/**
* Setup Sessions
*/
protected function setupSession()
{
//setup the session based on the configuration
$this->_session = new \Foundation\Session();
//if the session name variable is empty then there is no way to login and fix it so look for an empty session name and default to the ini value if it is blank
$this->_session->setConfigVariable('name', $this->_config->getSessionName());
//cookies last forever (until browser is closed) which takes the users local clock out of the picture
//Timeouts are handled By Session internally by expiring the Session_Store
$this->_session->setConfigVariable('cookie_lifetime', 0);
//since files are stored in sessions destroy any files after one day
$this->_session->setConfigVariable('gc_maxlifetime', 86400);
$this->_session->setConfigVariable('use_only_cookies', true);
$this->_session->setConfigVariable('hash_function', 1);
$this->_session->setConfigVariable('save_path', $this->_config->getVarPath() . '/session/');
if (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
$this->_session->setConfigVariable('cookie_secure', true);
}
$this->_session->setConfigVariable('cookie_path', rtrim(dirname($_SERVER['SCRIPT_NAME']), '/\\.') . '/');
//browsers give inconsisten results when the domain is used to set the cookie, instead use an empty string to restrict the cookie to this domain
$this->_session->setConfigVariable('cookie_domain', '');
$this->_session->start();
}
