Permalink
Browse files

Fixing issue where empty session id's would cause duplicate key error…

…s. Empty session id sessions are no longer saved. Fixes #1450
  • Loading branch information...
1 parent b0d4951 commit cfce0e45d3f51471571241a32241f5da08d4c583 @markstory markstory committed Jan 18, 2011
Showing with 34 additions and 0 deletions.
  1. +3 −0 cake/libs/cake_session.php
  2. +31 −0 cake/tests/cases/libs/cake_session.test.php
@@ -751,6 +751,9 @@ function __read($id) {
* @access private
*/
function __write($id, $data) {
+ if (!$id) {
+ return false;
+ }
$expires = time() + Configure::read('Session.timeout') * Security::inactiveMins();
$model =& ClassRegistry::getObject('Session');
$return = $model->save(array($model->primaryKey => $id) + compact('data', 'expires'));
@@ -474,4 +474,35 @@ function testReadAndWriteWithDatabaseStorage() {
$this->setUp();
}
+/**
+ * testReadAndWriteWithDatabaseStorage method
+ *
+ * @access public
+ * @return void
+ */
+ function testDatabaseStorageEmptySessionId() {
+ unset($_SESSION);
+ session_destroy();
+ Configure::write('Session.table', 'sessions');
+ Configure::write('Session.model', 'Session');
+ Configure::write('Session.database', 'test_suite');
+ Configure::write('Session.save', 'database');
+ $this->setUp();
+ $id = $this->Session->id();
+
+ $this->Session->id = '';
+ session_id('');
+
+ $this->Session->write('SessionTestCase', 'This is a Test');
+ $this->assertEqual($this->Session->read('SessionTestCase'), 'This is a Test');
+
+ session_write_close();
+
+ unset($_SESSION);
+ ini_set('session.save_handler', 'files');
+ Configure::write('Session.save', 'php');
+ session_id($id);
+ $this->setUp();
+ }
+
}

0 comments on commit cfce0e4

Please sign in to comment.