Commit a7175bae by Qiang Xue

Refactored Session as suggested in #1172

parent 202664f3
......@@ -80,13 +80,11 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
* @var string the name of the session variable that stores the flash message data.
*/
public $flashVar = '__flash';
/**
* @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function
* @see http://www.php.net/manual/en/function.session-set-cookie-params.php
* @see setCookieParams()
*/
public $cookieParams = ['httpOnly' => true];
private $_cookieParams = ['httpOnly' => true];
/**
* Initializes the application component.
......@@ -137,7 +135,7 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
);
}
$this->setCookieParams($this->cookieParams);
$this->setCookieParamsInternal();
@session_start();
......@@ -265,26 +263,36 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
$params['httpOnly'] = $params['httponly'];
unset($params['httponly']);
}
return $params;
return array_merge($params, $this->_cookieParams);
}
/**
* Sets the session cookie parameters.
* The effect of this method only lasts for the duration of the script.
* Call this method before the session starts.
* The cookie parameters passed to this method will be merged with the result
* of `session_get_cookie_params()`.
* @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httpOnly`.
* @throws InvalidParamException if the parameters are incomplete.
* @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
*/
public function setCookieParams($value)
public function setCookieParams(array $value)
{
$this->_cookieParams = $value;
}
/**
* Sets the session cookie parameters.
* This method is called by [[open()]] when it is about to open the session.
* @throws InvalidParamException if the parameters are incomplete.
* @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
*/
private function setCookieParamsInternal()
{
$data = $this->getCookieParams();
extract($data);
extract($value);
if (isset($lifetime, $path, $domain, $secure, $httpOnly)) {
session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly);
} else {
throw new InvalidParamException('Please make sure these parameters are provided: lifetime, path, domain, secure and httpOnly.');
throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httpOnly.');
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment