/** * Load the session for the current request. * * @param string $id * @return void */ public function load($id) { if (!is_null($id)) { $this->session = $this->driver->load($id); } // If the session doesn't exist or is invalid we will create a new session // array and mark the session as being non-existent. Some drivers, such as // the database driver, need to know whether it exists. if (is_null($this->session) or static::expired($this->session)) { $this->exists = false; $this->session = $this->driver->fresh(); } // A CSRF token is stored in every session. The token is used by the Form // class and the "csrf" filter to protect the application from cross-site // request forgery attacks. The token is simply a random string. if (!$this->has(Session::csrf_token)) { $this->put(Session::csrf_token, Str::random(40)); } }
/** * Load the session for the current request. * * @param string $id * @return void */ public function load($id) { if (!is_null($id)) { $this->session = $this->driver->load($id); } // If the session doesn't exist or is invalid, we will create a new session // array and mark the session as being non-existent. Some drivers, such as // the database driver, need to know whether the session exists in storage // so they can know whether to insert or update the session. if (is_null($this->session) or static::expired($this->session)) { $this->exists = false; $this->session = array('id' => Str::random(40), 'data' => array(':new:' => array(), ':old:' => array())); } // A CSRF token is stored in every session. The token is used by the Form // class and the "csrf" filter to protect the application from cross-site // request forgery attacks. The token is simply a long, random string // which should be posted with each request to the application. if (!$this->has(Session::csrf_token)) { $this->put(Session::csrf_token, Str::random(40)); } }