From: Jason Woofenden <jason@jasonwoof.com>
Date: Tue, 2 Feb 2010 06:42:15 +0000 (-0500)
Subject: sessions: use $_COOKIE instead of $_REQUEST
X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl.git;a=commitdiff_plain;h=2b91af8c3f5c2b6cf3b749c769c5ccbe62890b5e

sessions: use $_COOKIE instead of $_REQUEST

No idea why, but on some systems $_REQUEST fails to contain the $_COOKIE
variables. (Despite variables_order = "GPCS")
---

diff --git a/session.php b/session.php
index c3c1f44..9013157 100644
--- a/session.php
+++ b/session.php
@@ -56,7 +56,7 @@ function session_new($length = 86400) {
 	db_insert('wfpl_sessions', 'session_key,length', $session_key, $length);
 	$GLOBALS['session_id'] = db_auto_id();
 	$GLOBALS['session_key'] = $session_key;
-	$_REQUEST['session_key'] = $session_key; #just in case someone calls session_exists() after session_new()
+	$_COOKIE['session_key'] = $session_key; #just in case someone calls session_exists() after session_new()
 	session_touch($length);
 	return $GLOBALS['session_key'];
 }
@@ -99,7 +99,7 @@ function session_purge_old() {
 
 # return true if a session exists
 function session_exists() {
-	if(!isset($_REQUEST['session_key'])) {
+	if(!isset($_COOKIE['session_key'])) {
 		return false;
 	}
 
@@ -107,7 +107,7 @@ function session_exists() {
 		return true;
 	}
 
-	$session_key = ereg_replace('[^a-zA-Z0-9]', '', $_REQUEST['session_key']);
+	$session_key = ereg_replace('[^a-zA-Z0-9]', '', $_COOKIE['session_key']);
 
 	if(!strlen($session_key) == 16) {
 		return false;