|
15 | 15 | */ |
16 | 16 | class SessionManager implements SessionManagerInterface |
17 | 17 | { |
18 | | - /** |
19 | | - * Session destroyed threshold in seconds |
20 | | - */ |
21 | | - const SESSION_DESTROYED_THRESHOLD = 300; |
22 | | - |
23 | 18 | /** |
24 | 19 | * Default options when a call destroy() |
25 | 20 | * |
@@ -197,11 +192,12 @@ public function start() |
197 | 192 | // potential custom logic for session id (ex. switching between hosts) |
198 | 193 | $this->setSessionId($sid); |
199 | 194 | session_start(); |
200 | | - if (isset($_SESSION['destroyed'])) { |
201 | | - if ($_SESSION['destroyed'] < time() - self::SESSION_DESTROYED_THRESHOLD) { |
202 | | - $this->destroy(['clear_storage' => true]); |
203 | | - } |
| 195 | + if (isset($_SESSION['destroyed']) |
| 196 | + && $_SESSION['destroyed'] < time() - $this->sessionConfig->getCookieLifetime() |
| 197 | + ) { |
| 198 | + $this->destroy(['clear_storage' => true]); |
204 | 199 | } |
| 200 | + |
205 | 201 | $this->validator->validate($this); |
206 | 202 | $this->renewCookie($sid); |
207 | 203 |
|
@@ -516,29 +512,34 @@ public function regenerateId() |
516 | 512 | return $this; |
517 | 513 | } |
518 | 514 |
|
519 | | - // @codingStandardsIgnoreStart |
520 | 515 | if ($this->isSessionExists()) { |
| 516 | + |
521 | 517 | // Regenerate the session |
522 | 518 | session_regenerate_id(); |
523 | 519 | $newSessionId = session_id(); |
524 | 520 | $_SESSION['new_session_id'] = $newSessionId; |
| 521 | + |
525 | 522 | // Set destroy timestamp |
526 | 523 | $_SESSION['destroyed'] = time(); |
| 524 | + |
527 | 525 | // Write and close current session; |
528 | 526 | session_commit(); |
| 527 | + |
529 | 528 | // Called after destroy() |
530 | 529 | $oldSession = $_SESSION; |
| 530 | + |
531 | 531 | // Start session with new session ID |
532 | 532 | session_id($newSessionId); |
533 | 533 | session_start(); |
534 | 534 | $_SESSION = $oldSession; |
| 535 | + |
535 | 536 | // New session does not need them |
536 | 537 | unset($_SESSION['destroyed']); |
537 | 538 | unset($_SESSION['new_session_id']); |
538 | 539 | } else { |
539 | 540 | session_start(); |
540 | 541 | } |
541 | | - // @codingStandardsIgnoreEnd |
| 542 | + |
542 | 543 | $this->storage->init(isset($_SESSION) ? $_SESSION : []); |
543 | 544 |
|
544 | 545 | if ($this->sessionConfig->getUseCookies()) { |
|
0 commit comments