Commit a7175bae by Qiang Xue

Refactored Session as suggested in #1172

parent 202664f3
...@@ -80,13 +80,11 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -80,13 +80,11 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
* @var string the name of the session variable that stores the flash message data. * @var string the name of the session variable that stores the flash message data.
*/ */
public $flashVar = '__flash'; public $flashVar = '__flash';
/** /**
* @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function * @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function
* @see http://www.php.net/manual/en/function.session-set-cookie-params.php * @see http://www.php.net/manual/en/function.session-set-cookie-params.php
* @see setCookieParams()
*/ */
public $cookieParams = ['httpOnly' => true]; private $_cookieParams = ['httpOnly' => true];
/** /**
* Initializes the application component. * Initializes the application component.
...@@ -137,7 +135,7 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -137,7 +135,7 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
); );
} }
$this->setCookieParams($this->cookieParams); $this->setCookieParamsInternal();
@session_start(); @session_start();
...@@ -265,26 +263,36 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -265,26 +263,36 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
$params['httpOnly'] = $params['httponly']; $params['httpOnly'] = $params['httponly'];
unset($params['httponly']); unset($params['httponly']);
} }
return $params; return array_merge($params, $this->_cookieParams);
} }
/** /**
* Sets the session cookie parameters. * Sets the session cookie parameters.
* The effect of this method only lasts for the duration of the script. * The cookie parameters passed to this method will be merged with the result
* Call this method before the session starts. * of `session_get_cookie_params()`.
* @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httpOnly`. * @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httpOnly`.
* @throws InvalidParamException if the parameters are incomplete. * @throws InvalidParamException if the parameters are incomplete.
* @see http://us2.php.net/manual/en/function.session-set-cookie-params.php * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
*/ */
public function setCookieParams($value) public function setCookieParams(array $value)
{
$this->_cookieParams = $value;
}
/**
* Sets the session cookie parameters.
* This method is called by [[open()]] when it is about to open the session.
* @throws InvalidParamException if the parameters are incomplete.
* @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
*/
private function setCookieParamsInternal()
{ {
$data = $this->getCookieParams(); $data = $this->getCookieParams();
extract($data); extract($data);
extract($value);
if (isset($lifetime, $path, $domain, $secure, $httpOnly)) { if (isset($lifetime, $path, $domain, $secure, $httpOnly)) {
session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly); session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly);
} else { } else {
throw new InvalidParamException('Please make sure these parameters are provided: lifetime, path, domain, secure and httpOnly.'); throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httpOnly.');
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment