aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristoph Wurst <christoph@owncloud.com>2016-04-26 09:29:15 +0200
committerChristoph Wurst <christoph@owncloud.com>2016-04-26 14:51:21 +0200
commite93bf80b29cde236c5d78023b49435283e4b2562 (patch)
tree3640e7778974a0577f0eaf6661280bb76edceaa1
parent0d53e86421faef0300d509b385934754b4dab88c (diff)
downloadnextcloud-server-e93bf80b29cde236c5d78023b49435283e4b2562.tar.gz
nextcloud-server-e93bf80b29cde236c5d78023b49435283e4b2562.zip
throw SessionNotAvailableException if session_id returns empty string
-rw-r--r--lib/private/Session/CryptoSessionData.php2
-rw-r--r--lib/private/Session/Internal.php9
-rw-r--r--lib/private/Session/Memory.php10
-rw-r--r--lib/public/Session/Exceptions/SessionNotAvailableException.php32
-rw-r--r--lib/public/isession.php1
-rw-r--r--tests/lib/session/memory.php2
6 files changed, 51 insertions, 5 deletions
diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php
index 23731ef4560..629e6af5412 100644
--- a/lib/private/Session/CryptoSessionData.php
+++ b/lib/private/Session/CryptoSessionData.php
@@ -24,6 +24,7 @@ namespace OC\Session;
use OCP\ISession;
use OCP\Security\ICrypto;
+use OCP\Session\Exceptions\SessionNotAvailableException;
/**
* Class CryptoSessionData
@@ -145,6 +146,7 @@ class CryptoSessionData implements \ArrayAccess, ISession {
* Wrapper around session_id
*
* @return string
+ * @throws SessionNotAvailableException
* @since 9.1.0
*/
public function getId() {
diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php
index 4fadb1ac801..a24aec55222 100644
--- a/lib/private/Session/Internal.php
+++ b/lib/private/Session/Internal.php
@@ -26,6 +26,8 @@
namespace OC\Session;
+use OCP\Session\Exceptions\SessionNotAvailableException;
+
/**
* Class Internal
*
@@ -115,10 +117,15 @@ class Internal extends Session {
* Wrapper around session_id
*
* @return string
+ * @throws SessionNotAvailableException
* @since 9.1.0
*/
public function getId() {
- return @session_id();
+ $id = @session_id();
+ if ($id === '') {
+ throw new SessionNotAvailableException();
+ }
+ return $id;
}
/**
diff --git a/lib/private/Session/Memory.php b/lib/private/Session/Memory.php
index 3dba274f395..bcb1f1d950c 100644
--- a/lib/private/Session/Memory.php
+++ b/lib/private/Session/Memory.php
@@ -26,6 +26,9 @@
namespace OC\Session;
+use Exception;
+use OCP\Session\Exceptions\SessionNotAvailableException;
+
/**
* Class Internal
*
@@ -92,10 +95,11 @@ class Memory extends Session {
* Wrapper around session_id
*
* @return string
+ * @throws SessionNotAvailableException
* @since 9.1.0
*/
public function getId() {
- throw new \Exception('Memory session does not have an ID');
+ throw new SessionNotAvailableException('Memory session does not have an ID');
}
/**
@@ -108,11 +112,11 @@ class Memory extends Session {
/**
* In case the session has already been locked an exception will be thrown
*
- * @throws \Exception
+ * @throws Exception
*/
private function validateSession() {
if ($this->sessionClosed) {
- throw new \Exception('Session has been closed - no further changes to the session are allowed');
+ throw new Exception('Session has been closed - no further changes to the session are allowed');
}
}
}
diff --git a/lib/public/Session/Exceptions/SessionNotAvailableException.php b/lib/public/Session/Exceptions/SessionNotAvailableException.php
new file mode 100644
index 00000000000..d347e0df15e
--- /dev/null
+++ b/lib/public/Session/Exceptions/SessionNotAvailableException.php
@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * @author Christoph Wurst <christoph@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCP\Session\Exceptions;
+
+use Exception;
+
+/**
+ * @since 9.1.0
+ */
+class SessionNotAvailableException extends Exception {
+
+}
diff --git a/lib/public/isession.php b/lib/public/isession.php
index 16c6f9bc6a5..7bc8654a1b9 100644
--- a/lib/public/isession.php
+++ b/lib/public/isession.php
@@ -100,6 +100,7 @@ interface ISession {
* Wrapper around session_id
*
* @return string
+ * @throws SessionNotAvailableException
* @since 9.1.0
*/
public function getId();
diff --git a/tests/lib/session/memory.php b/tests/lib/session/memory.php
index 750fcf2ec6f..dbf2737fb3f 100644
--- a/tests/lib/session/memory.php
+++ b/tests/lib/session/memory.php
@@ -17,7 +17,7 @@ class Memory extends Session {
}
/**
- * @expectedException \Exception
+ * @expectedException OCP\Session\Exceptions\SessionNotAvailableException
*/
public function testThrowsExceptionOnGetId() {
$this->instance->getId();