diff options
-rw-r--r-- | Zotlabs/Web/Session.php | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 4f2a3f1f7..1ba120fa9 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -15,6 +15,7 @@ class Session { private $handler = null; private $session_started = false; + private $custom_handler = false; public function init() { @@ -28,13 +29,20 @@ class Session { * Set our session storage functions. */ - $handler = new \Zotlabs\Web\SessionHandler(); + $custom_handler = $this->custom_handler; + call_hook('custom_session_handler',$custom_handler); + $this->custom_handler = $custom_handler; - $this->handler = $handler; - $x = session_set_save_handler($handler,false); - if(! $x) - logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + if (!$this->custom_handler) { + $handler = new \Zotlabs\Web\SessionHandler(); + + $this->handler = $handler; + + $x = session_set_save_handler($handler,false); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + } // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). @@ -86,14 +94,17 @@ class Session { $arr = session_get_cookie_params(); - if($this->handler && $this->session_started) { + if(($this->handler || $this->custom_handler) && $this->session_started) { session_regenerate_id(true); - // force SessionHandler record creation with the new session_id - // which occurs as a side effect of read() + if (!$this->custom_handler) { + // force SessionHandler record creation with the new session_id + // which occurs as a side effect of read() since not all implementations + // of session_regenerate_id() call read(). - $this->handler->read(session_id()); + $this->handler->read(session_id()); + } } else logger('no session handler'); |