bug #15799 [HttpFoundation] NativeSessionStorage regenerate method wrongly sets storage as started (iambrosi)

fabpot · fabpot · commit 3765d8a01ddb · 2015-09-28T11:26:18.000+02:00
This PR was squashed before being merged into the 2.3 branch (closes #15799). Discussion ---------- [HttpFoundation] NativeSessionStorage `regenerate` method wrongly sets storage as started | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | This PR fixes an error when regenerating session IDs for non-active sessions. Right now, the session is flagged as _started_, no matter if the session ID was successfully regenerated or not, making the storage [unable to _start the session_](https://github.com/symfony/symfony/blob/6393ec31690a3ecc73e5f1f7ea2185cda7aba203/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php#L130-L132) later on. This also fixes a future error with PHP 7, which throws an error if a regeneration is attempted for non-active sessions. ``` session_regenerate_id(): Cannot regenerate session id - session is not active ``` Commits ------- 8e6ef9c [HttpFoundation] NativeSessionStorage method wrongly sets storage as started
diff --git a/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php b/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
@@ -195,6 +195,16 @@ public function setName($name)
      */
     public function regenerate($destroy = false, $lifetime = null)
     {
+        // Cannot regenerate the session ID for non-active sessions.
+        if (PHP_VERSION_ID >= 50400 && \PHP_SESSION_ACTIVE !== session_status()) {
+            return false;
+        }
+
+        // Check if session ID exists in PHP 5.3
+        if (PHP_VERSION_ID < 50400 && '' === session_id()) {
+            return false;
+        }
+
         if (null !== $lifetime) {
             ini_set('session.cookie_lifetime', $lifetime);
         }
diff --git a/src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php b/src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php
@@ -130,6 +130,13 @@ public function testSessionGlobalIsUpToDateAfterIdRegeneration()
         $this->assertEquals(42, $_SESSION['_sf2_attributes']['lucky']);
     }
 
+    public function testRegenerationFailureDoesNotFlagStorageAsStarted()
+    {
+        $storage = $this->getStorage();
+        $this->assertFalse($storage->regenerate());
+        $this->assertFalse($storage->isStarted());
+    }
+
     public function testDefaultSessionCacheLimiter()
     {
         $this->iniSet('session.cache_limiter', 'nocache');

Original file line number	Diff line number	Diff line change
`@@ -130,6 +130,13 @@ public function testSessionGlobalIsUpToDateAfterIdRegeneration()`
`130`	`130`	`$this->assertEquals(42, $_SESSION['_sf2_attributes']['lucky']);`
`131`	`131`	`}`
`132`	`132`
	`133`	`+ public function testRegenerationFailureDoesNotFlagStorageAsStarted()`
	`134`	`+ {`
	`135`	`+ $storage = $this->getStorage();`
	`136`	`+ $this->assertFalse($storage->regenerate());`
	`137`	`+ $this->assertFalse($storage->isStarted());`
	`138`	`+ }`
	`139`	`+`
`133`	`140`	`public function testDefaultSessionCacheLimiter()`
`134`	`141`	`{`
`135`	`142`	`$this->iniSet('session.cache_limiter', 'nocache');`