View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000908 | Main CAcert Website | source code | public | 2011-01-28 08:20 | 2013-01-15 15:22 |
Reporter | edgarwahn | Assigned To | Uli60 | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Fixed in Version | 2011 Q4 | ||||
Summary | 0000908: Session unregister when logging out seems to contain bugs | ||||
Description | PHP Warning: Illegal offset type in unset in /git/cacert/includes/loggedin.php on line 136 if(array_key_exists("id",$_REQUEST) && $_REQUEST['id'] == "logout") { $normalhost=$_SESSION['_config']['normalhostname']; $_SESSION['profile']['loggedin'] = 0; $_SESSION['profile'] = ""; foreach($_SESSION as $key) { 136: unset($_SESSION[$key]); unset($$key); session_unregister($key); } unset($_SESSION); header("location: https://".$normalhost."/index.php"); exit; } === foreach ($_SESSION as $key) iterates over all content elements of the array, NOT the keys, the correct syntax would be foreach ($_SESSION as $key => $val) OR $ak = array_keys($_SESSION); foreach ($ak as $key) { Can anyone confirm this being a bug, which potentially leaves data fields from within the session intact for the running php script. My quick guess is that the impact is minor, because the entire $_SESSION is destroyed and registered variables only exist until the end of the scripts execution. | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
|
I found that code on cacert1, but could not open a ticket for cacert1 project because there are no categories. |
|
we have two related bugs: https://bugs.cacert.org/view.php?id=908 https://bugs.cacert.org/view.php?id=963 0000963 has been fixed. 0000908 is still open. With the 0000963 fix, is the 0000908 fixed too ?!? The fix of 0000963 relates to /includes/loggedin.php line 140 The 0000908 report shows: PHP Warning: Illegal offset type in unset in /git/cacert/includes/loggedin.php on line 136 |
|
identical to 0000963 0000963 is solved, so 0000908 either |
|
More than 3 month fixed and no complaints |
Date Modified | Username | Field | Change |
---|---|---|---|
2011-01-28 08:20 | edgarwahn | New Issue | |
2011-01-28 08:22 | edgarwahn | Note Added: 0001850 | |
2011-08-05 14:38 | Uli60 | Relationship added | related to 0000963 |
2011-08-15 10:29 | Uli60 | Note Added: 0002289 | |
2011-08-15 10:29 | Uli60 | Status | new => needs feedback |
2011-08-15 10:32 | Uli60 | Relationship added | related to 0000909 |
2011-11-23 09:20 | Uli60 | Note Added: 0002718 | |
2011-11-23 09:20 | Uli60 | Relationship replaced | duplicate of 0000963 |
2011-11-23 09:20 | Uli60 | Status | needs feedback => solved? |
2011-11-23 09:20 | Uli60 | Resolution | open => fixed |
2011-11-23 09:20 | Uli60 | Assigned To | => Uli60 |
2012-12-21 05:11 | Werner Dworak | Note Added: 0003513 | |
2012-12-21 05:11 | Werner Dworak | Status | solved? => closed |
2013-01-15 15:22 | Werner Dworak | Fixed in Version | => 2011 Q4 |