Skip to content

Y
yii2
Commit 03db4c46 by Qiang Xue
Options

Fixes #2921

parent 4acab5c4
Showing with 8 additions and 14 deletions
framework/web/Session.php
...@@ -84,10 +84,10 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -84,10 +84,10 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
public $handler; public $handler;
/** /**
* @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function * @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function
* Array may have the following possible keys: 'lifetime', 'path', 'domain', 'secure', 'httpOnly' * Array may have the following possible keys: 'lifetime', 'path', 'domain', 'secure', 'httponly'
* @see http://www.php.net/manual/en/function.session-set-cookie-params.php * @see http://www.php.net/manual/en/function.session-set-cookie-params.php
*/ */
private $_cookieParams = ['httpOnly' => true]; private $_cookieParams = ['httponly' => true];
/** /**
* Initializes the application component. * Initializes the application component.
...@@ -301,26 +301,20 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -301,26 +301,20 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
*/ */
public function getCookieParams() public function getCookieParams()
{ {
$params = session_get_cookie_params(); return array_merge(session_get_cookie_params(), $this->_cookieParams);
if (isset($params['httponly'])) {
$params['httpOnly'] = $params['httponly'];
unset($params['httponly']);
}
return array_merge($params, $this->_cookieParams);
} }
/** /**
* Sets the session cookie parameters. * Sets the session cookie parameters.
* The cookie parameters passed to this method will be merged with the result * The cookie parameters passed to this method will be merged with the result
* of `session_get_cookie_params()`. * of `session_get_cookie_params()`.
* @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httpOnly`. * @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httponly`.
* @throws InvalidParamException if the parameters are incomplete. * @throws InvalidParamException if the parameters are incomplete.
* @see http://us2.php.net/manual/en/function.session-set-cookie-params.php * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
*/ */
public function setCookieParams(array $value) public function setCookieParams(array $value)
{ {
$this->_cookieParams = $value; $this->_cookieParams = array_change_key_case($value);
} }
/** /**
...@@ -333,10 +327,10 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co ...@@ -333,10 +327,10 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
{ {
$data = $this->getCookieParams(); $data = $this->getCookieParams();
extract($data); extract($data);
if (isset($lifetime, $path, $domain, $secure, $httpOnly)) { if (isset($lifetime, $path, $domain, $secure, $httponly)) {
session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly); session_set_cookie_params($lifetime, $path, $domain, $secure, $httponly);
} else { } else {
throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httpOnly.'); throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httponly.');
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment