Thijs/wiki.techinc.nl

Fork 0

Commit graph

Author	SHA1	Message	Date
Brad Jorsch	46a565d6b0	Avoid false "added in both Session and $_SESSION" when value is null Needs to use array_key_exists(), not isset(). Bug: T124371 Change-Id: I794f0ec793fc91ec68393443f839cfc8a154613e	2016-01-26 13:21:57 -05:00
Brad Jorsch	4f5057b84b	SessionManager: Change behavior of getSessionById() It's easily possible for SessionManager::getSessionById() to not be able to load the specified session and to not be able to create an empty one by that ID, for example if the user's token changed. So change this from an exceptional condition to an expected one, and adjust callers to deal with it appropriately. Let's also make the checks for invalid data structure when loading the session from the store delete the bogus data entirely. At the same time, let's change the silly "$noEmpty" parameter to "$create" and make the default behavior be not to create an empty session. Bug: T124126 Change-Id: I085d2026d1b366b1af9fd0e8ca3d815fd8288030	2016-01-20 12:45:26 -05:00
Brad Jorsch	a73c5b7395	Add SessionManager SessionManager is a general-purpose session management framework, rather than the cookie-based sessions that PHP wants to provide us. While fallback is provided for using $_SESSION and other PHP session management functions, they should be avoided in favor of using SessionManager directly. For proof-of-concept extensions, see OAuth change Ib40b221 and CentralAuth change I27ccabdb. Bug: T111296 Change-Id: Ic1ffea74f3ccc8f93c8a23b795ecab6f06abca72	2016-01-12 21:57:01 +00:00

Author

SHA1

Message

Date

Brad Jorsch

46a565d6b0

Avoid false "added in both Session and $_SESSION" when value is null

Needs to use array_key_exists(), not isset().

Bug: T124371
Change-Id: I794f0ec793fc91ec68393443f839cfc8a154613e

2016-01-26 13:21:57 -05:00

Brad Jorsch

4f5057b84b

SessionManager: Change behavior of getSessionById()

It's easily possible for SessionManager::getSessionById() to not be
able to load the specified session and to not be able to create an empty
one by that ID, for example if the user's token changed. So change this
from an exceptional condition to an expected one, and adjust callers to
deal with it appropriately.

Let's also make the checks for invalid data structure when loading the
session from the store delete the bogus data entirely.

At the same time, let's change the silly "$noEmpty" parameter to
"$create" and make the default behavior be not to create an empty
session.

Bug: T124126
Change-Id: I085d2026d1b366b1af9fd0e8ca3d815fd8288030

2016-01-20 12:45:26 -05:00

Brad Jorsch

a73c5b7395

Add SessionManager

SessionManager is a general-purpose session management framework, rather
than the cookie-based sessions that PHP wants to provide us.

While fallback is provided for using $_SESSION and other PHP session
management functions, they should be avoided in favor of using
SessionManager directly.

For proof-of-concept extensions, see OAuth change Ib40b221 and
CentralAuth change I27ccabdb.

Bug: T111296
Change-Id: Ic1ffea74f3ccc8f93c8a23b795ecab6f06abca72

2016-01-12 21:57:01 +00:00

3 commits