From a9da3dd2f16a8f97d7bc4ff5572b28e4bb84c813 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Tue, 12 Jun 2018 16:40:12 +0300
Subject: [ci skip] Prepare 3.1.9 release

---
 .../libraries/Session/drivers/Session_files_driver.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'system/libraries/Session/drivers/Session_files_driver.php')

diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index c6d789aae..654f30010 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -148,6 +148,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
 			.$name // we'll use the session cookie name as a prefix to avoid collisions
 			.($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : '');
 
+		$this->php5_validate_id();
+
 		return $this->_success;
 	}
 
@@ -391,6 +393,22 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
 
 	// --------------------------------------------------------------------
 
+	/**
+	 * Validate ID
+	 *
+	 * Checks whether a session ID record exists server-side,
+	 * to enforce session.use_strict_mode.
+	 *
+	 * @param	string	$id
+	 * @return	bool
+	 */
+	public function validateId($id)
+	{
+		return is_file($this->_file_path.$id);
+	}
+
+	// --------------------------------------------------------------------
+
 	/**
 	 * Byte-safe strlen()
 	 *
-- 
cgit v1.2.3-24-g4f1b