diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-25 14:00:12 -0800 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-25 14:00:12 -0800 |
| commit | d713948d3f85a6e0a369bf1a9052ce563250e3da (patch) | |
| tree | edf313da437da04a549cbc369021d4f7691e033e | |
| parent | 6735701c1e70c7fb742f0343e1c264c0c27aca86 (diff) | |
| parent | 7f7b8bc07aedf9da93eecc8163cb9c98a4821eb0 (diff) | |
| download | nextcloud-server-d713948d3f85a6e0a369bf1a9052ce563250e3da.tar.gz nextcloud-server-d713948d3f85a6e0a369bf1a9052ce563250e3da.zip | |
Merge pull request #1898 from owncloud/session_start_fix
set http 500 when session could not be started to prevent serving of emp...
| -rw-r--r-- | lib/base.php | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/lib/base.php b/lib/base.php index b5439c00abf..f9bb1bb11bf 100644 --- a/lib/base.php +++ b/lib/base.php @@ -320,8 +320,21 @@ class OC { // set the session name to the instance id - which is unique session_name(OC_Util::getInstanceId()); - // (re)-initialize session - session_start(); + // if session cant be started break with http 500 error + if (session_start() === false){ + OC_Log::write('core', 'Session could not be initialized', + OC_Log::ERROR); + + header('HTTP/1.1 500 Internal Server Error'); + $error = 'Session could not be initialized. Please contact your '; + $error .= 'system administrator'; + + $tmpl = new OC_Template('', 'error', 'guest'); + $tmpl->assign('errors', array(1 => array('error' => $error))); + $tmpl->printPage(); + + exit(); + } // regenerate session id periodically to avoid session fixation if (!isset($_SESSION['SID_CREATED'])) { |