diff options
| author | Alexander M. Turek <me@derrabus.de> | 2015-01-06 15:21:18 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2015-01-07 09:13:06 +0100 |
| commit | 21689b9e96aa820bcb2a2979d04685675497f736 (patch) | |
| tree | 518797ac1a4b0f993572a2cd7713a7bd44e6ac9c /Http/Session | |
| parent | c89020dda8f90ae69bf0e76af7720f51be83a760 (diff) | |
| download | symfony-security-21689b9e96aa820bcb2a2979d04685675497f736.zip symfony-security-21689b9e96aa820bcb2a2979d04685675497f736.tar.gz symfony-security-21689b9e96aa820bcb2a2979d04685675497f736.tar.bz2 | |
[Security] Don't destroy the session on buggy php releases.v2.3.24
Diffstat (limited to 'Http/Session')
| -rw-r--r-- | Http/Session/SessionAuthenticationStrategy.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/Http/Session/SessionAuthenticationStrategy.php b/Http/Session/SessionAuthenticationStrategy.php index dd258a0..ccfa6ba 100644 --- a/Http/Session/SessionAuthenticationStrategy.php +++ b/Http/Session/SessionAuthenticationStrategy.php @@ -47,7 +47,10 @@ class SessionAuthenticationStrategy implements SessionAuthenticationStrategyInte return; case self::MIGRATE: - $request->getSession()->migrate(true); + // Destroying the old session is broken in php 5.4.0 - 5.4.10 + // See php bug #63379 + $destroy = PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411; + $request->getSession()->migrate($destroy); return; |