Properly inheriting SECURITY_TOKEN for virtual sessions
authorAlexander Ebert <ebert@woltlab.com>
Tue, 7 Apr 2015 18:38:47 +0000 (20:38 +0200)
committerAlexander Ebert <ebert@woltlab.com>
Tue, 7 Apr 2015 18:38:47 +0000 (20:38 +0200)
wcfsetup/install/files/lib/system/session/SessionHandler.class.php

index 2e72d28c32d4df02b6829145f9bb48950b7813a4..4a6ad93d0fbec16e2a7dc1a8d0fecd312db68708 100644 (file)
@@ -811,6 +811,12 @@ class SessionHandler extends SingletonFactory {
                                        
                                        // inherit existing session
                                        $this->session = $session;
+                                       
+                                       // inherit security token
+                                       $variables = @unserialize($this->session->sessionVariables);
+                                       if (is_array($variables) && !empty($variables['__SECURITY_TOKEN'])) {
+                                               $this->register('__SECURITY_TOKEN', $variables['__SECURITY_TOKEN']);
+                                       }
                                }
                        break;
                }