diff --git a/include/Webservices/ExtendSession.php b/include/Webservices/ExtendSession.php
index 4c44ef6e82626c9cdb471e2dd86771e68e4aff80..f755d5334732284032a6c09e124933ede89a55fe 100644
--- a/include/Webservices/ExtendSession.php
+++ b/include/Webservices/ExtendSession.php
@@ -10,17 +10,19 @@
function vtws_extendSession(){
global $adb,$API_VERSION,$application_unique_key;
- if(isset($_SESSION["authenticated_user_id"]) && $_SESSION["app_unique_key"] == $application_unique_key){
- $userId = $_SESSION["authenticated_user_id"];
- $sessionManager = new SessionManager();
- $sessionManager->set("authenticatedUserId", $userId);
- $crmObject = VtigerWebserviceObject::fromName($adb,"Users");
- $userId = vtws_getId($crmObject->getEntityId(),$userId);
- $vtigerVersion = vtws_getVtigerVersion();
- $resp = array("sessionName"=>$sessionManager->getSessionId(),"userId"=>$userId,"version"=>$API_VERSION,"vtigerVersion"=>$vtigerVersion);
- return $resp;
- }else{
- throw new WebServiceException(WebServiceErrorCode::$AUTHFAILURE,"Authencation Failed");
- }
+ if($_SESSION['authenticatedUserId'] || (isset($_SESSION["authenticated_user_id"]) && $_SESSION["app_unique_key"] == $application_unique_key)){
+ $userId = ($_SESSION["authenticated_user_id"]) ? $_SESSION["authenticated_user_id"] : $_SESSION['authenticatedUserId'];
+ //unsetting as session manager will set it, if set then it is not extended by HTTP_Session::setExpire
+ unset($_SESSION['__HTTP_Session_Expire_TS']);
+ $sessionManager = new SessionManager();
+ $sessionManager->set("authenticatedUserId", $userId);
+ $crmObject = VtigerWebserviceObject::fromName($adb,"Users");
+ $userId = vtws_getId($crmObject->getEntityId(),$userId);
+ $vtigerVersion = vtws_getVtigerVersion();
+ $resp = array("sessionName"=>$sessionManager->getSessionId(),"userId"=>$userId,"version"=>$API_VERSION,"vtigerVersion"=>$vtigerVersion);
+ return $resp;
+ }else{
+ throw new WebServiceException(WebServiceErrorCode::$AUTHFAILURE,"Authencation Failed");
+ }
}
?>
\ No newline at end of file
diff --git a/libraries/HTTP_Session2/HTTP/Session2.php b/libraries/HTTP_Session2/HTTP/Session2.php
index 3f677447312478abc5163e4330999fed7d4a8cf4..6353f33923ec00e447b554d989a10cc80f6cdcc5 100644
--- a/libraries/HTTP_Session2/HTTP/Session2.php
+++ b/libraries/HTTP_Session2/HTTP/Session2.php
@@ -463,22 +463,9 @@ class HTTP_Session2
*/
public static function useCookies($useCookies = null)
{
- $return = false;
- if (ini_get('session.use_cookies') == '1') {
- $return = true;
- }
- if ($useCookies !== null) {
- if ($useCookies === true) {
- $status = ini_set('session.use_cookies', 1);
- } else {
- $status = ini_set('session.use_cookies', 0);
- }
- if ($status === false) {
- $msg = "Could not set 'session.use_cookies'. Please check your ";
- $msg .= 'permissions to override php.ini-settings. E.g. a possible ';
- $msg .= 'php_admin_value setting or blocked ini_set() calls ';
- throw new HTTP_Session2_Exception($msg, self::ERR_SYSTEM_PERM);
- }
+ $return = ini_get('session.use_cookies') ? true : false;
+ if (isset($useCookies)) {
+ ini_set('session.use_cookies', $useCookies ? 1 : 0);
}
return $return;
}
diff --git a/webservice.php b/webservice.php
index 98dfa1e0257a399015aded2e011935f5077648ca..bc47ea685d5c7a8b1a1b43e1d7433a15d783918b 100644
--- a/webservice.php
+++ b/webservice.php
@@ -8,7 +8,7 @@
* All Rights Reserved.
********************************************************************************/
- require_once("config.php");
+require_once("config.php");
/**
* URL Verfication - Required to overcome Apache mis-configuration and leading to shared setup mode.
*/
@@ -90,7 +90,7 @@
// Workaround fix for PHP 5.3.x: $_REQUEST doesn't have PHPSESSID
if(isset($_REQUEST['PHPSESSID'])) {
$sessionId = vtws_getParameter($_REQUEST,"PHPSESSID");
- } else {
+ } else if(isset($_COOKIE['PHPSESSID'])) { //if not set its creating new session
// NOTE: Need to evaluate for possible security issues
$sessionId = vtws_getParameter($_COOKIE,'PHPSESSID');
}