From 532e0357244fe65766087660fb69cf8fdae2241b Mon Sep 17 00:00:00 2001 From: Flavio Copes Date: Fri, 31 Jul 2015 18:21:06 +0200 Subject: [PATCH 1/2] Load uri before session --- system/src/Grav/Common/Grav.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/src/Grav/Common/Grav.php b/system/src/Grav/Common/Grav.php index 2bcb9e9cd..5e4737411 100644 --- a/system/src/Grav/Common/Grav.php +++ b/system/src/Grav/Common/Grav.php @@ -174,8 +174,8 @@ class Grav extends Container // Initialize configuration. $debugger->startTimer('_config', 'Configuration'); $this['config']->init(); - $this['session']->init(); $this['uri']->init(); + $this['session']->init(); $this['errors']->resetHandlers(); $debugger->init(); $this['config']->debug(); From dc56f85881fcebbe904299ba9c5d0cf8b7deb59a Mon Sep 17 00:00:00 2001 From: Flavio Copes Date: Fri, 31 Jul 2015 18:21:43 +0200 Subject: [PATCH 2/2] Separate sessions for site and admin --- system/src/Grav/Common/Session.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/system/src/Grav/Common/Session.php b/system/src/Grav/Common/Session.php index 795fcae09..c587b6332 100644 --- a/system/src/Grav/Common/Session.php +++ b/system/src/Grav/Common/Session.php @@ -21,6 +21,14 @@ class Session extends \RocketTheme\Toolbox\Session\Session $config = $this->grav['config']; if ($config->get('system.session.enabled')) { + // Only activate admin if we're inside the admin path. + $is_admin = false; + $route = $config->get('plugins.admin.route'); + $base = '/' . trim($route, '/'); + if (substr($uri->route(), 0, strlen($base)) == $base) { + $is_admin = true; + } + $session_timeout = $config->get('system.session.timeout', 1800); $session_path = $config->get('system.session.path', '/' . ltrim($uri->rootUrl(false), '/')); @@ -30,8 +38,8 @@ class Session extends \RocketTheme\Toolbox\Session\Session $session_path ); - $site_identifier = $config->get('site.title', 'unkown'); - $this->setName($config->get('system.session.name', 'grav_site') . '_' . substr(md5($site_identifier), 0, 7)); + $site_identifier = $config->get('site.title', 'unknown'); + $this->setName($config->get('system.session.name', 'grav_site') . '_' . substr(md5($site_identifier), 0, 7) . ($is_admin ? '_admin' : '')); $this->start(); setcookie(session_name(), session_id(), time() + $session_timeout, $session_path); }