Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop code based on session.hash_bits_per_character #109

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Drop code based on session.hash_bits_per_character #109

wants to merge 2 commits into from

Conversation

gnutix
Copy link

@gnutix gnutix commented May 3, 2021
edited
Loading

This ini setting was removed in PHP 7.2, see https://www.php.net/manual/fr/session.configuration.php#ini.session.hash-bits-per-character

We've successfully used this code in production on PHP 7.2 for 3 years now, in an application that uses both Zend Framework 1 and Symfony 5. We've had to apply a few changes to Zend's session code as it was conflicting with Symfony, and this one felt like you could benefit from it.

Here are the other ones for reference (if anyone needs it someday), though I think they should probably not be applied in your repository :

diff --git a/src/Zend/Session/Abstract.php b/src/Zend/Session/Abstract.php
index 57f8dc2..2e2ea6e 100644
--- a/src/Zend/Session/Abstract.php
+++ b/src/Zend/Session/Abstract.php
@@ -37,14 +37,14 @@ abstract class Zend_Session_Abstract
      *
      * @var bool
      */
-    protected static $_writable = false;
+    protected static $_writable = true;
 
     /**
      * Whether or not session permits reading (reading data in $_SESSION[])
      *
      * @var bool
      */
-    protected static $_readable = false;
+    protected static $_readable = true;
 
     /**
      * Since expiring data is handled at startup to avoid __destruct difficulties,
@@ -100,6 +100,10 @@ abstract class Zend_Session_Abstract
      */
     protected static function _namespaceUnset($namespace, $name = null)
     {
+        if (!isset($_SESSION)) {
+            return;
+        }
+
         if (self::$_writable === false) {
             throw new Zend_Session_Exception(self::_THROW_NOT_WRITABLE_MSG);
         }
diff --git a/src/Zend/Session/Namespace.php b/src/Zend/Session/Namespace.php
index 8865fcd..8696250 100644
--- a/src/Zend/Session/Namespace.php
+++ b/src/Zend/Session/Namespace.php
@@ -111,9 +111,6 @@ class Zend_Session_Namespace extends Zend_Session_Abstract implements IteratorAg
 
         $this->_namespace = $namespace;
 
-        // Process metadata specific only to this namespace.
-        Zend_Session::start(true); // attempt auto-start (throws exception if strict option set)
-
         if (self::$_readable === false) {
             throw new Zend_Session_Exception(self::_THROW_NOT_READABLE_MSG);
         }

@gnutix gnutix marked this pull request as ready for review May 7, 2021 15:13
jaydiablo
jaydiablo reviewed Dec 4, 2021
View reviewed changes
src/Zend/Session.php
case 6: $pattern = '^[0-9a-zA-Z-,]*$'; break;
}
return preg_match('#' . $pattern . '#', $id);
return preg_match('#^[0-9a-zA-Z-,]*$#', $id);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if 5 is the default value, shouldn't the regex here be #^[0-9a-v]*$ to maintain previous behavior?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaydiablo jaydiablo jaydiablo left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gnutix @jaydiablo