SAAS-1085: Optimization - Don't start sessions unless we actually need them.

airtime_mvc/application/common/SecurityHelper.php

@@ -13,16 +13,11 @@ class SecurityHelper {
         return $arr;
     }
 
-    public static function verifyAjaxCSRFToken($observedToken) {
+    public static function verifyCSRFToken($observedToken) {
         $current_namespace = new Zend_Session_Namespace('csrf_namespace');
         $observed_csrf_token = $observedToken;
         $expected_csrf_token = $current_namespace->authtoken;
 
-        if ($observed_csrf_token == $expected_csrf_token){
-            return true;
-        }else{
-            return false;
-        }
-
+        return ($observed_csrf_token == $expected_csrf_token);
     }
 }

airtime_mvc/application/common/TaskManager.php

@@ -114,6 +114,9 @@ final class TaskManager {
      *              otherwise false
      */
     private function _isUserSessionRequest() {
+        if (!Zend_Session::isStarted()) {
+            return false;
+        }
         $auth = Zend_Auth::getInstance();
         $data = $auth->getStorage()->read();
         return !empty($data);