check session name COOKIE before ensuring session

darcs-hash:20080624034906-34904-a21bab1db498d69c616606126f6b788a2188b1e2.gz

diff --git a/lib/util.php b/lib/util.php
index b506a80581d2308bcfdfc849555350b8e6d787f5..0502ce7976fb428971bfe0cf3e7fbdf80cd9ba84 100644 (file)
--- a/lib/util.php
+++ b/lib/util.php
@@ -506,15 +506,15 @@ function common_forgetme() {
 
 # who is the current user?
 function common_current_user() {
-
-       common_ensure_session();
-       $id = $_SESSION['userid'];
-       if ($id) {
-               # note: this should cache
-               $user = User::staticGet($id);
-               return $user;
+       if ($_REQUEST[session_name()]) {
+               common_ensure_session();
+               $id = $_SESSION['userid'];
+               if ($id) {
+                       # note: this should cache
+                       $user = User::staticGet($id);
+                       return $user;
+               }
        }
-
        # that didn't work; try to remember
        $user = common_remembered_user();
        return $user;