From c119ec4d2364b634b14315e6886a9e91bc7ffdc2 Mon Sep 17 00:00:00 2001 From: mark_story Date: Sun, 27 Jun 2010 12:17:37 -0400 Subject: [PATCH] Merging in changes from Voidet to correct session times. Minutes were being used instead of seconds, for a value that expected seconds. Conflicts: cake/libs/cake_session.php cake/tests/cases/libs/controller/components/session.test.php --- app/config/core.php | 2 +- cake/libs/cake_session.php | 10 +++++----- .../libs/controller/components/session.test.php | 15 ++++++++++----- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/app/config/core.php b/app/config/core.php index 18e24cb3881..2996afbba5c 100644 --- a/app/config/core.php +++ b/app/config/core.php @@ -167,7 +167,7 @@ Configure::write('Session.cookie', 'CAKEPHP'); /** - * Session time out time (in seconds). + * Session time out time (in minutes). * Actual value depends on 'Security.level' setting. */ Configure::write('Session.timeout', '120'); diff --git a/cake/libs/cake_session.php b/cake/libs/cake_session.php index 5c478d3edc0..cc89d59542b 100644 --- a/cake/libs/cake_session.php +++ b/cake/libs/cake_session.php @@ -125,7 +125,7 @@ class CakeSession extends Object { /** * Session timeout multiplier factor * - * @var ineteger + * @var integer * @access public */ var $timeout = null; @@ -188,7 +188,7 @@ function __construct($base = null, $start = true) { if (!class_exists('Security')) { App::import('Core', 'Security'); } - $this->sessionTime = $this->time + (Security::inactiveMins() * Configure::read('Session.timeout')); + $this->sessionTime = $this->time + (Security::inactiveMins() * 60 * Configure::read('Session.timeout')); $this->security = Configure::read('Security.level'); } parent::__construct(); @@ -466,7 +466,7 @@ function __initSession() { if ($iniSet && ($this->security === 'high' || $this->security === 'medium')) { ini_set('session.referer_check', $this->host); } - $this->cookieLifeTime = Configure::read('Session.timeout') * Security::inactiveMins(); + $this->cookieLifeTime = Configure::read('Session.timeout') * (Security::inactiveMins() * 60); switch (Configure::read('Session.save')) { case 'cake': @@ -593,7 +593,7 @@ function _checkValid() { $check -= 1; $this->write('Config.timeout', $check); - if (time() > ($time - (Security::inactiveMins() * Configure::read('Session.timeout')) + 2) || $check < 1) { + if (time() > ($time - (Security::inactiveMins() * 60 * Configure::read('Session.timeout')) + 2) || $check < 1) { $this->renew(); $this->write('Config.timeout', Security::inactiveMins()); } @@ -735,7 +735,7 @@ function __read($id) { * @access private */ function __write($id, $data) { - $expires = time() + Configure::read('Session.timeout') * Security::inactiveMins(); + $expires = time() + Configure::read('Session.timeout') * Security::inactiveMins() * 60; $model =& ClassRegistry::getObject('Session'); $return = $model->save(compact('id', 'data', 'expires')); return $return; diff --git a/cake/tests/cases/libs/controller/components/session.test.php b/cake/tests/cases/libs/controller/components/session.test.php index 022cf35d20d..939b922b488 100644 --- a/cake/tests/cases/libs/controller/components/session.test.php +++ b/cake/tests/cases/libs/controller/components/session.test.php @@ -341,7 +341,7 @@ function testSessionDestroy() { $Session->destroy('Test'); $this->assertNull($Session->read('Test')); } - + /** * testSessionTimeout method * @@ -354,28 +354,33 @@ function testSessionTimeout() { Configure::write('Security.level', 'low'); $Session =& new SessionComponent(); $Session->write('Test', 'some value'); + + $this->assertEqual($Session->sessionTime, mktime() + (300 * 60 * Configure::read('Session.timeout'))); $this->assertEqual($_SESSION['Config']['timeout'], Security::inactiveMins()); $this->assertEqual($_SESSION['Config']['time'], $Session->sessionTime); $this->assertEqual($Session->time, mktime()); - $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * Configure::read('Session.timeout'))); + $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * 60 * Configure::read('Session.timeout'))); session_destroy(); Configure::write('Security.level', 'medium'); $Session =& new SessionComponent(); $Session->write('Test', 'some value'); + $this->assertEqual($Session->sessionTime, mktime() + (100 * 60 * Configure::read('Session.timeout'))); $this->assertEqual($_SESSION['Config']['timeout'], Security::inactiveMins()); $this->assertEqual($_SESSION['Config']['time'], $Session->sessionTime); $this->assertEqual($Session->time, mktime()); - $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * Configure::read('Session.timeout'))); - + $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * 60 * Configure::read('Session.timeout'))); + + session_destroy(); Configure::write('Security.level', 'high'); $Session =& new SessionComponent(); $Session->write('Test', 'some value'); + $this->assertEqual($Session->sessionTime, mktime() + (10 * 60 * Configure::read('Session.timeout'))); $this->assertEqual($_SESSION['Config']['timeout'], Security::inactiveMins()); $this->assertEqual($_SESSION['Config']['time'], $Session->sessionTime); $this->assertEqual($Session->time, mktime()); - $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * Configure::read('Session.timeout'))); + $this->assertEqual($_SESSION['Config']['time'], $Session->time + (Security::inactiveMins() * 60 * Configure::read('Session.timeout'))); } }