From 2a37a2783fa6bcf04d7856610882d998efd14815 Mon Sep 17 00:00:00 2001
From: Sergey Motornyuk <sergey.motornyuk@linkdigital.com.au>
Date: Wed, 23 May 2018 17:29:07 +0300
Subject: [PATCH] Make sure that session is closed and only then update cookie
 params

---
 lib/SimpleSAML/SessionHandlerPHP.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 30f3d909a..18c757842 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -343,6 +343,11 @@ class SessionHandlerPHP extends SessionHandler
             );
         }
 
+        if (session_id() !== '') {
+            // session already started, close it
+            session_write_close();
+        }
+
         session_set_cookie_params(
             $cookieParams['lifetime'],
             $cookieParams['path'],
@@ -351,11 +356,6 @@ class SessionHandlerPHP extends SessionHandler
             $cookieParams['httponly']
         );
 
-        if (session_id() !== '') {
-            // session already started, close it
-            session_write_close();
-        }
-
         session_id($sessionID);
         $this->sessionStart();
     }
-- 
GitLab