Index: branches/5.2.x/core/kernel/session/session.php =================================================================== diff -u -N -r14572 -r14628 --- branches/5.2.x/core/kernel/session/session.php (.../session.php) (revision 14572) +++ branches/5.2.x/core/kernel/session/session.php (.../session.php) (revision 14628) @@ -1,6 +1,6 @@ Mode == self::smGET_ONLY) { + if ( $this->Mode == self::smGET_ONLY ) { //we don't need to bother checking if we would not use it $this->CookiesEnabled = false; - return; + return false; } $http_query =& $this->Application->recallObject('HTTPQuery'); + /* @var $http_query kHTTPQuery */ + $cookies_on = array_key_exists('cookies_on', $http_query->Cookie); // not good here $get_sid = getArrayValue($http_query->Get, $this->GETName); - if (($this->IsHTTPSRedirect() && $get_sid) || $this->getFlashSID()) { // Redirect from http to https on different domain OR flash uploader + if ( ($this->IsHTTPSRedirect() && $get_sid) || $this->getFlashSID() ) { // Redirect from http to https on different domain OR flash uploader $this->OriginalMode = $this->Mode; $this->SetMode(self::smGET_ONLY); } - if (!$cookies_on || $this->IsHTTPSRedirect() || $this->getFlashSID()) { + if ( !$cookies_on || $this->IsHTTPSRedirect() || $this->getFlashSID() ) { //If referer is our server, but we don't have our cookies_on, it's definetly off $is_install = defined('IS_INSTALL') && IS_INSTALL; - if (!$is_install && $this->_checkCookieReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) { + if ( !$is_install && $this->_checkCookieReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect() ) { $this->CookiesEnabled = false; } else { @@ -476,6 +479,8 @@ if (!$get_sid) { $http_query =& $this->Application->recallObject('HTTPQuery'); + /* @var $http_query kHTTPQuery */ + $get_sid = getArrayValue($http_query->Get, $this->GETName); }