PHP :: Bug #59654 :: Sessions never expire (TTL 0)

Bug #59654

Sessions never expire (TTL 0)

Submitted:

2011-03-06 07:12 UTC

Modified:

2012-03-07 05:43 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

foo at b dot ar

Assigned:

andrei (profile)

Status:

Closed

Package:

memcached (PECL)

PHP Version:

Irrelevant

OS:

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2011-03-06 07:12 UTC] foo at b dot ar

Description:
------------
The memcached extension reads ini values wrongly resulting in 
all values defaulting to 0 leading to session lifetimes being 
infinite.

sess_lifetime = 
zend_ini_long(ZEND_STRL("session.gc_maxlifetime"), 0);

ZEND_STRL() makro is used even though zend_ini_long() seems 
to want the length of the string including the trailing \0.

Inconsistent APIs for the win.


Reproduce code:
---------------
ini_set('session.save_handler', 'memcached');

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-03-06 13:50 UTC] andrei@php.net

This has been fixed in 2.0 branch already. I intend to release 
the 2.0 beta next week, so perhaps you could try it when it's 
out.

[2012-03-07 05:43 UTC] andrei@php.net

-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: andrei

[2012-03-07 05:43 UTC] andrei@php.net

Fixed in 2.0.1.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 16:01:27 2024 UTC