diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-06-05 13:30:42 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-06-05 13:30:42 +0000 |
| commit | 8fb6adbc21302e896b1019aad2edd5c87a518a98 (patch) | |
| tree | 986bf9d2f093dbe6631cedf7d855701c44b50d69 /includes/session.inc | |
| parent | 15bca6e4623e0344c4165b5e9ac6f4502e6f2481 (diff) | |
| download | brdo-8fb6adbc21302e896b1019aad2edd5c87a518a98.tar.gz brdo-8fb6adbc21302e896b1019aad2edd5c87a518a98.tar.bz2 | |
- Patch #742246 by jbrown, noahb, aspilicious, alexanderpas, rfay:handle uncaught exceptions.
Diffstat (limited to 'includes/session.inc')
| -rw-r--r-- | includes/session.inc | 84 |
1 files changed, 48 insertions, 36 deletions
diff --git a/includes/session.inc b/includes/session.inc index 67c52e6ef..ce5524a22 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -140,46 +140,58 @@ function _drupal_session_read($sid) { function _drupal_session_write($sid, $value) { global $user, $is_https; - if (!drupal_save_session()) { - // We don't have anything to do if we are not allowed to save the session. - return; - } - - $fields = array( - 'uid' => $user->uid, - 'cache' => isset($user->cache) ? $user->cache : 0, - 'hostname' => ip_address(), - 'session' => $value, - 'timestamp' => REQUEST_TIME, - ); - $key = array('sid' => $sid); - if ($is_https) { - $key['ssid'] = $sid; - $insecure_session_name = substr(session_name(), 1); - // The "secure pages" setting allows a site to simultaneously use both - // secure and insecure session cookies. If enabled, use the insecure session - // identifier as the sid. - if (variable_get('https', FALSE) && isset($_COOKIE[$insecure_session_name])) { - $key['sid'] = $_COOKIE[$insecure_session_name]; + // The exception handler is not active at this point, so we need to do it manually. + try { + if (!drupal_save_session()) { + // We don't have anything to do if we are not allowed to save the session. + return; } - } - db_merge('sessions') - ->key($key) - ->fields($fields) - ->execute(); - // Last access time is updated no more frequently than once every 180 seconds. - // This reduces contention in the users table. - if ($user->uid && REQUEST_TIME - $user->access > variable_get('session_write_interval', 180)) { - db_update('users') - ->fields(array( - 'access' => REQUEST_TIME - )) - ->condition('uid', $user->uid) + $fields = array( + 'uid' => $user->uid, + 'cache' => isset($user->cache) ? $user->cache : 0, + 'hostname' => ip_address(), + 'session' => $value, + 'timestamp' => REQUEST_TIME, + ); + $key = array('sid' => $sid); + if ($is_https) { + $key['ssid'] = $sid; + $insecure_session_name = substr(session_name(), 1); + // The "secure pages" setting allows a site to simultaneously use both + // secure and insecure session cookies. If enabled, use the insecure session + // identifier as the sid. + if (variable_get('https', FALSE) && isset($_COOKIE[$insecure_session_name])) { + $key['sid'] = $_COOKIE[$insecure_session_name]; + } + } + db_merge('sessions') + ->key($key) + ->fields($fields) ->execute(); - } - return TRUE; + // Last access time is updated no more frequently than once every 180 seconds. + // This reduces contention in the users table. + if ($user->uid && REQUEST_TIME - $user->access > variable_get('session_write_interval', 180)) { + db_update('users') + ->fields(array( + 'access' => REQUEST_TIME + )) + ->condition('uid', $user->uid) + ->execute(); + } + + return TRUE; + } + catch (Exception $exception) { + require_once DRUPAL_ROOT . '/includes/errors.inc'; + // If we are displaying errors, then do so with no possibility of a further uncaught exception being thrown. + if (error_displayable()) { + print '<h1>Uncaught exception thrown in session handler.</h1>'; + print '<p>' . _drupal_render_exception_safe($exception) . '</p><hr />'; + } + return FALSE; + } } /** |