From b8ce6906870d11ba09496ec220f4b69b1bdb4c20 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 26 Mar 2010 10:14:56 +0000
Subject: [PATCH] openid: Fix session_start being called multiple times.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2239 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/openid/www/consumer.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/modules/openid/www/consumer.php b/modules/openid/www/consumer.php
index 1bbcea9c3..764f1fbf5 100644
--- a/modules/openid/www/consumer.php
+++ b/modules/openid/www/consumer.php
@@ -13,7 +13,19 @@ require_once('Auth/OpenID/SReg.php');
 require_once('Auth/OpenID/Server.php');
 require_once('Auth/OpenID/ServerRequest.php');
 
-session_start();
+/*
+ * The OpenID library uses the $_SESSION variable, so we may need to
+ * initialize the session.
+ *
+ * We first initialize the SimpleSAML_Session object, to allow its configuration to
+ * take precedence. If the SimpleSAML_Session object doesn't use the PHP session, we
+ * will initialize the PHP session with default settings.
+ */
+SimpleSAML_Session::getInstance();
+if(session_id() === '') {
+	/* PHP session not initialized - start session. */
+	session_start();
+}
 
 $config = SimpleSAML_Configuration::getInstance();
 
-- 
GitLab