open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1898 from owncloud/session_start_fix

Browse Source 
set http 500 when session could not be started to prevent serving of emp...
remotes/origin/stable5
Lukas Reschke 12 years ago
parent 6735701c1e 7f7b8bc07a
commit d713948d3f
1 changed files with 15 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 17
      lib/base.php

17
lib/base.php
Unescape View File

@ -320,8 +320,21 @@ class OC {
// set the session name to the instance id - which is unique // set the session name to the instance id - which is unique
session_name(OC_Util::getInstanceId()); session_name(OC_Util::getInstanceId());
// (re)-initialize session // if session cant be started break with http 500 error
session_start(); if (session_start() === false){
OC_Log::write('core', 'Session could not be initialized',
OC_Log::ERROR);
header('HTTP/1.1 500 Internal Server Error');
$error = 'Session could not be initialized. Please contact your ';
$error .= 'system administrator';
$tmpl = new OC_Template('', 'error', 'guest');
$tmpl->assign('errors', array(1 => array('error' => $error)));
$tmpl->printPage();
exit();
}
// regenerate session id periodically to avoid session fixation // regenerate session id periodically to avoid session fixation
if (!isset($_SESSION['SID_CREATED'])) { if (!isset($_SESSION['SID_CREATED'])) {

Write Preview
Loading…
Cancel
Save