- my $session = get_session('') or die "can't create session";
- my $sessionID = $session->id;
- C4::Context->_new_userenv($sessionID);
- $cookie = $query->cookie(CGISESSID => $sessionID);
+ if ( $sessionID = $query->cookie("CGISESSID") ) {
+ warn "AAA updateing existing session $sessionID";
+ $session = get_session($sessionID);
+ C4::Context->_new_userenv($sessionID);
+ }
+ if ( ! $session ) {
+ $session = get_session('') or die "can't create session";
+ $sessionID = $session->id;
+ C4::Context->_new_userenv($sessionID);
+ warn "AAA created new session $sessionID";
+ }
+
+ $cookie = $query->cookie(
+ -name => 'CGISESSID',
+ -value => $session->id,
+ -HttpOnly => 1
+ );
+
+ if ( $flags = haspermission( $userid, $flagsrequired ) ) {
+ $loggedin = 1;
+ } else {
+ warn "ERROR: haspermission $userid ",dump($flagsrequired);
+ }