php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25515 HTTP_Session fails with strict error_handling
Submitted: 2003-09-12 10:12 UTC Modified: 2004-09-01 16:30 UTC
From: info at rhalff dot com Assigned:
Status: Not a bug Package: PEAR related
PHP Version: Irrelevant OS: linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: info at rhalff dot com
New email:
PHP Version: OS:

 

 [2003-09-12 10:12 UTC] info at rhalff dot com
Description:
------------
When using a custom php error handler, HTTP_Session will fail because of an Undefined index in /usr/lib/php/HTTP/Session.php at line 545

A simple fix for this would be, to check if it is empty:

    /**
     * Sets new local name
     *
     * @static
     * @access public
     * @param  string New local name
     * @return string Previous local name
     */
    function localName($name = null)
    {
        if(!isset($GLOBALS['__HTTP_Session_Localname'])) {
          $GLOBALS['__HTTP_Session_Localname'] = null;  
        }

        $return = $GLOBALS['__HTTP_Session_Localname'];
        if (isset($name)) {
            $GLOBALS['__HTTP_Session_Localname'] = $name;
        }
        return $return;
    }

After this fix is applied HTTP_Session:start will be succesfull, but HTTP_Session::setLocal will fail with an undefined index too. A fix for this method would be:

    function setLocal($name, $value)
    {
        $local = md5(HTTP_Session::localName());

        if (!isset($_SESSION[$local])) {
            $_SESSION[$local] = array();
        }

        if (!isset($_SESSION[$local][$name])) {
            $_SESSION[$local][$name] = null;
        }
        $return = $_SESSION[$local][$name];

        if (null === $value) {
            unset($_SESSION[$local][$name]);
        } else {
            $_SESSION[$local][$name] = $value;
        }
        return $return;
    }

As with the last method HTTP:Session:set:

    function set($name, $value)
    {
        if(!isset($_SESSION[$name])) {
                $_SESSION[$name] = null;
        }
        $return = $_SESSION[$name];

        if (null === $value) {
            unset($_SESSION[$name]);
        } else {
            $_SESSION[$name] = $value;
        }
        return $return;
    }



Reproduce code:
---------------
require_once ("PEAR.php");
require_once ("HTTP/Session.php");

  function php_error_handler($errno, $errstr, $errfile, $errline)
  {
      echo "$errstr in $errfile at line $errline";
      exit();
  }
  set_error_handler('php_error_handler');

HTTP_Session::start('SessionID', uniqid('MyID'));
HTTP_Session::setLocal('name','value');
HTTP_Session::setLocal('name2','value');
echo "finished";

Expected result:
----------------
finished

Actual result:
--------------
Undefined index in /usr/lib/php/HTTP/Session.php at linenr

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-09-01 16:30 UTC] alan_k@php.net
can you report this on pear.php.net if the problem still exists - where the package maintainers now manage pear bugs
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Sun Feb 23 17:01:28 2020 UTC