ary = zend_symtable_find(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), progress->key.s)) == NULL) { return 0; } - if (Z_TYPE_PP(progress_ary) != IS_ARRAY) { + if (Z_TYPE_P(progress_ary) != IS_ARRAY) { return 0; } - if (zend_hash_find(Z_ARRVAL_PP(progress_ary), "cancel_upload", sizeof("cancel_upload"), (void**)&cancel_upload) != SUCCESS) { + if ((cancel_upload = zend_hash_str_find(Z_ARRVAL_P(progress_ary), "cancel_upload", sizeof("cancel_upload") - 1)) == NULL) { return 0; } - return Z_TYPE_PP(cancel_upload) == IS_BOOL && Z_LVAL_PP(cancel_upload); + return Z_TYPE_P(cancel_upload) == IS_TRUE; } /* }}} */ static void php_session_rfc1867_update(php_session_rfc1867_progress *progress, int force_update TSRMLS_DC) /* {{{ */ @@ -2653,7 +2613,8 @@ static void php_session_rfc1867_update(php_session_rfc1867_progress *progress, i PS(session_status) = php_session_active; IF_SESSION_VARS() { progress->cancel_upload |= php_check_cancel_upload(progress TSRMLS_CC); - ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), progress->key.c, progress->key.len+1, progress->data, 2, 0); + if (Z_REFCOUNTED(progress->data)) Z_ADDREF(progress->data); + zend_hash_update(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), progress->key.s, &progress->data); } php_session_flush(TSRMLS_C); } /* }}} */ @@ -2663,7 +2624,7 @@ static void php_session_rfc1867_cleanup(php_session_rfc1867_progress *progress T php_session_initialize(TSRMLS_C); PS(session_status) = php_session_active; IF_SESSION_VARS() { - zend_hash_del(Z_ARRVAL_P(PS(http_session_vars)), progress->key.c, progress->key.len+1); + zend_hash_del(Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))), progress->key.s); } php_session_flush(TSRMLS_C); } /* }}} */ @@ -2695,7 +2656,7 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo multipart_event_formdata *data = (multipart_event_formdata *) event_data; size_t value_len; - if (Z_TYPE(progress->sid) && progress->key.c) { + if (Z_TYPE(progress->sid) && progress->key.s) { break; } @@ -2711,11 +2672,10 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo if (name_len == progress->sname_len && memcmp(data->name, PS(session_name), name_len) == 0) { zval_dtor(&progress->sid); - ZVAL_STRINGL(&progress->sid, (*data->value), value_len, 1); - - } else if (name_len == PS(rfc1867_name).len && memcmp(data->name, PS(rfc1867_name).c, name_len) == 0) { + ZVAL_STRINGL(&progress->sid, (*data->value), value_len); + } else if (memcmp(data->name, PS(rfc1867_name), name_len + 1) == 0) { smart_str_free(&progress->key); - smart_str_appendl(&progress->key, PS(rfc1867_prefix).c, PS(rfc1867_prefix).len); + smart_str_appends(&progress->key, PS(rfc1867_prefix)); smart_str_appendl(&progress->key, *data->value, value_len); smart_str_0(&progress->key); @@ -2730,12 +2690,12 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo /* Do nothing when $_POST["PHP_SESSION_UPLOAD_PROGRESS"] is not set * or when we have no session id */ - if (!Z_TYPE(progress->sid) || !progress->key.c) { + if (!Z_TYPE(progress->sid) || !progress->key.s) { break; } /* First FILE_START event, initializing data */ - if (!progress->data) { + if (Z_ISUNDEF(progress->data)) { if (PS(rfc1867_freq) >= 0) { progress->update_step = PS(rfc1867_freq); @@ -2745,54 +2705,47 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo progress->next_update = 0; progress->next_update_time = 0.0; - ALLOC_INIT_ZVAL(progress->data); - array_init(progress->data); - - ALLOC_INIT_ZVAL(progress->post_bytes_processed); - ZVAL_LONG(progress->post_bytes_processed, data->post_bytes_processed); + array_init(&progress->data); + array_init(&progress->files); - ALLOC_INIT_ZVAL(progress->files); - array_init(progress->files); + add_assoc_long_ex(&progress->data, "start_time", sizeof("start_time") - 1, (zend_long)sapi_get_request_time(TSRMLS_C)); + add_assoc_long_ex(&progress->data, "content_length", sizeof("content_length") - 1, progress->content_length); + add_assoc_long_ex(&progress->data, "bytes_processed", sizeof("bytes_processed") - 1, data->post_bytes_processed); + add_assoc_bool_ex(&progress->data, "done", sizeof("done") - 1, 0); + add_assoc_zval_ex(&progress->data, "files", sizeof("files") - 1, &progress->files); - add_assoc_long_ex(progress->data, "start_time", sizeof("start_time"), (long)sapi_get_request_time(TSRMLS_C)); - add_assoc_long_ex(progress->data, "content_length", sizeof("content_length"), progress->content_length); - add_assoc_zval_ex(progress->data, "bytes_processed", sizeof("bytes_processed"), progress->post_bytes_processed); - add_assoc_bool_ex(progress->data, "done", sizeof("done"), 0); - add_assoc_zval_ex(progress->data, "files", sizeof("files"), progress->files); + progress->post_bytes_processed = zend_hash_str_find(Z_ARRVAL(progress->data), "bytes_processed", sizeof("bytes_processed") - 1); php_rinit_session(0 TSRMLS_CC); - PS(id) = estrndup(Z_STRVAL(progress->sid), Z_STRLEN(progress->sid)); + PS(id) = zend_string_init(Z_STRVAL(progress->sid), Z_STRLEN(progress->sid), 0); PS(apply_trans_sid) = progress->apply_trans_sid; PS(send_cookie) = 0; } - ALLOC_INIT_ZVAL(progress->current_file); - array_init(progress->current_file); - - ALLOC_INIT_ZVAL(progress->current_file_bytes_processed); - ZVAL_LONG(progress->current_file_bytes_processed, 0); + array_init(&progress->current_file); /* Each uploaded file has its own array. Trying to make it close to $_FILES entries. */ - add_assoc_string_ex(progress->current_file, "field_name", sizeof("field_name"), data->name, 1); - add_assoc_string_ex(progress->current_file, "name", sizeof("name"), *data->filename, 1); - add_assoc_null_ex(progress->current_file, "tmp_name", sizeof("tmp_name")); - add_assoc_long_ex(progress->current_file, "error", sizeof("error"), 0); + add_assoc_string_ex(&progress->current_file, "field_name", sizeof("field_name") - 1, data->name); + add_assoc_string_ex(&progress->current_file, "name", sizeof("name") - 1, *data->filename); + add_assoc_null_ex(&progress->current_file, "tmp_name", sizeof("tmp_name") - 1); + add_assoc_long_ex(&progress->current_file, "error", sizeof("error") - 1, 0); - add_assoc_bool_ex(progress->current_file, "done", sizeof("done"), 0); - add_assoc_long_ex(progress->current_file, "start_time", sizeof("start_time"), (long)time(NULL)); - add_assoc_zval_ex(progress->current_file, "bytes_processed", sizeof("bytes_processed"), progress->current_file_bytes_processed); + add_assoc_bool_ex(&progress->current_file, "done", sizeof("done") - 1, 0); + add_assoc_long_ex(&progress->current_file, "start_time", sizeof("start_time") - 1, (zend_long)time(NULL)); + add_assoc_long_ex(&progress->current_file, "bytes_processed", sizeof("bytes_processed") - 1, 0); - add_next_index_zval(progress->files, progress->current_file); + add_next_index_zval(&progress->files, &progress->current_file); - Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed; + progress->current_file_bytes_processed = zend_hash_str_find(Z_ARRVAL(progress->current_file), "bytes_processed", sizeof("bytes_processed") - 1); + Z_LVAL_P(progress->current_file_bytes_processed) = data->post_bytes_processed; php_session_rfc1867_update(progress, 0 TSRMLS_CC); } break; case MULTIPART_EVENT_FILE_DATA: { multipart_event_file_data *data = (multipart_event_file_data *) event_data; - if (!Z_TYPE(progress->sid) || !progress->key.c) { + if (!Z_TYPE(progress->sid) || !progress->key.s) { break; } @@ -2805,15 +2758,16 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo case MULTIPART_EVENT_FILE_END: { multipart_event_file_end *data = (multipart_event_file_end *) event_data; - if (!Z_TYPE(progress->sid) || !progress->key.c) { + if (!Z_TYPE(progress->sid) || !progress->key.s) { break; } if (data->temp_filename) { - add_assoc_string_ex(progress->current_file, "tmp_name", sizeof("tmp_name"), data->temp_filename, 1); + add_assoc_string_ex(&progress->current_file, "tmp_name", sizeof("tmp_name") - 1, data->temp_filename); } - add_assoc_long_ex(progress->current_file, "error", sizeof("error"), data->cancel_upload); - add_assoc_bool_ex(progress->current_file, "done", sizeof("done"), 1); + + add_assoc_long_ex(&progress->current_file, "error", sizeof("error") - 1, data->cancel_upload); + add_assoc_bool_ex(&progress->current_file, "done", sizeof("done") - 1, 1); Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed; @@ -2823,21 +2777,21 @@ static int php_session_rfc1867_callback(unsigned int event, void *event_data, vo case MULTIPART_EVENT_END: { multipart_event_end *data = (multipart_event_end *) event_data; - if (Z_TYPE(progress->sid) && progress->key.c) { + if (Z_TYPE(progress->sid) && progress->key.s) { if (PS(rfc1867_cleanup)) { php_session_rfc1867_cleanup(progress TSRMLS_CC); } else { - add_assoc_bool_ex(progress->data, "done", sizeof("done"), 1); + add_assoc_bool_ex(&progress->data, "done", sizeof("done") - 1, 1); Z_LVAL_P(progress->post_bytes_processed) = data->post_bytes_processed; php_session_rfc1867_update(progress, 1 TSRMLS_CC); } php_rshutdown_session_globals(TSRMLS_C); } - if (progress->data) { + if (!Z_ISUNDEF(progress->data)) { zval_ptr_dtor(&progress->data); } - zval_dtor(&progress->sid); + zval_ptr_dtor(&progress->sid); smart_str_free(&progress->key); efree(progress); progress = NULL; |