Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Don't start a session if it's known to be empty.

If an app only reads/checks the session there's no need to start a
session to know that the read/checked session value is empty.

Fixes #1981
  • Loading branch information...
commit 84932fcc4a45b209b27e07fe9af965d978a12320 1 parent 75dd2ff
@ADmad ADmad authored
View
69 lib/Cake/Model/Datasource/CakeSession.php
@@ -128,6 +128,13 @@ class CakeSession {
protected static $_initialized = false;
/**
+ * Session cookie name
+ *
+ * @var string
+ */
+ protected static $_cookieName = null;
+
+/**
* Pseudo constructor.
*
* @param string $base The base path for the Session
@@ -222,12 +229,10 @@ public static function started() {
* @return boolean True if variable is there
*/
public static function check($name = null) {
- if (!self::start()) {
- return false;
- }
- if (empty($name)) {
+ if (empty($name) || !self::_hasSession() || !self::start()) {
return false;
}
+
return Hash::get($_SESSION, $name) !== null;
}
@@ -321,7 +326,7 @@ public static function error() {
* @return boolean Success
*/
public static function valid() {
- if (self::read('Config')) {
+ if (self::start() && self::read('Config')) {
if (self::_validAgentAndTime() && self::$error === false) {
self::$valid = true;
} else {
@@ -369,18 +374,19 @@ public static function userAgent($userAgent = null) {
* Returns given session variable, or all of them, if no parameters given.
*
* @param string|array $name The name of the session variable (or a path as sent to Set.extract)
- * @return mixed The value of the session variable
+ * @return mixed The value of the session variable, null if session not available,
+ * session not started, or provided name not found in the session.
*/
public static function read($name = null) {
- if (!self::start()) {
+ if (empty($name) && $name !== null) {
return false;
}
+ if (!self::_hasSession() || !self::start()) {
+ return null;
+ }
if ($name === null) {
return self::_returnSessionVars();
}
- if (empty($name)) {
- return false;
- }
$result = Hash::get($_SESSION, $name);
if (isset($result)) {
@@ -410,12 +416,10 @@ protected static function _returnSessionVars() {
* @return boolean True if the write was successful, false if the write failed
*/
public static function write($name, $value = null) {
- if (!self::start()) {
- return false;
- }
- if (empty($name)) {
+ if (empty($name) || !self::start()) {
return false;
}
+
$write = $name;
if (!is_array($name)) {
$write = array($name => $value);
@@ -443,6 +447,7 @@ public static function destroy() {
$_SESSION = null;
self::$id = null;
+ self::$_cookieName = null;
}
/**
@@ -482,9 +487,12 @@ protected static function _configureSession() {
if (!isset($sessionConfig['ini']['session.cookie_lifetime'])) {
$sessionConfig['ini']['session.cookie_lifetime'] = $sessionConfig['cookieTimeout'] * 60;
}
+
if (!isset($sessionConfig['ini']['session.name'])) {
$sessionConfig['ini']['session.name'] = $sessionConfig['cookie'];
}
+ self::$_cookieName = $sessionConfig['ini']['session.name'];
+
if (!empty($sessionConfig['handler'])) {
$sessionConfig['ini']['session.save_handler'] = 'user';
}
@@ -523,6 +531,39 @@ protected static function _configureSession() {
}
/**
+ * Get session cookie name.
+ *
+ * @return string
+ */
+ protected static function _cookieName() {
+ if (self::$_cookieName !== null) {
+ return self::$_cookieName;
+ }
+
+ self::init();
+
+ $sessionConfig = Configure::read('Session');
+ if (isset($sessionConfig['ini']['session.name'])) {
+ return self::$_cookieName = $sessionConfig['ini']['session.name'];
+ }
+
+ $defaults = self::_defaultConfig($sessionConfig['defaults']);
+ if ($defaults) {
+ return self::$_cookieName = $defaults['cookie'];
+ }
+
+ return self::$_cookieName = ini_get('session.name');
+ }
+
+/**
+ * Returns whether a session exists
+ * @return boolean
+ */
+ protected static function _hasSession() {
+ return self::started() || isset($_COOKIE[self::_cookieName()]);
+ }
+
+/**
* Find the handler class and make sure it implements the correct interface.
*
* @param string $handler
View
6 lib/Cake/Test/Case/Controller/Component/SessionComponentTest.php
@@ -135,10 +135,6 @@ public function tearDown() {
* @return void
*/
public function testSessionIdConsistentAcrossRequestAction() {
- $Session = new SessionComponent($this->ComponentCollection);
- $Session->check('Test');
- $this->assertTrue(isset($_SESSION));
-
$Object = new Object();
$Session = new SessionComponent($this->ComponentCollection);
$expected = $Session->id();
@@ -274,7 +270,7 @@ public function testSessionFlash() {
public function testSessionId() {
unset($_SESSION);
$Session = new SessionComponent($this->ComponentCollection);
- $Session->check('test');
+ CakeSession::start();
$this->assertEquals(session_id(), $Session->id());
}
View
5 lib/Cake/Test/Case/I18n/I18nTest.php
@@ -17,6 +17,7 @@
*/
App::uses('I18n', 'I18n');
+App::uses('CakeSession', 'Model/Datasource');
/**
* I18nTest class
@@ -1517,7 +1518,7 @@ public function assertRulesFourteen() {
* @return void
*/
public function testSetLanguageWithSession() {
- $_SESSION['Config']['language'] = 'po';
+ CakeSession::write('Config.language', 'po');
$singular = $this->_singular();
$this->assertEquals('Po (translated)', $singular);
@@ -1548,7 +1549,7 @@ public function testSetLanguageWithSession() {
$this->assertTrue(in_array('23 everything else (po translated)', $plurals));
$this->assertTrue(in_array('24 everything else (po translated)', $plurals));
$this->assertTrue(in_array('25 everything else (po translated)', $plurals));
- unset($_SESSION['Config']['language']);
+ CakeSession::delete('Config.language');
}
/**
View
1  lib/Cake/Test/Case/Model/Datasource/CakeSessionTest.php
@@ -114,7 +114,6 @@ public function setUp() {
'cookieTimeout' => 120,
'ini' => array(),
));
- TestCakeSession::init();
}
/**
Please sign in to comment.
Something went wrong with that request. Please try again.