diff options
author | Alex Bilbie <alex@alexbilbie.com> | 2012-10-18 17:45:54 +0200 |
---|---|---|
committer | Alex Bilbie <alex@alexbilbie.com> | 2012-10-18 17:45:54 +0200 |
commit | 447d803aa38f0204777ca3c34f534f172e5c078b (patch) | |
tree | 8320749908497fd87bad82a651c411185bfaa2a9 /system/libraries/Session/drivers/Session_native.php | |
parent | 187632748fd2694dd735b48eee157744dd83f3b4 (diff) | |
parent | cf264e0d165647f30efdef1b2d944849bebf4c72 (diff) |
Merge branch 'develop' of github.com:EllisLab/CodeIgniter into codeigniter/develop
Diffstat (limited to 'system/libraries/Session/drivers/Session_native.php')
-rwxr-xr-x | system/libraries/Session/drivers/Session_native.php | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php index 6529d4c36..da744f39b 100755 --- a/system/libraries/Session/drivers/Session_native.php +++ b/system/libraries/Session/drivers/Session_native.php @@ -55,7 +55,9 @@ class CI_Session_native extends CI_Session_driver { 'sess_time_to_update', 'cookie_prefix', 'cookie_path', - 'cookie_domain' + 'cookie_domain', + 'cookie_secure', + 'cookie_httponly' ); foreach ($prefs as $key) @@ -82,6 +84,9 @@ class CI_Session_native extends CI_Session_driver { $expire = 7200; $path = '/'; $domain = ''; + $secure = (bool) $config['cookie_secure']; + $http_only = (bool) $config['cookie_httponly']; + if ($config['sess_expiration'] !== FALSE) { // Default to 2 years if expiration is "0" @@ -99,7 +104,8 @@ class CI_Session_native extends CI_Session_driver { // Use specified domain $domain = $config['cookie_domain']; } - session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain); + + session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only); // Start session session_start(); @@ -137,8 +143,12 @@ class CI_Session_native extends CI_Session_driver { if ($config['sess_time_to_update'] && isset($_SESSION['last_activity']) && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) { - // Regenerate ID, but don't destroy session - $this->sess_regenerate(FALSE); + // Changing the session ID amidst a series of AJAX calls causes problems + if( ! $this->CI->input->is_ajax_request()) + { + // Regenerate ID, but don't destroy session + $this->sess_regenerate(FALSE); + } } // Set activity time @@ -189,7 +199,7 @@ class CI_Session_native extends CI_Session_driver { { // Clear session cookie $params = session_get_cookie_params(); - setcookie($name, '', time() - 42000, $params['path'], $params['domain']); + setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); unset($_COOKIE[$name]); } session_destroy(); |