fix: handle None session.data in maintenance mode (fixes #33258)

- Add null check for session.data in safe_exec.py
- Add null check for session.data in base_template_page.py
- Prevents AttributeError when session.data is None during maintenance mode

frappe/utils/safe_exec.py

@@ -232,13 +232,13 @@ def get_safe_globals():
 			get_fullname=frappe.utils.get_fullname,
 			get_gravatar=frappe.utils.get_gravatar_url,
 			full_name=frappe.local.session.data.full_name
-			if getattr(frappe.local, "session", None)
+			if getattr(frappe.local, "session", None) and getattr(frappe.local.session, "data", None)
 			else "Guest",
 			request=getattr(frappe.local, "request", {}),
 			session=frappe._dict(
 				user=user,
 				csrf_token=frappe.local.session.data.csrf_token
-				if getattr(frappe.local, "session", None)
+				if getattr(frappe.local, "session", None) and getattr(frappe.local.session, "data", None)
 				else "",
 			),
 			make_get_request=frappe.integrations.utils.make_get_request,

frappe/website/page_renderers/base_template_page.py

@@ -16,7 +16,7 @@ class BaseTemplatePage(BaseRenderer):
 		self.context.update(frappe.local.conf.get("website_context") or {})
 
 	def add_csrf_token(self, html):
-		if frappe.local.session:
+		if frappe.local.session and getattr(frappe.local.session, "data", None):
 			csrf_token = frappe.local.session.data.csrf_token
 			return html.replace(
 				"<!-- csrf_token -->", f'<script>frappe.csrf_token = "{csrf_token}";</script>'