From 6d49131d3b9c15ca7951c93a58959f6a522c4c66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Olivier=20Garb=C3=A9?= <ogarbe@voyageprive.com>
Date: Thu, 13 Aug 2015 23:27:33 +0200
Subject: [PATCH] #10789 - Check if session is started in Cookie handling

---
 phalcon/http/cookie.zep | 42 +++++++++++++++++++++++------------------
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/phalcon/http/cookie.zep b/phalcon/http/cookie.zep
index 62d439cd59f..b9ce6fff8a7 100644
--- a/phalcon/http/cookie.zep
+++ b/phalcon/http/cookie.zep
@@ -247,7 +247,9 @@ class Cookie implements InjectionAwareInterface
 		 */
 		if count(definition) {
 			let session = <SessionInterface> dependencyInjector->getShared("session");
-			session->set("_PHCOOKIE_" . name, definition);
+			if session->isStarted() {
+				session->set("_PHCOOKIE_" . name, definition);
+			}
 		}
 
 		if this->_useEncryption {
@@ -297,27 +299,29 @@ class Cookie implements InjectionAwareInterface
 
 				let session = dependencyInjector->getShared("session");
 
-				let definition = session->get("_PHCOOKIE_" . this->_name);
-				if typeof definition == "array" {
+				if session->isStarted() {
+					let definition = session->get("_PHCOOKIE_" . this->_name);
+					if typeof definition == "array" {
 
-					if fetch expire, definition["expire"] {
-						let this->_expire = expire;
-					}
+						if fetch expire, definition["expire"] {
+							let this->_expire = expire;
+						}
 
-					if fetch domain, definition["domain"] {
-						let this->_domain = domain;
-					}
+						if fetch domain, definition["domain"] {
+							let this->_domain = domain;
+						}
 
-					if fetch path, definition["path"] {
-						let this->_path = path;
-					}
+						if fetch path, definition["path"] {
+							let this->_path = path;
+						}
 
-					if fetch secure, definition["secure"] {
-						let this->_secure = secure;
-					}
+						if fetch secure, definition["secure"] {
+							let this->_secure = secure;
+						}
 
-					if fetch httpOnly, definition["httpOnly"] {
-						let this->_httpOnly = httpOnly;
+						if fetch httpOnly, definition["httpOnly"] {
+							let this->_httpOnly = httpOnly;
+						}
 					}
 				}
 			}
@@ -344,7 +348,9 @@ class Cookie implements InjectionAwareInterface
 		let dependencyInjector = <DiInterface> this->_dependencyInjector;
 		if typeof dependencyInjector != "object" {
 			let session = <SessionInterface> dependencyInjector->getShared("session");
-			session->remove("_PHCOOKIE_" . name);
+			if session->isStarted() {
+				session->remove("_PHCOOKIE_" . name);
+			}
 		}
 
 		let this->_value = null;