tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Existing sessions need to set a new cookie on each request, if the 

session exists, otherwise our expiry is never updated and sessions
can't roll on every request.
This commit is contained in:
Simon Gow 2019-01-14 14:35:58 +13:00
parent 544f9e13c1
commit af08328e8e
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Control/Session.php
View File

@ -324,6 +324,12 @@ class Session
}
session_start();
// Session start emits a cookie, but only if there's no existing session. If there is a session tied to
// this request, make sure the session is held for the entire timeout by refreshing the cookie age.
if ($this->requestContainsSessionId($request)) {
Cookie::set(session_name(), session_id(), $timeout / 86400, $path, $domain ?: null, $secure, true);
}
} else {
// If headers are sent then we can't have a session_cache_limiter otherwise we'll get a warning
session_cache_limiter(null);