From 48f7d20e83390368b646ee6cc977cef35561fa45 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 2 Dec 2022 16:34:56 +0100
Subject: [PATCH] Fix warning

---
 htdocs/comm/action/card.php       |  3 ++-
 htdocs/core/lib/security2.lib.php | 32 ++++++++++++++++---------------
 2 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php
index 7581ccd2c00..11b8330b64c 100644
--- a/htdocs/comm/action/card.php
+++ b/htdocs/comm/action/card.php
@@ -2345,7 +2345,8 @@ if ($id > 0) {
 
 		if (isModEnabled("societe")) {
 			// Related company
-			print '<tr><td class="titlefield">'.$langs->trans("ActionOnCompany").'</td><td>'.($object->thirdparty->id ? $object->thirdparty->getNomUrl(1) : ('<span class="opacitymedium">'.$langs->trans("None").'</span>'));
+			print '<tr><td class="titlefield">'.$langs->trans("ActionOnCompany").'</td>';
+			print '<td>'.(is_object($object->thirdparty) && $object->thirdparty->id ? $object->thirdparty->getNomUrl(1) : ('<span class="opacitymedium">'.$langs->trans("None").'</span>'));
 			if (is_object($object->thirdparty) && $object->thirdparty->id > 0 && $object->type_code == 'AC_TEL') {
 				if ($object->thirdparty->fetch($object->thirdparty->id)) {
 					print "<br>".dol_print_phone($object->thirdparty->phone);
diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index 8f19a273586..b33ad1333ef 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -193,22 +193,24 @@ if (!function_exists('dol_loginfunction')) {
 		$sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
 
 		if (!empty($conf->global->MAIN_SESSION_TIMEOUT)) {
-			if (PHP_VERSION_ID < 70300) {
-				session_set_cookie_params(0, '/', null, ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
-			} else {
-				// Only available for php >= 7.3
-				$sessioncookieparams = array(
-					'lifetime' => 0,
-					'path' => '/',
-					//'domain' => '.mywebsite.com', // the dot at the beginning allows compatibility with subdomains
-					'secure' => ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true),
-					'httponly' => true,
-					'samesite' => 'Lax'	// None || Lax  || Strict
-				);
-				session_set_cookie_params($sessioncookieparams);
-			}
+			if (session_status() != PHP_SESSION_ACTIVE) {
+				if (PHP_VERSION_ID < 70300) {
+					session_set_cookie_params(0, '/', null, ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
+				} else {
+					// Only available for php >= 7.3
+					$sessioncookieparams = array(
+						'lifetime' => 0,
+						'path' => '/',
+						//'domain' => '.mywebsite.com', // the dot at the beginning allows compatibility with subdomains
+						'secure' => ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true),
+						'httponly' => true,
+						'samesite' => 'Lax'	// None || Lax  || Strict
+					);
+					session_set_cookie_params($sessioncookieparams);
+				}
 
-			setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", null, (empty($dolibarr_main_force_https) ? false : true), true);
+				setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", null, (empty($dolibarr_main_force_https) ? false : true), true);
+			}
 		}
 
 		if (GETPOST('urlfrom', 'alpha')) {