Simon Gow
d01585cc98
#8543 Resolve Duplicate Headers
...
- fix linting
2018-12-19 12:39:32 +13:00
Simon Gow
1edfa4d956
#8543 Resolve Duplicate Headers
...
- Replace session name lookup with function to also check secure cookies
- Added timeout which defaults to 0 (same as PHP)
- Removed php7 style of session_start from PR
- moved session_start into headers sent block to prevent warnings.
2018-12-19 12:39:32 +13:00
Simon Gow
4eb6669c08
#8543 Resolve Duplicate Headers
...
Put cookie_lifetime back into the session parameters.
2018-12-19 12:39:32 +13:00
Simon Gow
2deb8f4176
Resolve Duplicate Headers
...
Ensure only a single Set-Cookie header is returned from Session once
we have data to save. Include backwards compatibility for PHP56
2018-12-19 12:39:32 +13:00
Robbie Averill
4d14e9b6b1
Merge pull request #8421 from creative-commoners/pulls/4.3/psr-5-deprecations
...
Update deprecation PHPDocs to be PSR-5 compliant
2018-09-28 14:18:54 +02:00
Robbie Averill
f842ee2eec
Update deprecation PHPDocs to be PSR-5 compliant
...
See: https://github.com/php-fig/fig-standards/blob/master/proposed/phpdoc-tags.md#55-deprecated
2018-09-28 10:49:14 +02:00
Sam Minnee
b98c87a6c5
FIX: Ensure existing session can be accessed if headers_sent()
...
If a session already exists, and Session::start() isn’t called until
after a large enough block of content is output, then headers_sent()
will be false. The previous code prevented the session from being
started in this case. That might makes sense for the creation of a new
session, but it prevent legitimate access to an existing session.
This mostly manifested when running debugging tools such as showqueries,
which may output content before the session is started.
2018-09-28 13:25:13 +12:00
Ingo Schommer
e415bcb44a
Fix tests on unset session data
...
Thanks Robbie!
2018-07-19 13:32:08 +12:00
Ingo Schommer
93b0884e19
BUG Lazy session state ( fixes #8267 )
...
Fixes regression from 3.x, where sessions where lazy started as required:
Either because an existing session identifier was sent through with the request,
or because new session data needed to be persisted as part of the request execution.
Without this lazy starting, *every* request will get a session,
which makes all those responses uncacheable by HTTP layers.
Note that 4.x also changed the $data vs. $changedData payloads:
In 3.x, they both contained key/value pairs.
In 4.x, $data contains key/value, while $changedData contains key/boolean to declare isChanged.
While this reduces duplication in the class, it also surfaced a bug which was latent in 3.x:
When an existing session is lazily resumed via start(), $data is set back to an empty array.
In 3.x, any changed data before this point was *also* retained in $changedData,
ensuring it gets merged into existing $_SESSION data.
In 4.x, this clears out data - hence the need for a more complex merge logic.
Since isset($this->data) is no longer an accurate indicator of a started session,
we introduce a separate $this->started flag.
Note that I've chosen not to make lazy an opt-in (e.g. via start($request, $lazy=false)).
We already have a distinction between lazy starting via init(), and force starting via start().
2018-07-19 13:32:04 +12:00
Damian Mooyman
b686b86c34
Session now prevents cache headers being sent unintentionally
2018-06-14 15:59:51 +12:00
Damian Mooyman
740c3326e9
BUG Fix critical issue with incorrectly saved session data
2018-02-02 15:08:52 +13:00
Damian Mooyman
d20ab50f9d
API Stronger Injector service unregistration
...
BUG Fix up test regressions
FIX director references to request object
API Move all middlewares to common namespace
API Implement RequestHandlerMiddlewareAdapter
ENHANCEMENT Improve IP address parsing
Fix up PHPDoc / psr2 linting
BUG Fix property parsing in TrustedProxyMiddleware
BUG Fix Director::is_https()
2017-06-27 13:32:39 +12:00
Sam Minnee
67887febc5
fix - session now uses request
2017-06-27 13:32:39 +12:00
Sam Minnee
e92c63c545
API: Remove $sid argument of Session::start()
...
NEW: Pass HTTPRequest to session
NEW: Pass HTTPReuqest optionally to Director statics
The session handler now expects to operate on a specific
HTTPRequest object.
2017-06-27 13:32:39 +12:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e56532
Author: Ingo Schommer <me@chillu.com>
Date: Thu Jun 22 22:25:50 2017 +1200
Fixed upgrade guide spelling
commit 76f95944fa
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 16:38:34 2017 +1200
BUG Fix non-test class manifest including sapphiretest / functionaltest
commit 9379834cb4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:50:47 2017 +1200
BUG Fix nesting bug in Kernel
commit 188ce35d82
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:14:51 2017 +1200
BUG fix db bootstrapping issues
commit 7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 14:49:07 2017 +1200
BUG Fix issue in DetailedErrorFormatter
commit 738f50c497
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:49:19 2017 +1200
Upgrading notes on mysite/_config.php
commit 6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:43:28 2017 +1200
Update developer documentation
commit 5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 10:48:44 2017 +1200
Update installer to not use global databaseConfig
commit f9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 21:04:39 2017 +1200
Fix behat issues
commit 5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 17:07:11 2017 +1200
Move HTTPApplication to SilverStripe\Control namespace
commit e2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 16:29:03 2017 +1200
More documentation
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
commit 5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 12:13:15 2017 +1200
API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals
BUG Fix issue with SSViewer
Fix Security / View tests
commit d88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:39:43 2017 +1200
API Refactor AppKernel into CoreKernel
commit f7946aec33
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:00:40 2017 +1200
Docs and minor cleanup
commit 12bd31f936
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 15:34:34 2017 +1200
API Remove OutputMiddleware
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
commit bba9791146
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 18:07:53 2017 +1200
API Create HTTPMiddleware and standardise middleware for request handling
commit 2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:42:42 2017 +1200
Fixed ORM tests
commit d75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:15:07 2017 +1200
FIx i18n tests
commit 06364af3c3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 16:59:34 2017 +1200
Fix controller namespace
Move states to sub namespace
commit 2a278e2953
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 12:49:45 2017 +1200
Fix forms namespace
commit b65c21241b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:56:48 2017 +1200
Update API usages
commit d1d4375c95
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:41:44 2017 +1200
API Refactor $flush into HTPPApplication
API Enforce health check in Controller::pushCurrent()
API Better global backup / restore
Updated Director::test() to use new API
commit b220534f06
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 22:05:57 2017 +1200
Move app nesting to a test state helper
commit 603704165c
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 21:46:04 2017 +1200
Restore kernel stack to fix multi-level nesting
commit 2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 17:23:21 2017 +1200
API Implement kernel nesting
commit fc7188da7d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:43:13 2017 +1200
Fix core tests
commit a0ae723514
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:23:52 2017 +1200
Fix manifest tests
commit ca03395251
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:00:00 2017 +1200
API Move extension management into test state
commit c66d433977
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 14:10:59 2017 +1200
API Refactor SapphireTest state management into SapphireTestState
API Remove Injector::unregisterAllObjects()
API Remove FakeController
commit f26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 18:04:34 2017 +1200
Implement basic CLI application object
commit 001d559662
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 17:39:38 2017 +1200
Remove references to SapphireTest::is_running_test()
Upgrade various code
commit de079c041d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 7 18:07:33 2017 +1200
API Implement APP object
API Refactor of Session
2017-06-22 22:50:45 +12:00
Damian Mooyman
259f957ce8
API Rename services to match FQN of interface / classes
2017-05-16 14:15:49 +12:00
Ingo Schommer
81e5c7ac40
API Removed deprecated Session::set_config()
2017-05-09 11:38:35 +12:00
Damian Mooyman
1b1e921e3d
PSR2: Whitespace-only changes
2016-11-29 12:31:16 +13:00
Daniel Hensby
bcc21c2403
Merge branch '3'
2016-11-10 01:09:35 +00:00
Sam Minnee
7a10c194bd
NEW: Move code files into src/ folder.
...
This updates framework to be more in keeping with PHP conventions.
2016-11-01 13:37:24 +13:00