From 7fd8435d110a5ff27b5c61d7151497c59b89a9ed Mon Sep 17 00:00:00 2001 From: rosier Date: Mon, 30 Mar 2020 19:57:25 +0200 Subject: [PATCH 1/3] No need to reconnect the bags to the session Bug https://bugs.php.net/70013 was fixed before the release of PHP v7.0 --- Session/Storage/NativeSessionStorage.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Session/Storage/NativeSessionStorage.php b/Session/Storage/NativeSessionStorage.php index 5165b5d0d..d6ce2a79d 100644 --- a/Session/Storage/NativeSessionStorage.php +++ b/Session/Storage/NativeSessionStorage.php @@ -223,10 +223,6 @@ public function regenerate($destroy = false, $lifetime = null) $isRegenerated = session_regenerate_id($destroy); - // The reference to $_SESSION in session bags is lost in PHP7 and we need to re-create it. - // @see https://bugs.php.net/70013 - $this->loadSession(); - if (null !== $this->emulateSameSite) { $originalCookie = SessionUtils::popSessionCookie(session_name(), session_id()); if (null !== $originalCookie) { From 9a692b69b244685bcb420c346736f6628bb79ace Mon Sep 17 00:00:00 2001 From: Guite Date: Sun, 9 Feb 2020 17:51:23 +0100 Subject: [PATCH 2/3] [HttpFoundation] Fixed session migration with custom cookie lifetime --- Session/Storage/NativeSessionStorage.php | 8 +++++--- Tests/Session/Storage/NativeSessionStorageTest.php | 13 +++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/Session/Storage/NativeSessionStorage.php b/Session/Storage/NativeSessionStorage.php index 7502897a4..66343cd31 100644 --- a/Session/Storage/NativeSessionStorage.php +++ b/Session/Storage/NativeSessionStorage.php @@ -152,7 +152,7 @@ public function start() // ok to try and start the session if (!session_start()) { - throw new \RuntimeException('Failed to start the session'); + throw new \RuntimeException('Failed to start the session.'); } if (null !== $this->emulateSameSite) { @@ -213,8 +213,10 @@ public function regenerate($destroy = false, $lifetime = null) return false; } - if (null !== $lifetime) { + if (null !== $lifetime && $lifetime != ini_get('session.cookie_lifetime')) { + $this->save(); ini_set('session.cookie_lifetime', $lifetime); + $this->start(); } if ($destroy) { @@ -314,7 +316,7 @@ public function registerBag(SessionBagInterface $bag) public function getBag($name) { if (!isset($this->bags[$name])) { - throw new \InvalidArgumentException(sprintf('The SessionBagInterface %s is not registered.', $name)); + throw new \InvalidArgumentException(sprintf('The SessionBagInterface "%s" is not registered.', $name)); } if (!$this->started && $this->saveHandler->isActive()) { diff --git a/Tests/Session/Storage/NativeSessionStorageTest.php b/Tests/Session/Storage/NativeSessionStorageTest.php index d2cf32452..7cfcd223e 100644 --- a/Tests/Session/Storage/NativeSessionStorageTest.php +++ b/Tests/Session/Storage/NativeSessionStorageTest.php @@ -123,6 +123,19 @@ public function testRegenerateDestroy() $this->assertEquals(11, $storage->getBag('attributes')->get('legs')); } + public function testRegenerateWithCustomLifetime() + { + $storage = $this->getStorage(); + $storage->start(); + $id = $storage->getId(); + $lifetime = 999999; + $storage->getBag('attributes')->set('legs', 11); + $storage->regenerate(false, $lifetime); + $this->assertNotEquals($id, $storage->getId()); + $this->assertEquals(11, $storage->getBag('attributes')->get('legs')); + $this->assertEquals($lifetime, ini_get('session.cookie_lifetime')); + } + public function testSessionGlobalIsUpToDateAfterIdRegeneration() { $storage = $this->getStorage(); From eded33daef1147be7ff1249706be9a49fe2c7a44 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Sat, 18 Apr 2020 22:23:17 +0200 Subject: [PATCH 3/3] [HttpFoundation] workaround PHP bug in the session module --- Session/Storage/Handler/AbstractSessionHandler.php | 9 +++++++++ .../Session/Storage/Handler/Fixtures/regenerate.expected | 1 + 2 files changed, 10 insertions(+) diff --git a/Session/Storage/Handler/AbstractSessionHandler.php b/Session/Storage/Handler/AbstractSessionHandler.php index ec59d895c..c80da2046 100644 --- a/Session/Storage/Handler/AbstractSessionHandler.php +++ b/Session/Storage/Handler/AbstractSessionHandler.php @@ -71,6 +71,15 @@ public function validateId($sessionId) $this->prefetchData = $this->read($sessionId); $this->prefetchId = $sessionId; + if (\PHP_VERSION_ID < 70317 || (70400 <= \PHP_VERSION_ID && \PHP_VERSION_ID < 70405)) { + // work around https://bugs.php.net/79413 + foreach (debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS) as $frame) { + if (!isset($frame['class']) && isset($frame['function']) && \in_array($frame['function'], ['session_regenerate_id', 'session_create_id'], true)) { + return '' === $this->prefetchData; + } + } + } + return '' !== $this->prefetchData; } diff --git a/Tests/Session/Storage/Handler/Fixtures/regenerate.expected b/Tests/Session/Storage/Handler/Fixtures/regenerate.expected index baa5f2f6f..d825f44f7 100644 --- a/Tests/Session/Storage/Handler/Fixtures/regenerate.expected +++ b/Tests/Session/Storage/Handler/Fixtures/regenerate.expected @@ -11,6 +11,7 @@ validateId read doRead: abc|i:123; read +doRead: abc|i:123; write doWrite: abc|i:123; pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy