[BUGFIX] FE session records are never removed
authorSteffen Müller <typo3@t3node.com>
Sat, 17 Mar 2012 14:43:23 +0000 (15:43 +0100)
committerDmitry Dulepov <dmitry@typo3.org>
Tue, 4 Dec 2012 13:42:56 +0000 (14:42 +0100)
The FE session records are never removed,
even if no session data are left.

Change-Id: Ibc281b2831567476dc0ba607de0753cd6ad39bc9
Fixes: #34964
Releases: 4.5, 4.6, 4.7, 6.0
Reviewed-on: http://review.typo3.org/9719
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Stefan Neufeind
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthtenication.php

index b6205a1..7e1c52e 100644 (file)
@@ -401,7 +401,10 @@ class FrontendUserAuthtenication extends \TYPO3\CMS\Core\Authentication\Abstract
                        $this->writeUC('');
                }
                if ($this->sesData_change && $this->id) {
-                       if ($this->sessionDataTimestamp === NULL) {
+                       if (empty($this->sesData)) {
+                               // Remove session-data
+                               $this->removeSessionData();
+                       } elseif ($this->sessionDataTimestamp === NULL) {
                                // Write new session-data
                                $insertFields = array(
                                        'hash' => $this->id,
@@ -483,12 +486,20 @@ class FrontendUserAuthtenication extends \TYPO3\CMS\Core\Authentication\Abstract
                        switch ($type) {
                        case 'user':
                                if ($this->user['uid']) {
-                                       $this->uc[$key] = $data;
+                                       if ($data === NULL) {
+                                               unset($this->uc[$key]);
+                                       } else {
+                                               $this->uc[$key] = $data;
+                                       }
                                        $this->userData_change = 1;
                                }
                                break;
                        case 'ses':
-                               $this->sesData[$key] = $data;
+                               if ($data === NULL) {
+                                       unset($this->sesData[$key]);
+                               } else {
+                                       $this->sesData[$key] = $data;
+                               }
                                $this->sesData_change = 1;
                                break;
                        }
@@ -586,4 +597,4 @@ class FrontendUserAuthtenication extends \TYPO3\CMS\Core\Authentication\Abstract
 }
 
 
-?>
\ No newline at end of file
+?>