diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index a33740ca4a412f49236a3af6110287658312df2f..806b028ea95088de6b869e3e409e7bab80e732c4 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -142,7 +142,14 @@ class SimpleSAML_Session { /* Check if we have stored a session stored with the session * handler. */ - self::$instance = self::loadSession(); + try { + self::$instance = self::loadSession(); + } catch (Exception $e) { + /* For some reason, we were unable to initialize this session. Use a transient session instead. */ + self::useTransientSession(); + return self::$instance; + } + if(self::$instance !== NULL) { return self::$instance; } diff --git a/lib/SimpleSAML/SessionHandlerCookie.php b/lib/SimpleSAML/SessionHandlerCookie.php index 0ced9a384e0e1a3543564ded26581bff227b38b8..040483a7e246fe35ca278b66b25b906f1eed97e8 100644 --- a/lib/SimpleSAML/SessionHandlerCookie.php +++ b/lib/SimpleSAML/SessionHandlerCookie.php @@ -36,6 +36,12 @@ extends SimpleSAML_SessionHandler { $this->session_id = $_COOKIE['SimpleSAMLSessionID']; } + /* We need to create a new session. */ + + if (headers_sent()) { + throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.'); + } + /* Check if we have a valid session id. */ if(self::isValidSessionID($this->session_id)) { /* We are done now if it was valid. */ diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php index b404c82cafc7a1eabbb796614f1192948ed3346c..5d1b053156a90d1af0a7c35ec6459ba859897790 100644 --- a/lib/SimpleSAML/SessionHandlerPHP.php +++ b/lib/SimpleSAML/SessionHandlerPHP.php @@ -46,6 +46,11 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler { } if(!array_key_exists(session_name(), $_COOKIE)) { + + if (headers_sent()) { + throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.'); + } + /* Session cookie unset - session id not set. Generate new (secure) session id. */ session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16))); }