From 136ce6a70cb6f3e20b24489842f6c09ef64ac8b5 Mon Sep 17 00:00:00 2001
From: Manuel Cillero <manuel@cillero.es>
Date: Wed, 26 Jul 2017 12:28:31 +0200
Subject: [PATCH] Patch for compatibility with Bakery module if it exists

---
 .../securepages_prevent_hijack.module             | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/modules/securepages_prevent_hijack/securepages_prevent_hijack.module b/modules/securepages_prevent_hijack/securepages_prevent_hijack.module
index 38dd391..17bb39d 100644
--- a/modules/securepages_prevent_hijack/securepages_prevent_hijack.module
+++ b/modules/securepages_prevent_hijack/securepages_prevent_hijack.module
@@ -22,14 +22,19 @@ function securepages_prevent_hijack_init() {
   if ($user->uid > 0 && $page_match && securepages_is_secure() && variable_get('securepages_enable', FALSE)) {
     if (! isset($_COOKIE[SECUREPAGES_SESSID]) ||
     ! drupal_valid_token($_COOKIE[SECUREPAGES_SESSID], 'securepages_prevent_hijack')) {
-      watchdog('security',
-      t('Session hijack attempt detected for user %user!',
-      array('%user' => $user->name)));
-
+      $username = $user->name;
       session_destroy();
       $user = drupal_anonymous_user();
       sess_regenerate();
-      drupal_access_denied();
+      if (! isset($_COOKIE[CHOCOLATECHIP])) {
+        watchdog('security',
+        t('Session hijack attempt detected for user %user!',
+        array('%user' => $user->name)));
+        drupal_access_denied();
+      } else {
+#       drupal_goto('user', 'destination=' . $_GET['q']);
+        drupal_goto($_GET['q']);
+      }
       exit();
     }
   }