Merge branch 'master' of ssh://lx-office.linet-services.de/~/lx-office-erp

diff --git a/SL/Auth.pm b/SL/Auth.pm
index a11fbaf..2bd2d09 100644 (file)
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -489,7 +489,7 @@ sub restore_session {
   if (!$cookie || $cookie->{is_expired} || ($cookie->{ip_address} ne $ENV{REMOTE_ADDR})) {
     $self->destroy_session();
     $main::lxdebug->leave_sub();
-    return SESSION_EXPIRED;
+    return $cookie ? SESSION_EXPIRED : SESSION_NONE;
   }
 
   $query = qq|SELECT sess_key, sess_value FROM auth.session_content WHERE session_id = ?|;

diff --git a/SL/Form.pm b/SL/Form.pm
index dc03168..6785c3a 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -594,20 +594,21 @@ sub create_http_response {
     pop @segments;
     $uri->path_segments(@segments);
 
-    my $session_cookie_value   = $main::auth->get_session_id();
-    $session_cookie_value    ||= 'NO_SESSION';
+    my $session_cookie_value = $main::auth->get_session_id();
 
-    $session_cookie = $cgi->cookie('-name'   => $main::auth->get_session_cookie_name(),
-                                   '-value'  => $session_cookie_value,
-                                   '-path'   => $uri->path,
-                                   '-secure' => $ENV{HTTPS});
+    if ($session_cookie_value) {
+      $session_cookie = $cgi->cookie('-name'   => $main::auth->get_session_cookie_name(),
+                                     '-value'  => $session_cookie_value,
+                                     '-path'   => $uri->path,
+                                     '-secure' => $ENV{HTTPS});
+    }
   }
 
   my %cgi_params = ('-type' => $params{content_type});
   $cgi_params{'-charset'} = $params{charset} if ($params{charset});
+  $cgi_params{'-cookie'}  = $session_cookie  if ($session_cookie);
 
-  my $output = $cgi->header('-cookie' => $session_cookie,
-                            %cgi_params);
+  my $output = $cgi->header(%cgi_params);
 
   $main::lxdebug->leave_sub();