Re: Solution for session_regenerate_id() issues

From: Date: Wed, 19 Mar 2014 15:22:07 +0000
Subject: Re: Solution for session_regenerate_id() issues
References: 1 2 3 4 5 6 7  Groups: php.internals 
Request: Send a blank email to [email protected] to get a copy of this message
Hi,

On Wed, Mar 19, 2014 at 12:12 PM, Ferenc Kovacs <[email protected]> wrote:
>> If you choose "security" bug type, it's hidden.
>
>
> nope, security bug type only makes it send the bug mail to [email protected],
> only private bugs are protected from public access.
> that is something really error-prone, so I remember some discussion about
> changing that, and making new security bugs to be private by default, but
> AFAIK we never implemented that.

Actually, somebody did implement it.
Turned out the issue I wanted to report is solved though ... it was
the regression with use_strict_mode in 5.5.3 and for some unknown
reason, Ubuntu is sticking exactly to that version.

On topic: I understand the gains, Yasuo.
But I completely disagree that it's mandatory or that it is PHP's job
at all. If I tell PHP to delete something, I expect it to do so,
immediately.

Cheers,
Andrey.


Thread (24 messages)

« previous php.internals (#73303) next »