set http 500 when session could not be started to prevent serving of empty files see #1049
This commit is contained in:
parent
946a064fc6
commit
55c72617c6
|
@ -320,8 +320,11 @@ class OC {
|
||||||
// set the session name to the instance id - which is unique
|
// set the session name to the instance id - which is unique
|
||||||
session_name(OC_Util::getInstanceId());
|
session_name(OC_Util::getInstanceId());
|
||||||
|
|
||||||
// (re)-initialize session
|
// if session cant be started break with http 500 error
|
||||||
session_start();
|
if (session_start() === false){
|
||||||
|
header('HTTP/1.1 500 Internal Server Error');
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
// regenerate session id periodically to avoid session fixation
|
// regenerate session id periodically to avoid session fixation
|
||||||
if (!isset($_SESSION['SID_CREATED'])) {
|
if (!isset($_SESSION['SID_CREATED'])) {
|
||||||
|
|
Loading…
Reference in New Issue