Permalink
Browse files

Backport of 3.0 Session API hardening and clear().

  • Loading branch information...
dereuromark committed Jan 4, 2015
1 parent 4cd2c8f commit 39e0ce415d574fbb7daeafa004b8e1e1cbba6b97
Showing with 34 additions and 11 deletions.
  1. +15 −10 lib/Cake/Model/Datasource/CakeSession.php
  2. +19 −1 lib/Cake/Test/Case/Model/Datasource/CakeSessionTest.php
@@ -137,7 +137,7 @@ class CakeSession {
/**
* Pseudo constructor.
*
* @param string $base The base path for the Session
* @param string|null $base The base path for the Session
* @return void
*/
public static function init($base = null) {
@@ -160,7 +160,7 @@ public static function init($base = null) {
/**
* Setup the Path variable
*
* @param string $base base path
* @param string|null $base base path
* @return void
*/
protected static function _setPath($base = null) {
@@ -227,7 +227,7 @@ public static function started() {
* @param string $name Variable name to check for
* @return bool True if variable is there
*/
public static function check($name = null) {
public static function check($name) {
if (empty($name) || !self::_hasSession() || !self::start()) {
return false;
}
@@ -246,7 +246,7 @@ public static function check($name = null) {
* within the session id. For example, the file session handler only allows
* characters in the range a-z A-Z 0-9 , (comma) and - (minus).
*
* @param string $id Id to replace the current session id
* @param string|null $id Id to replace the current session id
* @return string Session id
*/
public static function id($id = null) {
@@ -356,7 +356,7 @@ protected static function _validAgentAndTime() {
/**
* Get / Set the user agent
*
* @param string $userAgent Set the user agent
* @param string|null $userAgent Set the user agent
* @return string Current user agent
*/
public static function userAgent($userAgent = null) {
@@ -372,7 +372,7 @@ public static function userAgent($userAgent = null) {
/**
* Returns given session variable, or all of them, if no parameters given.
*
* @param string|array $name The name of the session variable (or a path as sent to Set.extract)
* @param string|null $name The name of the session variable (or a path as sent to Set.extract)
* @return mixed The value of the session variable, null if session not available,
* session not started, or provided name not found in the session.
*/
@@ -468,14 +468,19 @@ public static function destroy() {
}
/**
* Clears the session, the session id, and renews the session.
* Clears the session.
*
* Optionally also clears the session id and renews the session.
*
* @param bool $renew If the session should also be renewed. Defaults to false.
* @return void
*/
public static function clear() {
public static function clear($renew = false) {
$_SESSION = null;
self::$id = null;
self::renew();
if ($renew) {
self::$id = null;
self::renew();
}
}
/**
@@ -393,11 +393,28 @@ public function testDelete() {
$this->assertTrue(TestCakeSession::check('Delete'));
$this->assertTrue(TestCakeSession::write('Clearing.sale', 'everything must go'));
$this->assertFalse(TestCakeSession::delete(''));
$this->assertTrue(TestCakeSession::check('Clearing.sale'));
$this->assertFalse(TestCakeSession::delete(null));
$this->assertTrue(TestCakeSession::check('Clearing.sale'));
$this->assertTrue(TestCakeSession::delete('Clearing'));
$this->assertFalse(TestCakeSession::check('Clearing.sale'));
$this->assertFalse(TestCakeSession::check('Clearing'));
}
/**
* testClear method
*
* @return void
*/
public function testClear() {
$this->assertTrue(TestCakeSession::write('Delete.me', 'Clearing out'));
TestCakeSession::clear();
$this->assertFalse(TestCakeSession::check('Delete.me'));
$this->assertFalse(TestCakeSession::check('Delete'));
}
/**
* testDestroy method
*
@@ -451,7 +468,8 @@ public function testCheckKeyWithSpaces() {
* @return void
*/
public function testCheckEmpty() {
$this->assertFalse(TestCakeSession::check());
$this->assertFalse(TestCakeSession::check(''));
$this->assertFalse(TestCakeSession::check(null));
}
/**

0 comments on commit 39e0ce4

Please sign in to comment.