tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-30 05:09:06 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9152 from creative-commoners/pulls/4.3/session-exists-check

Browse Source 
FIX Prevent setting session value when no session exists yet
This commit is contained in:
Loz Calver 2019-07-30 09:42:45 +01:00 committed by GitHub
commit 6f19cb3a83
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/Security/Security.php
View File

@ -2,6 +2,7 @@
namespace SilverStripe\Security; namespace SilverStripe\Security;
use BadMethodCallException;
use LogicException; use LogicException;
use Page; use Page;
use ReflectionClass; use ReflectionClass;
@ -420,10 +421,14 @@ class Security extends Controller implements TemplateGlobalProvider
$message = $messageSet['default']; $message = $messageSet['default'];
} }
list($messageText, $messageCast) = $parseMessage($message); try {
static::singleton()->setSessionMessage($messageText, ValidationResult::TYPE_WARNING, $messageCast); list($messageText, $messageCast) = $parseMessage($message);
static::singleton()->setSessionMessage($messageText, ValidationResult::TYPE_WARNING, $messageCast);
$controller->getRequest()->getSession()->set("BackURL", $_SERVER['REQUEST_URI']); $controller->getRequest()->getSession()->set("BackURL", $_SERVER['REQUEST_URI']);
} catch (BadMethodCallException $ex) {
// noop, if session was not set yet
}
// TODO AccessLogEntry needs an extension to handle permission denied errors // TODO AccessLogEntry needs an extension to handle permission denied errors
// Audit logging hook // Audit logging hook