Skip to content
Snippets Groups Projects
Commit 43b88d90 authored by Olav Morken's avatar Olav Morken
Browse files

Session: Use transient session if headers are already sent.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2190 44740490-163a-0410-bde0-09ae8108e29a
parent 3c5960fd
No related branches found
No related tags found
No related merge requests found
...@@ -142,7 +142,14 @@ class SimpleSAML_Session { ...@@ -142,7 +142,14 @@ class SimpleSAML_Session {
/* Check if we have stored a session stored with the session /* Check if we have stored a session stored with the session
* handler. * handler.
*/ */
self::$instance = self::loadSession(); try {
self::$instance = self::loadSession();
} catch (Exception $e) {
/* For some reason, we were unable to initialize this session. Use a transient session instead. */
self::useTransientSession();
return self::$instance;
}
if(self::$instance !== NULL) { if(self::$instance !== NULL) {
return self::$instance; return self::$instance;
} }
......
...@@ -36,6 +36,12 @@ extends SimpleSAML_SessionHandler { ...@@ -36,6 +36,12 @@ extends SimpleSAML_SessionHandler {
$this->session_id = $_COOKIE['SimpleSAMLSessionID']; $this->session_id = $_COOKIE['SimpleSAMLSessionID'];
} }
/* We need to create a new session. */
if (headers_sent()) {
throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.');
}
/* Check if we have a valid session id. */ /* Check if we have a valid session id. */
if(self::isValidSessionID($this->session_id)) { if(self::isValidSessionID($this->session_id)) {
/* We are done now if it was valid. */ /* We are done now if it was valid. */
......
...@@ -46,6 +46,11 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler { ...@@ -46,6 +46,11 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler {
} }
if(!array_key_exists(session_name(), $_COOKIE)) { if(!array_key_exists(session_name(), $_COOKIE)) {
if (headers_sent()) {
throw new SimpleSAML_Error_Exception('Cannot create new session - headers already sent.');
}
/* Session cookie unset - session id not set. Generate new (secure) session id. */ /* Session cookie unset - session id not set. Generate new (secure) session id. */
session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16))); session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)));
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment