Commit 96516e16 authored by mikeytown2's avatar mikeytown2

Issue #2281875 by mikeytown2: Prevent a session from starting unless the...

Issue #2281875 by mikeytown2: Prevent a session from starting unless the session cookie was passed in.
parent 7b1ab3fc
......@@ -74,6 +74,16 @@ function httprl_async_page() {
// @see http://tools.ietf.org/html/rfc4648#page-7
$args = unserialize(base64_decode(strtr($_POST['args'], array('-' => '+', '_' => '/'))));
// If a session cookie was not passed in, do not start a session.
if (empty($_COOKIE[session_name()])) {
if (defined('VERSION') && substr(VERSION, 0, 1) >= 7) {
drupal_save_session(FALSE);
}
else {
session_save_session(FALSE);
}
}
// Run the function.
if (!empty($_POST['function'])) {
$data = httprl_run_function($_POST['function'], $args);
......
......@@ -2150,15 +2150,14 @@ function httprl_run_callback(&$result) {
$result->options['callback'][0] = &$result;
// Capture anything printed out.
if (array_key_exists('printed', $callback_options)) {
ob_start();
}
ob_start();
// Call function.
$callback_options['return'] = call_user_func_array($callback_options['function'], $result->options['callback']);
if (array_key_exists('printed', $callback_options)) {
// Return printed output if requested to do so.
$callback_options['printed'] = ob_get_contents();
ob_end_clean();
}
ob_end_clean();
// Add options back into the callback array.
if (isset($result->options['callback'])) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment