From 8fb181687733d4c8bae8f71963feb65b830019a4 Mon Sep 17 00:00:00 2001
From: Nicolas Peugnet <n.peugnet@free.fr>
Date: Sun, 24 May 2020 05:21:44 +0200
Subject: [PATCH] Create a new session if permission denied on current one
 (#331)

In a multi-user configuration, the current session file can be unreadable
by the current user. This tries to create a new session in this case.
---
 tinyfilemanager.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/tinyfilemanager.php b/tinyfilemanager.php
index 08b7540..3229e87 100644
--- a/tinyfilemanager.php
+++ b/tinyfilemanager.php
@@ -203,7 +203,17 @@ if (defined('FM_EMBED')) {
 
     session_cache_limiter('');
     session_name(FM_SESSION_ID );
-    @session_start();
+    function session_error_handling_function($code, $msg, $file, $line) {
+        // Permission denied for default session, try to create a new one
+        if ($code == 2) {
+            session_abort();
+            session_id(session_create_id());
+            @session_start();
+        }
+    }
+    set_error_handler('session_error_handling_function');
+    session_start();
+    restore_error_handler();
 }
 
 if (empty($auth_users)) {