php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #73394
Patch session_read_check revision 2016-10-26 16:13 UTC by martijn at openbsd dot org

Patch session_read_check for Session related Bug #73394

Patch version 2016-10-26 16:13 UTC

Return to Bug #73394 | Download this patch
Patch Revisions:

Developer: martijn@openbsd.org

--- ./ext/session/session.c.orig	Thu Oct 13 16:04:27 2016
+++ ./ext/session/session.c	Wed Oct 26 17:04:46 2016
@@ -538,19 +538,16 @@
 			PS(send_cookie) = 1;
 		}
 	}
+	if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) {
+		php_error_docref(NULL, E_ERROR, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
+		return;
+	}
 
 	php_session_reset_id();
 	PS(session_status) = php_session_active;
 
 	/* Read data */
 	php_session_track_init();
-	if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, PS(gc_maxlifetime)) == FAILURE) {
-		/* Some broken save handler implementation returns FAILURE for non-existent session ID */
-		/* It's better to raise error for this, but disabled error for better compatibility */
-		/*
-		php_error_docref(NULL, E_NOTICE, "Failed to read session data: %s (path: %s)", PS(mod)->s_name, PS(save_path));
-		*/
-	}
 
 	/* GC must be done after read */
 	php_session_gc();
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Jun 16 08:01:29 2024 UTC