From 5154bc2f70e62a853eab1404b1a0afd4d4119543 Mon Sep 17 00:00:00 2001
From: Ralf Becker <RalfBecker@outdoor-training.de>
Date: Thu, 5 Mar 2020 10:23:29 +0100
Subject: [PATCH] fix warnings, if headers are already sent, eg. in
 phpUnit/Travis

---
 .travis.yml         |  8 ++------
 api/src/Session.php | 44 ++++++++++++++++++++++++++------------------
 2 files changed, 28 insertions(+), 24 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 61eed0fc0a..4fbcfcf89c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -41,12 +41,9 @@ before_script:
   # configure apache virtual hosts
   - sudo cp -f doc/travis-ci-apache.conf /etc/apache2/sites-available/000-default.conf
   - sudo sed -e "s?%TRAVIS_BUILD_DIR%?$(pwd)?g" --in-place /etc/apache2/sites-available/000-default.conf
+  # remove .htaccess as it is read by Apache, but content is for mod_php
   - rm -f .htaccess
   - sudo service apache2 restart
-  - curl -i http://localhost/doc/rpm-build/debian.changes
-  - sudo tail /var/log/apache2/error.log
-  - curl -i http://localhost/egroupware/doc/rpm-build/debian.changes
-  - sudo tail /var/log/apache2/error.log
   - php -m
   - php -i
   - php install-cli.php --ignore-platform-reqs
@@ -59,7 +56,7 @@ script:
   # install egroupware using MariaDB as domain "default"
   # and add an admin user "demo" with password "guest"
   - php doc/rpm-build/post_install.php --domain default
-    --source_dir `pwd` --start_db '' --autostart_db '' --start_webserver '' --webserver_user ''
+    --source_dir `pwd` --start_db '' --autostart_db '' --start_webserver '' --autostart_webserver='' --webserver_user ''
     --admin_user demo --admin_passwd guest --admin_email noreply@example.com
   # disable PostgreSQL install as it fails in Travis with Fatal error: Call to unimplemented native function pg_set_client_encoding
   # install egroupware using PostgreSQL as domain "pgsql", need some specific handling we can not create users via sql
@@ -72,7 +69,6 @@ script:
   #- php doc/rpm-build/post_install.php --domain ldap --db_name ldap --db_user ldap
   #  --account-auth ldap --ldap_suffix dc=local --ldap_admin 'cn=admin,$suffix' --ldap_admin_pw secret
   #  --source_dir `pwd` --start_db '' --autostart_db '' --start_webserver '' --webserver_user ''
-  - curl -i http://localhost/egroupware/groupdav.php/
   # Ubuntu has problems with #!/usr/bin/env php -dapc.enable=1, it stalls forever
   - vendor/bin/phpunit -c doc -dapc.enable_cli=1
   # do not run syntax check for hhvm, as it always fails / get terminated after 10m
diff --git a/api/src/Session.php b/api/src/Session.php
index 17dc2ec68e..8e7b77ada6 100644
--- a/api/src/Session.php
+++ b/api/src/Session.php
@@ -555,7 +555,7 @@ class Session
 					session_id($this->sessionid);
 				}
 			}
-			else
+			elseif (!headers_sent())	// only gives warnings, nothing we can do
 			{
 				self::cache_control();
 				session_start();
@@ -566,6 +566,10 @@ class Session
 				}
 				$this->sessionid = session_id();
 			}
+			else
+			{
+				$this->sessionid = session_id() ?: Auth::randomstring(24);
+			}
 			$this->kp3       = Auth::randomstring(24);
 
 			$GLOBALS['egw_info']['user'] = $this->read_repositories();
@@ -644,26 +648,30 @@ class Session
 			}
 			$GLOBALS['egw']->db->transaction_commit();
 
-			if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
+			if (!headers_sent())
 			{
-				self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
-				self::egw_setcookie('kp3',$this->kp3);
-				self::egw_setcookie('domain',$this->account_domain);
-			}
-			if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session || isset($_COOKIE['last_loginid']))
-			{
-				self::egw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */
-				self::egw_setcookie('last_domain',$this->account_domain,$now+1209600);
-			}
+				if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
+				{
+					self::egw_setcookie(self::EGW_SESSION_NAME, $this->sessionid);
+					self::egw_setcookie('kp3', $this->kp3);
+					self::egw_setcookie('domain', $this->account_domain);
+				}
+				if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session || isset($_COOKIE['last_loginid']))
+				{
+					self::egw_setcookie('last_loginid', $this->account_lid, $now + 1209600); /* For 2 weeks */
+					self::egw_setcookie('last_domain', $this->account_domain, $now + 1209600);
+				}
 
-			// set new remember me token/cookie, if requested and necessary
-			$expiration = null;
-			if (($token = $this->checkSetRememberMeToken($remember_me, $_COOKIE[self::REMEMBER_ME_COOKIE], $expiration)))
-			{
-				self::egw_setcookie(self::REMEMBER_ME_COOKIE, $token, $expiration);
-			}
+				// set new remember me token/cookie, if requested and necessary
+				$expiration = null;
+				if (($token = $this->checkSetRememberMeToken($remember_me, $_COOKIE[self::REMEMBER_ME_COOKIE], $expiration)))
+				{
+					self::egw_setcookie(self::REMEMBER_ME_COOKIE, $token, $expiration);
+				}
 
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");
+				if (self::ERROR_LOG_DEBUG) error_log(__METHOD__ . "($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");
+			}
+			elseif (self::ERROR_LOG_DEBUG) error_log(__METHOD__ . "($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) could NOT set session cookies, headers already sent");
 
 			// hook called once session is created
 			Hooks::process(array(