Chek session string id

2a760672 · Alex Ne · 495cb234 · 2a760672
Commit 2a760672 authored Jul 10, 2016 by Alex Ne
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 7 deletions

Session.php Accounting/Session.php +9 -7

No files found.
--- a/Accounting/Session.php
+++ b/Accounting/Session.php
@@ -76,13 +76,15 @@ class Session extends \X\Security\Crypto\IDEA {
 		$In            = new \X_Input();
 		$this->session = $In->CookieValue($this->session_name, false) ?: $In->Request($this->session_name, "")->string();
 		if (strlen($this->session) > 0) {
-			if (is_array($session_data = $this->explode(gzuncompress($this->decrypt_b64($this->session))))) {
-				if (isset($session_data["cs"])) {
-					if ($session_data["cs"] == $this->crypto_checksum($session_data)) {
-						$this->session_data = $session_data;
-						return true;
-					} else {
-						throw new SessionChecksumError("Checksum Error", [get_defined_vars(), $this]);
+			if (is_string($SessionString = $this->decrypt_b64($this->session))) {
+				if (is_array($session_data = $this->explode(gzuncompress($SessionString)))) {
+					if (isset($session_data["cs"])) {
+						if ($session_data["cs"] == $this->crypto_checksum($session_data)) {
+							$this->session_data = $session_data;
+							return true;
+						} else {
+							throw new SessionChecksumError("Checksum Error", [get_defined_vars(), $this]);
+						}
 					}
 				}
 			}