Refactored Session as suggested in #1172

a7175bae · Qiang Xue · 202664f3 · a7175bae
Commit a7175bae authored Nov 11, 2013 by Qiang Xue
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 10 deletions

Session.php framework/yii/web/Session.php +18 -10

No files found.
--- a/framework/yii/web/Session.php
+++ b/framework/yii/web/Session.php
@@ -80,13 +80,11 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
 	 * @var string the name of the session variable that stores the flash message data.
 	 */
 	public $flashVar = '__flash';
-
 	/**
 	 * @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function
 	 * @see http://www.php.net/manual/en/function.session-set-cookie-params.php
-	 * @see setCookieParams()
 	 */
-	public $cookieParams = ['httpOnly' => true];
+	private $_cookieParams = ['httpOnly' => true];

 	/**
 	 * Initializes the application component.
@@ -137,7 +135,7 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
 				);
 			}

-			$this->setCookieParams($this->cookieParams);
+			$this->setCookieParamsInternal();

 			@session_start();

@@ -265,26 +263,36 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
 			$params['httpOnly'] = $params['httponly'];
 			unset($params['httponly']);
 		}
-		return $params;
+		return array_merge($params, $this->_cookieParams);
 	}

 	/**
 	 * Sets the session cookie parameters.
-	 * The effect of this method only lasts for the duration of the script.
-	 * Call this method before the session starts.
+	 * The cookie parameters passed to this method will be merged with the result
+	 * of `session_get_cookie_params()`.
 	 * @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httpOnly`.
 	 * @throws InvalidParamException if the parameters are incomplete.
 	 * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
 	 */
-	public function setCookieParams($value)
+	public function setCookieParams(array $value)
+	{
+		$this->_cookieParams = $value;
+	}
+
+	/**
+	 * Sets the session cookie parameters.
+	 * This method is called by [[open()]] when it is about to open the session.
+	 * @throws InvalidParamException if the parameters are incomplete.
+	 * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php
+	 */
+	private function setCookieParamsInternal()
 	{
 		$data = $this->getCookieParams();
 		extract($data);
-		extract($value);
 		if (isset($lifetime, $path, $domain, $secure, $httpOnly)) {
 			session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly);
 		} else {
-			throw new InvalidParamException('Please make sure these parameters are provided: lifetime, path, domain, secure and httpOnly.');
+			throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httpOnly.');
 		}
 	}