fix session write handler always assuming that database entry exists and failing silently if it doesn't; remove session cookie-related hacks

classes/handler/public.php

@@ -465,14 +465,6 @@ class Handler_Public extends Handler {
 
 	function login() {
 		if (!SINGLE_USER_MODE) {
-			/* if a session is started here there's a stale login cookie we need to clean */
-
-			if (session_status() != PHP_SESSION_NONE) {
-				$_SESSION["login_error_msg"] = __("Stale session cookie found, try logging in again");
-
-				header("Location: " . get_self_url_prefix());
-				exit;
-			}
 
 			$login = clean($_POST["login"]);
 			$password = clean($_POST["password"]);

include/functions.php

@@ -714,8 +714,8 @@
 
 			if ($user_id && !$check_only) {
 
-				session_regenerate_id(true);
 				session_start();
+				session_regenerate_id(true);
 
 				$_SESSION["uid"] = $user_id;
 				$_SESSION["version"] = VERSION_STATIC;

include/sessions.php

@@ -116,8 +116,17 @@
 		$data = base64_encode($data);
 		$expire = time() + $session_expire;
 
+		$sth = Db::pdo()->prepare("SELECT id FROM ttrss_sessions WHERE id=?");
+		$sth->execute([$id]);
+
+		if ($row = $sth->fetch()) {
 			$sth = Db::pdo()->prepare("UPDATE ttrss_sessions SET data=?, expire=? WHERE id=?");
 			$sth->execute([$data, $expire, $id]);
+		} else {
+			$sth = Db::pdo()->prepare("INSERT INTO ttrss_sessions (id, data, expire)
+				VALUES (?, ?, ?)");
+			$sth->execute([$id, $data, $expire]);
+		}
 
 		return true;
 	}