dev/drupal#98 Fix masquerade issue caused by drupal update change

[civicrm-core.git] / CRM / Core / Session.php

diff --git a/CRM/Core/Session.php b/CRM/Core/Session.php
index 7794ca48b61c48942ebb443f0eb4272dbeb8a69c..75936e7f94127d7d6e3e73f743f7dbc86d72431c 100644 (file)
--- a/CRM/Core/Session.php
+++ b/CRM/Core/Session.php
@@ -41,6 +41,13 @@ class CRM_Core_Session {
    */
   protected $_session = NULL;
 
+  /**
+   * Current php Session ID : needed to detect if the session is changed
+   *
+   * @var string
+   */
+  protected $sessionID;
+
   /**
    * We only need one instance of this object. So we use the singleton
    * pattern and cache the instance in this variable
@@ -88,6 +95,11 @@ class CRM_Core_Session {
    *   Is this a read operation, in this case, the session will not be touched.
    */
   public function initialize($isRead = FALSE) {
+    // remove $_SESSION reference if session is changed
+    if (($sid = session_id()) !== $this->sessionID) {
+      $this->_session = NULL;
+      $this->sessionID = $sid;
+    }
     // lets initialize the _session variable just before we need it
     // hopefully any bootstrapping code will actually load the session from the CMS
     if (!isset($this->_session)) {