Anonymous committed 5e6767b

web: avoid using a cursor after the connection from which it depends has been rollbacked (as this doesn't work with PySqlite due to some explicit close on rollback we do).

Closes #9104.

  • Participants
  • Parent commits ddaf0ce
  • Branches 0.11-stable

Comments (0)

Files changed (1)


         authenticated = int(self.authenticated)
         now = int(time.time())
         db = self.env.get_db_cnx()
-        cursor = db.cursor()
         if self._new:
             self.last_visit = now
             # The session might already exist even if _new is True since
             # it could have been created by a concurrent request (#3563).
+                cursor = db.cursor()
                 cursor.execute("INSERT INTO session (sid,last_visit,authenticated)"
                                " VALUES(%s,%s,%s)",
                                (self.sid, self.last_visit, authenticated))
                                      (self.sid, e))
         if self._old != self:
             attrs = [(self.sid, authenticated, k, v) for k, v in self.items()]
+            cursor = db.cursor()
             cursor.execute("DELETE FROM session_attribute WHERE sid=%s",
             self._old = dict(self.items())
         if now - self.last_visit > UPDATE_INTERVAL:
             self.last_visit = now
   "Refreshing session %s" % self.sid)
+            cursor = db.cursor()
             cursor.execute('UPDATE session SET last_visit=%s '
                            'WHERE sid=%s AND authenticated=%s',
                            (self.last_visit, self.sid, authenticated))