fix - session now uses request
This commit is contained in:
Sam Minnee
Damian Mooyman
parent
69fe166897
commit
67887febc5
|
|
@ -145,13 +145,9 @@ class Session
|
|||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function userAgent()
|
||||
protected function userAgent($request)
|
||||
{
|
||||
if (isset($_SERVER['HTTP_USER_AGENT'])) {
|
||||
return $_SERVER['HTTP_USER_AGENT'];
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
return $request->getHeader('User-Agent');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -180,7 +176,7 @@ class Session
|
|||
|
||||
// Funny business detected!
|
||||
if (isset($this->data['HTTP_USER_AGENT'])) {
|
||||
if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent()) {
|
||||
if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent($request)) {
|
||||
$this->clearAll();
|
||||
$this->destroy();
|
||||
$this->start($request);
|
||||
|
|
@ -468,9 +464,9 @@ class Session
|
|||
/**
|
||||
* Set user agent key
|
||||
*/
|
||||
public function finalize()
|
||||
public function finalize(HTTPRequest $request)
|
||||
{
|
||||
$this->set('HTTP_USER_AGENT', $this->userAgent());
|
||||
$this->set('HTTP_USER_AGENT', $this->userAgent($request));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -480,7 +476,7 @@ class Session
|
|||
public function save(HTTPRequest $request)
|
||||
{
|
||||
if ($this->changedData) {
|
||||
$this->finalize();
|
||||
$this->finalize($request);
|
||||
|
||||
if (!$this->isStarted()) {
|
||||
$this->start($request);
|
||||
|
|
|
|||
|
|
@ -911,7 +911,7 @@ class SapphireTest extends PHPUnit_Framework_TestCase implements TestOnly
|
|||
// Custom application
|
||||
$app->execute($request, function (HTTPRequest $request) {
|
||||
// Start session and execute
|
||||
$request->getSession()->init();
|
||||
$request->getSession()->init($request);
|
||||
|
||||
// Invalidate classname spec since the test manifest will now pull out new subclasses for each internal class
|
||||
// (e.g. Member will now have various subclasses of DataObjects that implement TestOnly)
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ namespace SilverStripe\Control\Tests;
|
|||
|
||||
use SilverStripe\Control\Session;
|
||||
use SilverStripe\Dev\SapphireTest;
|
||||
use SilverStripe\Control\HTTPRequest;
|
||||
|
||||
/**
|
||||
* Tests to cover the {@link Session} class
|
||||
|
|
@ -107,20 +108,22 @@ class SessionTest extends SapphireTest
|
|||
public function testUserAgentLockout()
|
||||
{
|
||||
// Set a user agent
|
||||
$_SERVER['HTTP_USER_AGENT'] = 'Test Agent';
|
||||
$req1 = new HTTPRequest('GET', '/');
|
||||
$req1->setHeader('User-Agent', 'Test Agent');
|
||||
|
||||
// Generate our session
|
||||
$s = new Session(array());
|
||||
$s->init();
|
||||
$s->init($req1);
|
||||
$s->set('val', 123);
|
||||
$s->finalize();
|
||||
$s->finalize($req1);
|
||||
|
||||
// Change our UA
|
||||
$_SERVER['HTTP_USER_AGENT'] = 'Fake Agent';
|
||||
$req2 = new HTTPRequest('GET', '/');
|
||||
$req2->setHeader('User-Agent', 'Test Agent');
|
||||
|
||||
// Verify the new session reset our values
|
||||
$s2 = new Session($s);
|
||||
$s2->init();
|
||||
$s2->init($req2);
|
||||
$this->assertNotEquals($s2->get('val'), 123);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue