From 234555b20898944670a4512523674aa8b3f647a1 Mon Sep 17 00:00:00 2001
From: Matias Griese <matias@kunena.org>
Date: Sun, 11 Mar 2018 21:52:49 +0200
Subject: [PATCH 1/2] Fixed session timing out because of session cookie was
 not being sent

---
 CHANGELOG.md                       |  6 ++++++
 system/src/Grav/Common/Session.php | 21 ++++++++++++++++++---
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 308ec77b3..52ca1aa74 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# v1.4.1
+## 03/dd/2018
+
+1. [](#bugfix) 
+    * Fixed session timing out because of session cookie was not being sent
+
 # v1.4.0
 ## 03/09/2018
 
diff --git a/system/src/Grav/Common/Session.php b/system/src/Grav/Common/Session.php
index 528690493..7573f0866 100644
--- a/system/src/Grav/Common/Session.php
+++ b/system/src/Grav/Common/Session.php
@@ -15,6 +15,12 @@ class Session extends BaseSession
     /** @var bool */
     protected $autoStart = false;
 
+    protected $lifetime;
+    protected $path;
+    protected $domain;
+    protected $secure;
+    protected $httpOnly;
+
     /**
      * @param int    $lifetime Defaults to 1800 seconds.
      * @param string $path     Cookie path.
@@ -23,6 +29,10 @@ class Session extends BaseSession
      */
     public function __construct($lifetime, $path, $domain = null)
     {
+        $this->lifetime = $lifetime;
+        $this->path = $path;
+        $this->domain = $domain;
+
         if (php_sapi_name() !== 'cli') {
             parent::__construct($lifetime, $path, $domain);
         }
@@ -38,6 +48,9 @@ class Session extends BaseSession
         if ($this->autoStart) {
             $this->start();
 
+            // TODO: This setcookie shouldn't be here, session should by itself be able to update its cookie.
+            setcookie(session_name(), session_id(), $this->lifetime ? time() + $this->lifetime : 0, $this->path, $this->domain, $this->secure, $this->httpOnly);
+
             $this->autoStart = false;
         }
     }
@@ -59,18 +72,20 @@ class Session extends BaseSession
      */
     public function setSecure($secure)
     {
+        $this->secure = $secure;
         ini_set('session.cookie_secure', (bool)$secure);
 
         return $this;
     }
 
     /**
-     * @param bool $httponly
+     * @param bool $httpOnly
      * @return $this
      */
-    public function setHttpOnly($httponly)
+    public function setHttpOnly($httpOnly)
     {
-        ini_set('session.cookie_httponly', (bool)$httponly);
+        $this->httpOnly = $httpOnly;
+        ini_set('session.cookie_httponly', (bool)$httpOnly);
 
         return $this;
     }

From 0e264226138221218cae66e8f633cfb76ba8ed97 Mon Sep 17 00:00:00 2001
From: Andy Miller <rhuk@mac.com>
Date: Sun, 11 Mar 2018 16:12:55 -0600
Subject: [PATCH 2/2] Prepare for release

---
 CHANGELOG.md       | 2 +-
 system/defines.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 52ca1aa74..661aca80c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,5 @@
 # v1.4.1
-## 03/dd/2018
+## 03/11/2018
 
 1. [](#bugfix) 
     * Fixed session timing out because of session cookie was not being sent
diff --git a/system/defines.php b/system/defines.php
index f821c4fc3..f8c984898 100644
--- a/system/defines.php
+++ b/system/defines.php
@@ -8,7 +8,7 @@
 
 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.4.0');
+define('GRAV_VERSION', '1.4.1');
 define('GRAV_TESTING', false);
 define('DS', '/');