fix - session now uses request

This commit is contained in:
Sam Minnee 2017-06-26 11:24:50 +12:00 committed by Damian Mooyman
parent 69fe166897
commit 67887febc5
3 changed files with 15 additions and 16 deletions

View File

@ -145,13 +145,9 @@ class Session
* *
* @return string * @return string
*/ */
protected function userAgent() protected function userAgent($request)
{ {
if (isset($_SERVER['HTTP_USER_AGENT'])) { return $request->getHeader('User-Agent');
return $_SERVER['HTTP_USER_AGENT'];
} else {
return '';
}
} }
/** /**
@ -180,7 +176,7 @@ class Session
// Funny business detected! // Funny business detected!
if (isset($this->data['HTTP_USER_AGENT'])) { if (isset($this->data['HTTP_USER_AGENT'])) {
if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent()) { if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent($request)) {
$this->clearAll(); $this->clearAll();
$this->destroy(); $this->destroy();
$this->start($request); $this->start($request);
@ -468,9 +464,9 @@ class Session
/** /**
* Set user agent key * Set user agent key
*/ */
public function finalize() public function finalize(HTTPRequest $request)
{ {
$this->set('HTTP_USER_AGENT', $this->userAgent()); $this->set('HTTP_USER_AGENT', $this->userAgent($request));
} }
/** /**
@ -480,7 +476,7 @@ class Session
public function save(HTTPRequest $request) public function save(HTTPRequest $request)
{ {
if ($this->changedData) { if ($this->changedData) {
$this->finalize(); $this->finalize($request);
if (!$this->isStarted()) { if (!$this->isStarted()) {
$this->start($request); $this->start($request);

View File

@ -911,7 +911,7 @@ class SapphireTest extends PHPUnit_Framework_TestCase implements TestOnly
// Custom application // Custom application
$app->execute($request, function (HTTPRequest $request) { $app->execute($request, function (HTTPRequest $request) {
// Start session and execute // Start session and execute
$request->getSession()->init(); $request->getSession()->init($request);
// Invalidate classname spec since the test manifest will now pull out new subclasses for each internal class // Invalidate classname spec since the test manifest will now pull out new subclasses for each internal class
// (e.g. Member will now have various subclasses of DataObjects that implement TestOnly) // (e.g. Member will now have various subclasses of DataObjects that implement TestOnly)

View File

@ -4,6 +4,7 @@ namespace SilverStripe\Control\Tests;
use SilverStripe\Control\Session; use SilverStripe\Control\Session;
use SilverStripe\Dev\SapphireTest; use SilverStripe\Dev\SapphireTest;
use SilverStripe\Control\HTTPRequest;
/** /**
* Tests to cover the {@link Session} class * Tests to cover the {@link Session} class
@ -107,20 +108,22 @@ class SessionTest extends SapphireTest
public function testUserAgentLockout() public function testUserAgentLockout()
{ {
// Set a user agent // Set a user agent
$_SERVER['HTTP_USER_AGENT'] = 'Test Agent'; $req1 = new HTTPRequest('GET', '/');
$req1->setHeader('User-Agent', 'Test Agent');
// Generate our session // Generate our session
$s = new Session(array()); $s = new Session(array());
$s->init(); $s->init($req1);
$s->set('val', 123); $s->set('val', 123);
$s->finalize(); $s->finalize($req1);
// Change our UA // Change our UA
$_SERVER['HTTP_USER_AGENT'] = 'Fake Agent'; $req2 = new HTTPRequest('GET', '/');
$req2->setHeader('User-Agent', 'Test Agent');
// Verify the new session reset our values // Verify the new session reset our values
$s2 = new Session($s); $s2 = new Session($s);
$s2->init(); $s2->init($req2);
$this->assertNotEquals($s2->get('val'), 123); $this->assertNotEquals($s2->get('val'), 123);
} }
} }