mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
API: Remove $sid argument of Session::start()
NEW: Pass HTTPRequest to session NEW: Pass HTTPReuqest optionally to Director statics The session handler now expects to operate on a specific HTTPRequest object.
This commit is contained in:
parent
ccc86306b6
commit
e92c63c545
@ -509,7 +509,7 @@ class Director implements TemplateGlobalProvider
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public static function host()
|
||||
public static function host(HTTPRequest $request = null)
|
||||
{
|
||||
// Check if overridden by alternate_base_url
|
||||
if ($baseURL = self::config()->get('alternate_base_url')) {
|
||||
@ -520,7 +520,9 @@ class Director implements TemplateGlobalProvider
|
||||
}
|
||||
}
|
||||
|
||||
$request = Injector::inst()->get(HTTPRequest::class);
|
||||
if (!$request) {
|
||||
$request = Injector::inst()->get(HTTPRequest::class, true, ['GET', '/']);
|
||||
}
|
||||
if ($request && $host = $request->getHeader('Host')) {
|
||||
return $host;
|
||||
}
|
||||
@ -549,9 +551,9 @@ class Director implements TemplateGlobalProvider
|
||||
*
|
||||
* @return bool|string
|
||||
*/
|
||||
public static function protocolAndHost()
|
||||
public static function protocolAndHost(HTTPRequest $request = null)
|
||||
{
|
||||
return static::protocol() . static::host();
|
||||
return static::protocol($request) . static::host($request);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -559,9 +561,9 @@ class Director implements TemplateGlobalProvider
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public static function protocol()
|
||||
public static function protocol(HTTPRequest $request = null)
|
||||
{
|
||||
return (self::is_https()) ? 'https://' : 'http://';
|
||||
return (self::is_https($request)) ? 'https://' : 'http://';
|
||||
}
|
||||
|
||||
/**
|
||||
@ -569,7 +571,7 @@ class Director implements TemplateGlobalProvider
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public static function is_https()
|
||||
public static function is_https(HTTPRequest $request = null)
|
||||
{
|
||||
// Check override from alternate_base_url
|
||||
if ($baseURL = self::config()->uninherited('alternate_base_url')) {
|
||||
@ -581,7 +583,9 @@ class Director implements TemplateGlobalProvider
|
||||
}
|
||||
|
||||
// Check the current request
|
||||
$request = Injector::inst()->get(HTTPRequest::class);
|
||||
if (!$request) {
|
||||
$request = Injector::inst()->get(HTTPRequest::class, true, ['GET', '/']);
|
||||
}
|
||||
if ($request && $host = $request->getHeader('Host')) {
|
||||
return $request->getScheme() === 'https';
|
||||
}
|
||||
|
@ -172,10 +172,10 @@ class Session
|
||||
/**
|
||||
* Init this session instance before usage
|
||||
*/
|
||||
public function init()
|
||||
public function init(HTTPRequest $request)
|
||||
{
|
||||
if (!$this->isStarted()) {
|
||||
$this->start();
|
||||
$this->start($request);
|
||||
}
|
||||
|
||||
// Funny business detected!
|
||||
@ -183,7 +183,7 @@ class Session
|
||||
if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent()) {
|
||||
$this->clearAll();
|
||||
$this->destroy();
|
||||
$this->start();
|
||||
$this->start($request);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -191,10 +191,10 @@ class Session
|
||||
/**
|
||||
* Destroy existing session and restart
|
||||
*/
|
||||
public function restart()
|
||||
public function restart(HTTPRequest $request)
|
||||
{
|
||||
$this->destroy();
|
||||
$this->init();
|
||||
$this->init($request);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -210,9 +210,9 @@ class Session
|
||||
/**
|
||||
* Begin session
|
||||
*
|
||||
* @param string $sid
|
||||
* @param $request The request for which to start a session
|
||||
*/
|
||||
public function start($sid = null)
|
||||
public function start(HTTPRequest $request)
|
||||
{
|
||||
if ($this->isStarted()) {
|
||||
throw new BadMethodCallException("Session has already started");
|
||||
@ -223,7 +223,7 @@ class Session
|
||||
$path = Director::baseURL();
|
||||
}
|
||||
$domain = $this->config()->get('cookie_domain');
|
||||
$secure = Director::is_https() && $this->config()->get('cookie_secure');
|
||||
$secure = Director::is_https($request) && $this->config()->get('cookie_secure');
|
||||
$session_path = $this->config()->get('session_store_path');
|
||||
$timeout = $this->config()->get('timeout');
|
||||
|
||||
@ -255,9 +255,6 @@ class Session
|
||||
session_name('SECSESSID');
|
||||
}
|
||||
|
||||
if ($sid) {
|
||||
session_id($sid);
|
||||
}
|
||||
session_start();
|
||||
|
||||
$this->data = isset($_SESSION) ? $_SESSION : array();
|
||||
@ -480,13 +477,13 @@ class Session
|
||||
* Save data to session
|
||||
* Only save the changes, so that anyone manipulating $_SESSION directly doesn't get burned.
|
||||
*/
|
||||
public function save()
|
||||
public function save(HTTPRequest $request)
|
||||
{
|
||||
if ($this->changedData) {
|
||||
$this->finalize();
|
||||
|
||||
if (!$this->isStarted()) {
|
||||
$this->start();
|
||||
$this->start($request);
|
||||
}
|
||||
|
||||
$this->recursivelyApply($this->changedData, $_SESSION);
|
||||
|
@ -12,7 +12,7 @@ class SessionMiddleware implements HTTPMiddleware
|
||||
{
|
||||
try {
|
||||
// Start session and execute
|
||||
$request->getSession()->init();
|
||||
$request->getSession()->init($request);
|
||||
|
||||
// Generate output
|
||||
$response = $delegate($request);
|
||||
@ -20,7 +20,7 @@ class SessionMiddleware implements HTTPMiddleware
|
||||
// Save session data, even if there was an exception.
|
||||
// Note that save() will start/resume the session if required.
|
||||
} finally {
|
||||
$request->getSession()->save();
|
||||
$request->getSession()->save($request);
|
||||
}
|
||||
|
||||
return $response;
|
||||
|
@ -84,7 +84,7 @@ class ErrorControlChainMiddleware implements HTTPMiddleware
|
||||
$this->getApplication()->getKernel()->boot(false);
|
||||
|
||||
// Ensure session is started
|
||||
$request->getSession()->init();
|
||||
$request->getSession()->init($request);
|
||||
|
||||
// Next, check if we're in dev mode, or the database doesn't have any security data, or we are admin
|
||||
if (Director::isDev() || !Security::database_is_ready() || Permission::check('ADMIN')) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user