suppress warning if session already active (trace logs the password)

2024-12-26 16:48:49 +01:00 · 2020-02-26 13:45:21 +01:00 · 2020-02-26 13:45:21 +01:00 · deb482aca3
commit deb482aca3
parent e99c3368e6
1 changed files with 4 additions and 1 deletions
--- a/api/src/Session.php
+++ b/api/src/Session.php
@ -550,7 +550,10 @@ class Session
 			// --> allows this stateless protocolls which use basic auth to use sessions!
 			if (($this->sessionid = self::get_sessionid(true)))
 			{
-				session_id($this->sessionid);
+				if (session_status() !== PHP_SESSION_ACTIVE)	// gives warning including password
+				{
+					session_id($this->sessionid);
+				}
 			}
 			else
 			{