From d279eedc4ca9bbd9bd7d01834d0d7e59536cef5e Mon Sep 17 00:00:00 2001
From: Jon Stovell <jonstovell@gmail.com>
Date: Mon, 30 Dec 2024 22:12:32 -0700
Subject: [PATCH] Does a better job dealing with deprecation of SID constant

This reverts commit 031326b902f39bb2dd4f27b2747d24180f4c4e1e.

Signed-off-by: Jon Stovell <jonstovell@gmail.com>
---
 Sources/QueryString.php | 17 ++++++++++-------
 Sources/Utils.php       | 13 ++++++++-----
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/Sources/QueryString.php b/Sources/QueryString.php
index 7a113c46fe..7ab89d4bc6 100644
--- a/Sources/QueryString.php
+++ b/Sources/QueryString.php
@@ -414,14 +414,17 @@ public static function isFilteredRequest(array $value_list, string $var): bool
 	 */
 	public static function ob_sessrewrite(string $buffer): string
 	{
-		// If Config::$scripturl is set to nothing, or the session ID is not defined (SSI?) just quit.
-		if (Config::$scripturl == '' || session_id() === false) {
+		// PHP 8.4 deprecated SID. A better long-term solution is needed, but this works for now.
+		$sid = defined('SID') ? @constant('SID') : null;
+
+		// If Config::$scripturl is set to nothing, or the SID is not defined (SSI?) just quit.
+		if (Config::$scripturl == '' || !isset($sid)) {
 			return $buffer;
 		}
 
 		// Do nothing if the session is cookied, or they are a crawler - guests are caught by redirectexit().
-		if (empty($_COOKIE) && session_id() != '' && !BrowserDetector::isBrowser('possibly_robot')) {
-			$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote(Config::$scripturl, '/') . '(?!\?' . preg_quote(session_id(), '/') . ')\??/', '"' . Config::$scripturl . '?' . session_id() . '&amp;', $buffer);
+		if (empty($_COOKIE) && $sid != '' && !BrowserDetector::isBrowser('possibly_robot')) {
+			$buffer = preg_replace('/(?<!<link rel="canonical" href=)"' . preg_quote(Config::$scripturl, '/') . '(?!\?' . preg_quote($sid, '/') . ')\??/', '"' . Config::$scripturl . '?' . $sid . '&amp;', $buffer);
 		}
 		// Debugging templates, are we?
 		elseif (isset($_GET['debug'])) {
@@ -441,11 +444,11 @@ public static function ob_sessrewrite(string $buffer): string
 			)
 		) {
 			// Let's do something special for session ids!
-			if (session_id() != '') {
+			if ($sid != '') {
 				$buffer = preg_replace_callback(
-					'~"' . preg_quote(Config::$scripturl, '~') . '\?(?:' . session_id() . '(?:;|&|&amp;))((?:board|topic)=[^#"]+?)(#[^"]*?)?"~',
+					'~"' . preg_quote(Config::$scripturl, '~') . '\?(?:' . $sid . '(?:;|&|&amp;))((?:board|topic)=[^#"]+?)(#[^"]*?)?"~',
 					function ($m) {
-						return '"' . Config::$scripturl . '/' . strtr("{$m[1]}", '&;=', '//,') . '.html?' . session_id() . ($m[2] ?? '') . '"';
+						return '"' . Config::$scripturl . '/' . strtr("{$m[1]}", '&;=', '//,') . '.html?' . $sid . ($m[2] ?? '') . '"';
 					},
 					$buffer,
 				);
diff --git a/Sources/Utils.php b/Sources/Utils.php
index 5a3d84ca38..0879160f52 100644
--- a/Sources/Utils.php
+++ b/Sources/Utils.php
@@ -2236,9 +2236,12 @@ public static function redirectexit(string $setLocation = '', bool $refresh = fa
 			$setLocation = Config::$scripturl . ($setLocation != '' ? '?' . $setLocation : '');
 		}
 
+		// PHP 8.4 deprecated SID. A better long-term solution is needed, but this works for now.
+		$sid = defined('SID') ? @constant('SID') : null;
+
 		// Put the session ID in.
-		if (session_id() != '') {
-			$setLocation = preg_replace('/^' . preg_quote(Config::$scripturl, '/') . '(?!\?' . preg_quote(session_id(), '/') . ')\??/', Config::$scripturl . '?' . session_id() . ';', $setLocation);
+		if (isset($sid) && $sid != '') {
+			$setLocation = preg_replace('/^' . preg_quote(Config::$scripturl, '/') . '(?!\?' . preg_quote($sid, '/') . ')\??/', Config::$scripturl . '?' . $sid . ';', $setLocation);
 		}
 		// Keep that debug in their for template debugging!
 		elseif (isset($_GET['debug'])) {
@@ -2256,11 +2259,11 @@ public static function redirectexit(string $setLocation = '', bool $refresh = fa
 				Sapi::isSoftware([Sapi::SERVER_APACHE, Sapi::SERVER_LIGHTTPD, Sapi::SERVER_LITESPEED])
 			)
 		) {
-			if (session_id() != '') {
+			if (isset($sid) && $sid != '') {
 				$setLocation = preg_replace_callback(
-					'~^' . preg_quote(Config::$scripturl, '~') . '\?(?:' . session_id() . '(?:;|&|&amp;))((?:board|topic)=[^#]+?)(#[^"]*?)?$~',
+					'~^' . preg_quote(Config::$scripturl, '~') . '\?(?:' . $sid . '(?:;|&|&amp;))((?:board|topic)=[^#]+?)(#[^"]*?)?$~',
 					function ($m) {
-						return Config::$scripturl . '/' . strtr("{$m[1]}", '&;=', '//,') . '.html?' . session_id() . (isset($m[2]) ? "{$m[2]}" : '');
+						return Config::$scripturl . '/' . strtr("{$m[1]}", '&;=', '//,') . '.html?' . $sid . (isset($m[2]) ? "{$m[2]}" : '');
 					},
 					$setLocation,
 				);