Fix session handling, support staff-affiliation as being detected as tutor

1 files changed, 7 insertions, 5 deletions

diff --git a/inc/session.inc.php b/inc/session.inc.php
index 891a465..93c33e5 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -9,7 +9,8 @@ class Session
 	
 	private static function generateSessionId()
 	{
-		if (self::$sid !== false) Util::traceError('Error: Asked to generate session id when already set.');
+		if (self::$sid !== false)
+			Util::traceError('Error: Asked to generate session id when already set.');
 		self::$sid = sha1(
 			mt_rand(0, 65535)
 			. $_SERVER['REMOTE_ADDR']
@@ -47,9 +48,9 @@ class Session
 
 	public static function setUid($value)
 	{
-		if (!is_numeric($value) || $value < 1)
+		if (strlen($value) < 5)
 			Util::traceError('Invalid user id: ' . $value);
-		self::set('uid', (int)$value);
+		self::set('uid', $value);
 	}
 
 	public static function get($key)
@@ -72,7 +73,7 @@ class Session
 	private static function loadSessionId()
 	{
 		if (self::$sid !== false)
-			die('Error: Asked to load session id when already set.');
+			Util::traceError('Error: Asked to load session id when already set.');
 		if (empty($_COOKIE['sid']))
 			return false;
 		$id = preg_replace('/[^a-zA-Z0-9]/', '', $_COOKIE['sid']);
@@ -112,8 +113,9 @@ class Session
 		if (self::$sid === false || self::$data !== false)
 			Util::traceError('Tried to readSessionData on an active session!');
 		$data = Database::queryFirst('SELECT dateline, data FROM websession WHERE sid = :sid LIMIT 1', array('sid' => self::$sid));
-		if ($data === false)
+		if ($data === false) {
 			return false;
+		}
 		if ($data['dateline'] + CONFIG_SESSION_TIMEOUT < time()) {
 			self::delete();
 			return false;