From c4c441f56e8a66b1c46eed56e8874e8923a93249 Mon Sep 17 00:00:00 2001 From: Paulo Esteves <pjesteves@outlook.pt> Date: Wed, 2 Oct 2019 21:33:50 +0100 Subject: [PATCH] fix issue on session_regenerate. --- system/Session/Handlers/DatabaseHandler.php | 10 ++++------ system/Session/Handlers/FileHandler.php | 12 +++++++----- system/Session/Handlers/MemcachedHandler.php | 5 ++++- system/Session/Handlers/RedisHandler.php | 5 ++++- 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/system/Session/Handlers/DatabaseHandler.php b/system/Session/Handlers/DatabaseHandler.php index a20e2eccda67..478e107d3378 100644 --- a/system/Session/Handlers/DatabaseHandler.php +++ b/system/Session/Handlers/DatabaseHandler.php @@ -164,7 +164,10 @@ public function read($sessionID): string } // Needed by write() to detect session_regenerate_id() calls - $this->sessionID = $sessionID; + if(is_null($this->sessionID)) + { + $this->sessionID = $sessionID; + } $builder = $this->db->table($this->table) ->select('data') @@ -228,11 +231,6 @@ public function write($sessionID, $sessionData): bool // Was the ID regenerated? elseif ($sessionID !== $this->sessionID) { - if (! $this->releaseLock() || ! $this->lockSession($sessionID)) - { - return $this->fail(); - } - $this->rowExists = false; $this->sessionID = $sessionID; } diff --git a/system/Session/Handlers/FileHandler.php b/system/Session/Handlers/FileHandler.php index dd5ffacb4083..1bbf38bbc581 100644 --- a/system/Session/Handlers/FileHandler.php +++ b/system/Session/Handlers/FileHandler.php @@ -187,7 +187,10 @@ public function read($sessionID): string } // Needed by write() to detect session_regenerate_id() calls - $this->sessionID = $sessionID; + if(is_null($this->sessionID)) + { + $this->sessionID = $sessionID; + } if ($this->fileNew) { @@ -233,10 +236,9 @@ public function read($sessionID): string public function write($sessionID, $sessionData): bool { // If the two IDs don't match, we have a session_regenerate_id() call - // and we need to close the old handle and open a new one - if ($sessionID !== $this->sessionID && (! $this->close() || $this->read($sessionID) === false)) + if ($sessionID !== $this->sessionID) { - return false; + $this->sessionID = $sessionID; } if (! is_resource($this->fileHandle)) @@ -294,7 +296,7 @@ public function close(): bool flock($this->fileHandle, LOCK_UN); fclose($this->fileHandle); - $this->fileHandle = $this->fileNew = $this->sessionID = null; + $this->fileHandle = $this->fileNew = null; return true; } diff --git a/system/Session/Handlers/MemcachedHandler.php b/system/Session/Handlers/MemcachedHandler.php index 45f59cf7fd94..e5ae5a407fd3 100644 --- a/system/Session/Handlers/MemcachedHandler.php +++ b/system/Session/Handlers/MemcachedHandler.php @@ -183,7 +183,10 @@ public function read($sessionID): string if (isset($this->memcached) && $this->lockSession($sessionID)) { // Needed by write() to detect session_regenerate_id() calls - $this->sessionID = $sessionID; + if(is_null($this->sessionID)) + { + $this->sessionID = $sessionID; + } $session_data = (string) $this->memcached->get($this->keyPrefix . $sessionID); $this->fingerprint = md5($session_data); diff --git a/system/Session/Handlers/RedisHandler.php b/system/Session/Handlers/RedisHandler.php index 9415638e2e99..7c047badfa3c 100644 --- a/system/Session/Handlers/RedisHandler.php +++ b/system/Session/Handlers/RedisHandler.php @@ -184,7 +184,10 @@ public function read($sessionID): string if (isset($this->redis) && $this->lockSession($sessionID)) { // Needed by write() to detect session_regenerate_id() calls - $this->sessionID = $sessionID; + if(is_null($this->sessionID)) + { + $this->sessionID = $sessionID; + } $session_data = $this->redis->get($this->keyPrefix . $sessionID); is_string($session_data) ? $this->keyExists = true : $session_data = '';