From 5c6084919412539ee73bb2000b7155309b96e51d Mon Sep 17 00:00:00 2001
From: webchick <drupal@webchick.net>
Date: Thu, 9 Oct 2014 11:28:52 -0700
Subject: [PATCH] Issue #2313883 by alexpott: Fixed Minor code flow
 improvements to SessionHandler::write().

---
 core/lib/Drupal/Core/Session/SessionHandler.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/lib/Drupal/Core/Session/SessionHandler.php b/core/lib/Drupal/Core/Session/SessionHandler.php
index c8d69fbb00..4be86ff9a9 100644
--- a/core/lib/Drupal/Core/Session/SessionHandler.php
+++ b/core/lib/Drupal/Core/Session/SessionHandler.php
@@ -170,14 +170,14 @@ public function write($sid, $value) {
       $key = array('sid' => Crypt::hashBase64($sid), 'ssid' => '');
       // On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
       if ($this->requestStack->getCurrentRequest()->isSecure()) {
-        $key['ssid'] = Crypt::hashBase64($sid);
-        $cookies = $this->requestStack->getCurrentRequest()->cookies;
+        $key['ssid'] = $key['sid'];
         // The "secure pages" setting allows a site to simultaneously use both
         // secure and insecure session cookies. If enabled and both cookies
         // are presented then use both keys. The session ID from the cookie is
         // hashed before being stored in the database as a security measure.
         if ($this->sessionManager->isMixedMode()) {
           $insecure_session_name = $this->sessionManager->getInsecureName();
+          $cookies = $this->requestStack->getCurrentRequest()->cookies;
           if ($cookies->has($insecure_session_name)) {
             $key['sid'] = Crypt::hashBase64($cookies->get($insecure_session_name));
           }
-- 
2.26.2