- Patch #201122 by c960657, Moshe Weitzman: never write anonymous sessions, unless something has been written to . This is an important performance improvements -- as long as you use modules that use carefully. It might be good to report some analytics about this in the performance settings page so administrators can see if there is a 'broken' module.

1 files changed, 6 insertions, 0 deletions

diff --git a/modules/openid/openid.module b/modules/openid/openid.module
index f7636ad29..cf5681b23 100644
--- a/modules/openid/openid.module
+++ b/modules/openid/openid.module
@@ -161,6 +161,9 @@ function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
   }
 
   // Store discovered information in the users' session so we don't have to rediscover.
+  if (!isset($_SESSION['openid'])) {
+    drupal_set_session('openid', array());
+  }
   $_SESSION['openid']['service'] = $services[0];
   // Store the claimed id
   $_SESSION['openid']['claimed_id'] = $claimed_id;
@@ -408,6 +411,9 @@ function openid_authentication($response) {
       // We were unable to register a valid new user, redirect to standard
       // user/register and prefill with the values we received.
       drupal_set_message(t('OpenID registration failed for the reasons listed. You may register now, or if you already have an account you can <a href="@login">log in</a> now and add your OpenID under "My Account"', array('@login' => url('user/login'))), 'error');
+      if (!isset($_SESSION['openid'])) {
+        drupal_set_session('openid', array());
+      }
       $_SESSION['openid']['values'] = $form_state['values'];
       // We'll want to redirect back to the same place.
       $destination = drupal_get_destination();