diff options
Diffstat (limited to 'system/libraries/Session/Session_driver.php')
| -rw-r--r-- | system/libraries/Session/Session_driver.php | 52 |
1 files changed, 23 insertions, 29 deletions
diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 14ebdb09f..b1b1b073e 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -abstract class CI_Session_driver implements SessionHandlerInterface { +abstract class CI_Session_driver { protected $_config; @@ -139,14 +140,28 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected function _cookie_destroy() { + if ( ! is_php('7.3')) + { + $header = 'Set-Cookie: '.$this->_config['cookie_name'].'='; + $header .= '; Expires='.gmdate('D, d-M-Y H:i:s T', 1).'; Max-Age=-1'; + $header .= '; Path='.$this->_config['cookie_path']; + $header .= ($this->_config['cookie_domain'] !== '' ? '; Domain='.$this->_config['cookie_domain'] : ''); + $header .= ($this->_config['cookie_secure'] ? '; Secure' : '').'; HttpOnly; SameSite='.$this->_config['cookie_samesite']; + header($header); + return; + } + return setcookie( $this->_config['cookie_name'], NULL, - 1, - $this->_config['cookie_path'], - $this->_config['cookie_domain'], - $this->_config['cookie_secure'], - TRUE + array( + 'expires' => 1, + 'path' => $this->_config['cookie_path'], + 'domain' => $this->_config['cookie_domain'], + 'secure' => $this->_config['cookie_secure'], + 'httponly' => TRUE, + 'samesite' => $this->_config['cookie_samesite'] + ) ); } @@ -184,25 +199,4 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } - - // ------------------------------------------------------------------------ - - /** - * Fail - * - * Drivers other than the 'files' one don't (need to) use the - * session.save_path INI setting, but that leads to confusing - * error messages emitted by PHP when open() or write() fail, - * as the message contains session.save_path ... - * To work around the problem, the drivers will call this method - * so that the INI is set just in time for the error message to - * be properly generated. - * - * @return mixed - */ - protected function _fail() - { - ini_set('session.save_path', config_item('sess_save_path')); - return $this->_failure; - } } |