From 0a3912cf96343581e8cd44ed6399cca7129f32ac Mon Sep 17 00:00:00 2001
From: Miles Lott <milosch@alumni.egroupware.org>
Date: Mon, 12 Aug 2002 00:59:34 +0000
Subject: [PATCH] verify that get_var did not return an empty cookie var
 (breaks noncookie sessions)

---
 phpgwapi/inc/class.sessions_db.inc.php   | 12 ++++++++++--
 phpgwapi/inc/class.sessions_php4.inc.php | 23 +++++++++++++++--------
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/phpgwapi/inc/class.sessions_db.inc.php b/phpgwapi/inc/class.sessions_db.inc.php
index 97d01955b0..8aa8290f15 100644
--- a/phpgwapi/inc/class.sessions_db.inc.php
+++ b/phpgwapi/inc/class.sessions_db.inc.php
@@ -118,8 +118,16 @@
 		{
 			if(empty($sessionid) || !$sessionid)
 			{
-				$sessionid = get_var('sessionid',Array('COOKIE','GET'));
-				$kp3       = get_var('kp3',Array('COOKIE','GET'));
+				$sessionid = get_var('sessionid',array('COOKIE'));
+				if(@empty($sessionid))
+				{
+					$sessionid = get_var('sessionid',array('GET'));
+				}
+				$kp3 = get_var('kp3',array('COOKIE'));
+				if(@empty($kp3))
+				{
+					$kp3 = get_var('kp3',array('GET'));
+				}
 			}
 
 			$db              = $GLOBALS['phpgw']->db;
diff --git a/phpgwapi/inc/class.sessions_php4.inc.php b/phpgwapi/inc/class.sessions_php4.inc.php
index 79bfc5e07a..9225dba418 100644
--- a/phpgwapi/inc/class.sessions_php4.inc.php
+++ b/phpgwapi/inc/class.sessions_php4.inc.php
@@ -113,13 +113,20 @@
 		{
 			if(empty($sessionid) || !$sessionid)
 			{
-				$sessionid = get_var('sessionid',Array('COOKIE','GET'));
-				$kp3       = get_var('kp3',Array('COOKIE','GET'));
+				$sessionid = get_var('sessionid',array('COOKIE'));
+				if(@empty($sessionid))
+				{
+					$sessionid = get_var('sessionid',array('GET'));
+				}
+				$kp3 = get_var('kp3',array('COOKIE'));
+				if(@empty($kp3))
+				{
+					$kp3 = get_var('kp3',array('GET'));
+				}
 			}
 
 			$this->sessionid = $sessionid;
 			$this->kp3       = $kp3;
-			
 
 			session_start();
 			$GLOBALS['phpgw_session'] = $GLOBALS['HTTP_SESSION_VARS']['phpgw_session'];
@@ -389,7 +396,7 @@
 			$GLOBALS['phpgw_session']['session_dla'] = $now;
 			$GLOBALS['phpgw_session']['session_action'] = $GLOBALS['PHP_SELF'];
 			$GLOBALS['phpgw_session']['session_flags'] = $session_flags;
-		
+
 			session_register('phpgw_session');
 			$GLOBALS['HTTP_SESSION_VARS']['phpgw_session'] = $GLOBALS['phpgw_session'];
 
@@ -602,7 +609,7 @@
 			$GLOBALS['phpgw_session']['session_dla'] = $now;
 			$GLOBALS['phpgw_session']['session_action'] = $GLOBALS['PHP_SELF'];
 			$GLOBALS['phpgw_session']['session_flags'] = $session_flags;
-		
+
 			session_register('phpgw_session');
 			$GLOBALS['HTTP_SESSION_VARS']['phpgw_session'] = $GLOBALS['phpgw_session'];
 
@@ -630,7 +637,7 @@
 
 			$GLOBALS['phpgw_session']['session_dla'] = time();
 			$GLOBALS['phpgw_session']['session_action'] = $action;
-		
+
 			session_register('phpgw_session');
 			$GLOBALS['HTTP_SESSION_VARS']['phpgw_session'] = $GLOBALS['phpgw_session'];
 
@@ -742,7 +749,7 @@
 				$this->appsession('phpgw_info_cache','phpgwapi',$phpgw_info_temp);
 			}
 		}
-	
+
 		function appsession($location = 'default', $appname = '', $data = '##NOTHING##')
 		{
 			if (! $appname)
@@ -858,7 +865,7 @@
 					$url = $app.'/'.$url;
 				}
 			}
-			
+
 			if($full_scriptname)
 			{
 				$webserver_url_count = strlen($GLOBALS['phpgw_info']['server']['webserver_url'])-1;