Skip to content
This repository has been archived by the owner on Jan 8, 2020. It is now read-only.

SessionManagerFactory with ArrayStorage triggers undefined variable #7127

Closed
wants to merge 2 commits into from
Closed

SessionManagerFactory with ArrayStorage triggers undefined variable #7127

wants to merge 2 commits into from

Conversation

Martin-P
Copy link
Contributor

When using Zend\Session\Service\SessionManagerFactory with ArrayStorage security fix ddbf43a triggers an undefined variable:

Undefined variable: _SESSION

This PR fixes that issue.

@Ocramius Ocramius added this to the 2.4.0 milestone Jan 15, 2015
@Ocramius Ocramius self-assigned this Jan 15, 2015
@samsonasik
Copy link
Contributor

@Ocramius marked as 2.4.0 or 2.3.5 ? @weierophinney if the next dev version is 2.3.5dev ( https://github.com/zendframework/zf2/blob/master/library/Zend/Version/Version.php#L23 ) the milestone need to be created ...

@Ocramius Ocramius modified the milestones: 2.3.5, 2.4.0 Jan 15, 2015
@Ocramius
Copy link
Member

@samsonasik I created the milestone (sorry, was just too lazy :P )

@Martin-P Martin-P mentioned this pull request Jan 16, 2015
Closed
malukenho
malukenho reviewed Jan 19, 2015
View reviewed changes
library/Zend/Session/SessionManager.php
$oldSessionData = $_SESSION;
$oldSessionData = array();
if (isset($_SESSION)) {
$oldSessionData = $_SESSION;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe $oldSessionData = isset($_SESSION) ? $_SESSION : array();

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@malukenho no big deal, IMO

Ocramius added a commit that referenced this pull request Feb 2, 2015
@Ocramius
Merge branch 'hotfix/#7127-session-manager-with-array-storage-fails-w…
61b07db 
…ith-notice' into develop

Close #7127
Forward port #7127
@Ocramius Ocramius closed this in 0a90e48 Feb 2, 2015
@Ocramius
Copy link
Member

Ocramius commented Feb 2, 2015

@Martin-P merged, thanks!

master: 0a90e48
develop: 61b07db

@Martin-P Martin-P deleted the hotfix/sessionmanager-undefined-var branch February 2, 2015 02:30
gianarb pushed a commit to zendframework/zend-session that referenced this pull request May 15, 2015
@Ocramius
Merge branch 'hotfix/zendframework/zendframework#7127-session-manager…
f48fdbd 
…-with-array-storage-fails-with-notice'

Close zendframework/zendframework#7127
gianarb pushed a commit to zendframework/zend-session that referenced this pull request May 15, 2015
@Ocramius
Merge branch 'hotfix/zendframework/zendframework#7127-session-manager…
9e4a984 
…-with-array-storage-fails-with-notice' into develop

Close zendframework/zendframework#7127
Forward port zendframework/zendframework#7127
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@Ocramius Ocramius

Labels
bug Session
Projects
None yet
Milestone
2.3.5
Development

Successfully merging this pull request may close these issues.
4 participants
@Martin-P @samsonasik @Ocramius @malukenho