Merge branch 'release/1.4.1'

2026-03-04 11:31:43 +01:00 · 2018-03-11 16:13:03 -06:00
parent 9b149307ef 0e26422613
commit 4adaead4ec
3 changed files with 25 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# v1.4.1
+## 03/11/2018
+
+1. [](#bugfix) 
+    * Fixed session timing out because of session cookie was not being sent
+
 # v1.4.0
 ## 03/09/2018

--- a/system/defines.php
+++ b/system/defines.php
@@ -8,7 +8,7 @@

 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.4.0');
+define('GRAV_VERSION', '1.4.1');
 define('GRAV_TESTING', false);
 define('DS', '/');

--- a/system/src/Grav/Common/Session.php
+++ b/system/src/Grav/Common/Session.php
@@ -15,6 +15,12 @@ class Session extends BaseSession
    /** @var bool */
    protected $autoStart = false;

+    protected $lifetime;
+    protected $path;
+    protected $domain;
+    protected $secure;
+    protected $httpOnly;
+
    /**
     * @param int    $lifetime Defaults to 1800 seconds.
     * @param string $path     Cookie path.
@@ -23,6 +29,10 @@ class Session extends BaseSession
     */
    public function __construct($lifetime, $path, $domain = null)
    {
+        $this->lifetime = $lifetime;
+        $this->path = $path;
+        $this->domain = $domain;
+
        if (php_sapi_name() !== 'cli') {
            parent::__construct($lifetime, $path, $domain);
        }
@@ -38,6 +48,9 @@ class Session extends BaseSession
        if ($this->autoStart) {
            $this->start();

+            // TODO: This setcookie shouldn't be here, session should by itself be able to update its cookie.
+            setcookie(session_name(), session_id(), $this->lifetime ? time() + $this->lifetime : 0, $this->path, $this->domain, $this->secure, $this->httpOnly);
+
            $this->autoStart = false;
        }
    }
@@ -59,18 +72,20 @@ class Session extends BaseSession
     */
    public function setSecure($secure)
    {
+        $this->secure = $secure;
        ini_set('session.cookie_secure', (bool)$secure);

        return $this;
    }

    /**
-     * @param bool $httponly
+     * @param bool $httpOnly
     * @return $this
     */
-    public function setHttpOnly($httponly)
+    public function setHttpOnly($httpOnly)
    {
-        ini_set('session.cookie_httponly', (bool)$httponly);
+        $this->httpOnly = $httpOnly;
+        ini_set('session.cookie_httponly', (bool)$httpOnly);

        return $this;
    }