From c0b043dfcada9871f8ad37c4f9f7186bb2b88757 Mon Sep 17 00:00:00 2001 From: Alexander Ebert Date: Tue, 7 Apr 2015 20:38:47 +0200 Subject: [PATCH] Properly inheriting SECURITY_TOKEN for virtual sessions --- .../files/lib/system/session/SessionHandler.class.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php index 2e72d28c32..4a6ad93d0f 100644 --- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php +++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php @@ -811,6 +811,12 @@ class SessionHandler extends SingletonFactory { // inherit existing session $this->session = $session; + + // inherit security token + $variables = @unserialize($this->session->sessionVariables); + if (is_array($variables) && !empty($variables['__SECURITY_TOKEN'])) { + $this->register('__SECURITY_TOKEN', $variables['__SECURITY_TOKEN']); + } } break; } -- 2.20.1