From c4c441f56e8a66b1c46eed56e8874e8923a93249 Mon Sep 17 00:00:00 2001
From: Paulo Esteves <pjesteves@outlook.pt>
Date: Wed, 2 Oct 2019 21:33:50 +0100
Subject: [PATCH] fix issue on session_regenerate.

---
 system/Session/Handlers/DatabaseHandler.php  | 10 ++++------
 system/Session/Handlers/FileHandler.php      | 12 +++++++-----
 system/Session/Handlers/MemcachedHandler.php |  5 ++++-
 system/Session/Handlers/RedisHandler.php     |  5 ++++-
 4 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/system/Session/Handlers/DatabaseHandler.php b/system/Session/Handlers/DatabaseHandler.php
index a20e2eccda67..478e107d3378 100644
--- a/system/Session/Handlers/DatabaseHandler.php
+++ b/system/Session/Handlers/DatabaseHandler.php
@@ -164,7 +164,10 @@ public function read($sessionID): string
 		}
 
 		// Needed by write() to detect session_regenerate_id() calls
-		$this->sessionID = $sessionID;
+		if(is_null($this->sessionID))
+		{
+			$this->sessionID = $sessionID;
+		}
 
 		$builder = $this->db->table($this->table)
 				->select('data')
@@ -228,11 +231,6 @@ public function write($sessionID, $sessionData): bool
 		// Was the ID regenerated?
 		elseif ($sessionID !== $this->sessionID)
 		{
-			if (! $this->releaseLock() || ! $this->lockSession($sessionID))
-			{
-				return $this->fail();
-			}
-
 			$this->rowExists = false;
 			$this->sessionID = $sessionID;
 		}
diff --git a/system/Session/Handlers/FileHandler.php b/system/Session/Handlers/FileHandler.php
index dd5ffacb4083..1bbf38bbc581 100644
--- a/system/Session/Handlers/FileHandler.php
+++ b/system/Session/Handlers/FileHandler.php
@@ -187,7 +187,10 @@ public function read($sessionID): string
 			}
 
 			// Needed by write() to detect session_regenerate_id() calls
-			$this->sessionID = $sessionID;
+			if(is_null($this->sessionID))
+			{
+				$this->sessionID = $sessionID;
+			}
 
 			if ($this->fileNew)
 			{
@@ -233,10 +236,9 @@ public function read($sessionID): string
 	public function write($sessionID, $sessionData): bool
 	{
 		// If the two IDs don't match, we have a session_regenerate_id() call
-		// and we need to close the old handle and open a new one
-		if ($sessionID !== $this->sessionID && (! $this->close() || $this->read($sessionID) === false))
+		if ($sessionID !== $this->sessionID)
 		{
-			return false;
+			$this->sessionID = $sessionID;
 		}
 
 		if (! is_resource($this->fileHandle))
@@ -294,7 +296,7 @@ public function close(): bool
 			flock($this->fileHandle, LOCK_UN);
 			fclose($this->fileHandle);
 
-			$this->fileHandle = $this->fileNew = $this->sessionID = null;
+			$this->fileHandle = $this->fileNew = null;
 
 			return true;
 		}
diff --git a/system/Session/Handlers/MemcachedHandler.php b/system/Session/Handlers/MemcachedHandler.php
index 45f59cf7fd94..e5ae5a407fd3 100644
--- a/system/Session/Handlers/MemcachedHandler.php
+++ b/system/Session/Handlers/MemcachedHandler.php
@@ -183,7 +183,10 @@ public function read($sessionID): string
 		if (isset($this->memcached) && $this->lockSession($sessionID))
 		{
 			// Needed by write() to detect session_regenerate_id() calls
-			$this->sessionID = $sessionID;
+			if(is_null($this->sessionID))
+			{
+				$this->sessionID = $sessionID;
+			}
 
 			$session_data      = (string) $this->memcached->get($this->keyPrefix . $sessionID);
 			$this->fingerprint = md5($session_data);
diff --git a/system/Session/Handlers/RedisHandler.php b/system/Session/Handlers/RedisHandler.php
index 9415638e2e99..7c047badfa3c 100644
--- a/system/Session/Handlers/RedisHandler.php
+++ b/system/Session/Handlers/RedisHandler.php
@@ -184,7 +184,10 @@ public function read($sessionID): string
 		if (isset($this->redis) && $this->lockSession($sessionID))
 		{
 			// Needed by write() to detect session_regenerate_id() calls
-			$this->sessionID = $sessionID;
+			if(is_null($this->sessionID))
+			{
+				$this->sessionID = $sessionID;
+			}
 
 			$session_data                               = $this->redis->get($this->keyPrefix . $sessionID);
 			is_string($session_data) ? $this->keyExists = true : $session_data = '';