On Wed, Mar 18, 2015 at 05:57:22PM +0900, Yasuo Ohgaki wrote:
> I would like to fix this bug transparently. i.e. User cannot detect already
> destroyed
> session that is accessible.
>
> The method is:
>
> 1. Add "__SESSION_TTL__", which has TTL timestamp, to $_SESSION hash before
> serialization.
PHP and Perl $a = 'Z'; $a++; turns $a into 'AA' [...]
I'd expect " ZZ" to become " AAA" rather than " AA". I'm not sure if
it's a bug in documentation, in code. Probably nobody can even
distinguish if it's a bug or feature.
Mateusz Kocielski
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
dy understand the rules behind the string incrementation? What's
the explanation of following behaviour?
'$x="ZZ";$x++;var_dump($x);' returns string(3) "AAA"
'$x=" ZZ";$x++;var_dump($x);' returns string(3) " AA"
Regards,
Mateusz Kocielski
I'd like to support PHP Quality Assurance Team, especially in resolving (and
analyzing) security related issues. So far I've contributed to PHP many times
(consult it with CHANGELOGs (grep for shm or Mateusz Kocielski ;-)), I've also
written Minerva fuzzer in order to uncover
