https://github.com/opencart/opencart/issues/7259

opencart · Mar 31, 2019 · df45d8b · df45d8b
1 parent f44bb0a
commit df45d8b
Show file tree

Hide file tree

Showing 10 changed files with 47 additions and 119 deletions.
diff --git a/upload/admin/controller/startup/startup.php b/upload/admin/controller/startup/startup.php
@@ -20,6 +20,17 @@ public function index() {
 			$this->db->query("SET time_zone = '" . $this->db->escape(date('P')) . "'");
 		}
 
+		// Session
+		if (isset($this->request->cookie[$this->config->get('session_name')])) {
+			$session_id = $this->request->cookie[$this->config->get('session_name')];
+		} else {
+			$session_id = '';
+		}
+
+		$this->session->start($session_id);
+
+		setcookie($this->config->get('session_name'), $this->session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
+
 		// Response output compression level
 		if ($this->config->get('config_compression')) {
 			$this->response->setCompression($this->config->get('config_compression'));

diff --git a/upload/catalog/controller/startup/session.php b/upload/catalog/controller/startup/session.php
diff --git a/upload/catalog/controller/startup/startup.php b/upload/catalog/controller/startup/startup.php
@@ -35,6 +35,32 @@ public function index() {
 			$this->db->query("SET time_zone = '" . $this->db->escape(date('P')) . "'");
 		}
 
+		// Session
+		if (isset($this->request->get['route']) && substr((string)$this->request->get['route'], 0, 4) == 'api/') {
+			$this->load->model('setting/api');
+
+			$this->model_setting_api->cleanApiSessions();
+
+			// Make sure the IP is allowed
+			$api_info = $this->model_setting_api->getApiByToken($this->request->get['api_token']);
+
+			if ($api_info) {
+				$this->session->start($this->request->get['api_token']);
+
+				$this->model_setting_api->updateApiSession($api_info['api_session_id']);
+			}
+		} else {
+			if (isset($this->request->cookie[$this->config->get('session_name')])) {
+				$session_id = $this->request->cookie[$this->config->get('session_name')];
+			} else {
+				$session_id = '';
+			}
+
+			$this->session->start($session_id);
+
+			setcookie($this->config->get('session_name'), $this->session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
+		}
+
 		// Response output compression level
 		if ($this->config->get('config_compression')) {
 			$this->response->setCompression($this->config->get('config_compression'));
@@ -224,42 +250,5 @@ public function index() {
 
 		// Encryption
 		$this->registry->set('encryption', new Encryption());
-
-		/*
-		$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "startup` WHERE ORDER BY store_id ASC");
-
-		// Config Autoload
-		foreach ($query->rows as $result) {
-			$this->loader->config($result['catalog/']);
-		}
-
-		// Language Autoload
-		if ($config->has('language_autoload')) {
-			foreach ($config->get('language_autoload') as $value) {
-				$this->loader->language($value);
-			}
-		}
-
-		// Library Autoload
-		if ($config->has('library_autoload')) {
-			foreach ($config->get('library_autoload') as $value) {
-				$this->loader->library($value);
-			}
-		}
-
-		// Model Autoload
-		if ($config->has('model_autoload')) {
-			foreach ($config->get('model_autoload') as $value) {
-				$loader->model($value);
-			}
-		}
-
-		// Pre Actions
-		if ($config->has('action_pre_action')) {
-			foreach ($config->get('action_pre_action') as $value) {
-				$route->addPreAction(new Action($value));
-			}
-		}
-		*/
 	}
 }
diff --git a/upload/system/config/admin.php b/upload/system/config/admin.php
@@ -12,7 +12,7 @@
 $_['db_port']           = DB_PORT;
 
 // Session
-$_['session_autostart'] = true;
+$_['session_autostart'] = false;
 $_['session_engine']    = 'db';
 
 // Error

diff --git a/upload/system/config/catalog.php b/upload/system/config/catalog.php
@@ -2,9 +2,6 @@
 // Site
 $_['site_url']           = HTTP_SERVER;
 
-// Url
-$_['url_autostart']      = false;
-
 // Database
 $_['db_autostart']       = true;
 $_['db_engine']          = DB_DRIVER; // mpdo, mssql, mysql, mysqli or postgre
@@ -15,7 +12,7 @@
 $_['db_port']            = DB_PORT;
 
 // Session
-$_['session_autostart']  = true;
+$_['session_autostart']  = false;
 $_['session_engine']     = 'db';
 $_['session_name']       = 'OCSESSID';
 
@@ -29,7 +26,6 @@
 
 // Actions
 $_['action_pre_action']  = array(
-	'startup/session',
 	'startup/startup',
 	'startup/marketing',
 	'startup/error',

diff --git a/upload/system/config/default.php b/upload/system/config/default.php
@@ -2,9 +2,6 @@
 // Site
 $_['site_url']             = '';
 
-// Url
-$_['url_autostart']        = true;
-
 // Language
 $_['language_directory']   = 'en-gb';
 $_['language_autoload']    = array('en-gb');
@@ -13,13 +10,13 @@
 $_['date_timezone']        = 'UTC';
 
 // Database
+$_['db_autostart']         = false;
 $_['db_engine']            = 'mysqli'; // mpdo, mssql, mysql, mysqli or postgre
 $_['db_hostname']          = 'localhost';
 $_['db_username']          = 'root';
 $_['db_password']          = '';
 $_['db_database']          = '';
 $_['db_port']              = 3306;
-$_['db_autostart']         = false;
 
 // Mail
 $_['mail_engine']          = 'mail'; // mail or smtp
@@ -39,8 +36,8 @@
 $_['cache_expire']         = 3600;
 
 // Session
-$_['session_engine']       = 'file';
 $_['session_autostart']    = true;
+$_['session_engine']       = 'file';
 $_['session_name']         = 'OCSESSID';
 $_['session_expire']       = 3600;
 
@@ -55,7 +52,7 @@
 $_['error_log']            = true;
 $_['error_filename']       = 'error.log';
 
-// Reponse
+// Response
 $_['response_header']      = array('Content-Type: text/html; charset=utf-8');
 $_['response_compression'] = 0;
 
@@ -73,5 +70,4 @@
 $_['action_router']        = 'startup/router';
 $_['action_error']         = 'error/not_found';
 $_['action_pre_action']    = array();
-$_['action_event']         = array();
-$_['action_cron']          = array();
+$_['action_event']         = array();
diff --git a/upload/system/config/install.php b/upload/system/config/install.php
@@ -8,8 +8,8 @@
 $_['language_autoload'] = array('en-gb');
 
 // Session
-$_['session_engine']    = 'file';
 $_['session_autostart'] = true;
+$_['session_engine']    = 'file';
 $_['session_name']      = 'OCSESSID';
 
 // Template

diff --git a/upload/system/framework.php b/upload/system/framework.php
@@ -128,13 +128,10 @@
 $registry->set('cache', new Cache($config->get('cache_engine'), $config->get('cache_expire')));
 
 // Url
-if ($config->get('url_autostart')) {
-	$registry->set('url', new Url($config->get('site_url')));
-}
+$registry->set('url', new Url($config->get('site_url')));
 
 // Language
-$language = new Language($config->get('language_directory'));
-$registry->set('language', $language);
+$registry->set('language', new Language($config->get('language_directory')));
 
 // Document
 $registry->set('document', new Document());

diff --git a/upload/system/library/session/db.php b/upload/system/library/session/db.php
@@ -18,7 +18,7 @@ public function __construct($registry) {
 	}
 
 	public function read($session_id) {
-		$query = $this->db->query("SELECT `data` FROM `" . DB_PREFIX . "session` WHERE session_id = '" . $this->db->escape($session_id) . "' AND expire > '" . $this->db->escape(date('Y-m-d H:i:s', time()))  . "'");
+		$query = $this->db->query("SELECT `data` FROM `" . DB_PREFIX . "session` WHERE session_id = '" . $this->db->escape($session_id) . "' AND expire > '" . $this->db->escape(date('Y-m-d H:i:s'))  . "'");
 
 		if ($query->num_rows) {
 			return json_decode($query->row['data'], true);

diff --git a/upload/system/library/template/twig_test.php b/upload/system/library/template/twig_test.php