[#34161] - [4] Fatal error can be created calling Factory::createSession
- Closed
- 16 Aug 2021
- Medium
- Build: staging
- # 34161
On code review it appears that the deprecated protected method createSession in the \Joomla\CMS\Factory abstract class is referencing a non existing class \JSessionHandlerJoomla and will therefore PHP Fatal error if anyone attempts to call this method.
This method is not used by Joomla and is already marked as deprecated for removal in 5.0 but as such it should remain working until then - and not creating fatal errors.
joomla-cms/libraries/src/Factory.php
Line 630 in f64e018
joomla-cms-bot
- | Labels |
Added:
?
|
||
So I guess we just remove createSession as it's totally unused? As the session is now injected into the Application. It is protected so technically it's a b/c break to those subclassing Factory. But it's one of those things where practically it's not going to affect anyone. Especially as there's no real way to easily make this work.
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-08-16 07:54:49 |
| Closed_By | ⇒ | PhilETaylor | |
| Labels |
Added:
No Code Attached Yet
Removed: ? |
||
Then the
$sessionHandlervariable is used to get an instance of a Session classhttps://github.com/joomla/joomla-cms/blob/staging/libraries/src/Factory.php#L621
It's done by call to the
getInstance()method, which has no arguments at all (https://github.com/joomla/joomla-cms/blob/4.0-dev/libraries/src/Session/Session.php#L160-L170).