From e93bf80b29cde236c5d78023b49435283e4b2562 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Tue, 26 Apr 2016 09:29:15 +0200 Subject: throw SessionNotAvailableException if session_id returns empty string --- lib/private/Session/CryptoSessionData.php | 2 ++ lib/private/Session/Internal.php | 9 ++++++++- lib/private/Session/Memory.php | 10 +++++++--- 3 files changed, 17 insertions(+), 4 deletions(-) (limited to 'lib/private/Session') diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php index 23731ef4560..629e6af5412 100644 --- a/lib/private/Session/CryptoSessionData.php +++ b/lib/private/Session/CryptoSessionData.php @@ -24,6 +24,7 @@ namespace OC\Session; use OCP\ISession; use OCP\Security\ICrypto; +use OCP\Session\Exceptions\SessionNotAvailableException; /** * Class CryptoSessionData @@ -145,6 +146,7 @@ class CryptoSessionData implements \ArrayAccess, ISession { * Wrapper around session_id * * @return string + * @throws SessionNotAvailableException * @since 9.1.0 */ public function getId() { diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php index 4fadb1ac801..a24aec55222 100644 --- a/lib/private/Session/Internal.php +++ b/lib/private/Session/Internal.php @@ -26,6 +26,8 @@ namespace OC\Session; +use OCP\Session\Exceptions\SessionNotAvailableException; + /** * Class Internal * @@ -115,10 +117,15 @@ class Internal extends Session { * Wrapper around session_id * * @return string + * @throws SessionNotAvailableException * @since 9.1.0 */ public function getId() { - return @session_id(); + $id = @session_id(); + if ($id === '') { + throw new SessionNotAvailableException(); + } + return $id; } /** diff --git a/lib/private/Session/Memory.php b/lib/private/Session/Memory.php index 3dba274f395..bcb1f1d950c 100644 --- a/lib/private/Session/Memory.php +++ b/lib/private/Session/Memory.php @@ -26,6 +26,9 @@ namespace OC\Session; +use Exception; +use OCP\Session\Exceptions\SessionNotAvailableException; + /** * Class Internal * @@ -92,10 +95,11 @@ class Memory extends Session { * Wrapper around session_id * * @return string + * @throws SessionNotAvailableException * @since 9.1.0 */ public function getId() { - throw new \Exception('Memory session does not have an ID'); + throw new SessionNotAvailableException('Memory session does not have an ID'); } /** @@ -108,11 +112,11 @@ class Memory extends Session { /** * In case the session has already been locked an exception will be thrown * - * @throws \Exception + * @throws Exception */ private function validateSession() { if ($this->sessionClosed) { - throw new \Exception('Session has been closed - no further changes to the session are allowed'); + throw new Exception('Session has been closed - no further changes to the session are allowed'); } } } -- cgit v1.2.3