RFC: Reopen sessions if we need to write to them

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Author: juliusknorr

lib/base.php

@@ -453,6 +453,7 @@ public static function initSession() {
 		}
 
 		$session->set('LAST_ACTIVITY', time());
+		$session->close();
 	}
 
 	/**

lib/private/AppFramework/Middleware/SessionMiddleware.php

@@ -51,8 +51,8 @@ public function __construct(ControllerMethodReflector $reflector,
 	 */
 	public function beforeController($controller, $methodName) {
 		$useSession = $this->reflector->hasAnnotation('UseSession');
-		if (!$useSession) {
-			$this->session->close();
+		if ($useSession) {
+			$this->session->reopen();
 		}
 	}
 

lib/private/Session/CryptoSessionData.php

@@ -97,8 +97,10 @@ protected function initializeSession() {
 	 * @param mixed $value
 	 */
 	public function set(string $key, $value) {
+		$this->reopen();
 		$this->sessionValues[$key] = $value;
 		$this->isModified = true;
+		$this->close();
 	}
 
 	/**
@@ -149,6 +151,10 @@ public function clear() {
 		$this->session->clear();
 	}
 
+	public function reopen() {
+		$this->session->reopen();
+	}
+
 	/**
 	 * Wrapper around session_regenerate_id
 	 *

lib/private/Session/Internal.php

@@ -68,8 +68,11 @@ public function __construct(string $name) {
 	 * @param integer $value
 	 */
 	public function set(string $key, $value) {
-		$this->validateSession();
+		$reopened = $this->reopen();
 		$_SESSION[$key] = $value;
+		if ($reopened) {
+			$this->close();
+		}
 	}
 
 	/**
@@ -101,6 +104,7 @@ public function remove(string $key) {
 	}
 
 	public function clear() {
+		$this->reopen();
 		$this->invoke('session_unset');
 		$this->regenerateId();
 		$this->startSession(true);
@@ -120,6 +124,7 @@ public function close() {
 	 * @return void
 	 */
 	public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) {
+		$this->reopen();
 		$oldId = null;
 
 		if ($updateToken) {
@@ -172,7 +177,13 @@ public function getId(): string {
 	 * @throws \Exception
 	 */
 	public function reopen() {
-		throw new \Exception('The session cannot be reopened - reopen() is ony to be used in unit testing.');
+		if ($this->sessionClosed) {
+			$this->startSession();
+			$this->sessionClosed = false;
+			return true;
+		}
+
+		return false;
 	}
 
 	/**

lib/public/ISession.php

@@ -82,6 +82,8 @@ public function remove(string $key);
 	 * @since 6.0.0
 	 */
 	public function clear();
+	
+	public function reopen();
 
 	/**
 	 * Close the session and release the lock