/** * Helper method to initialize a session, based on CakePHP core settings. * * Sessions can be configured with a few shortcut names as well as have any number of ini settings declared. * * @return void * @throws CakeSessionException Throws exceptions when ini_set() fails. */ protected static function _configureSession() { $sessionConfig = Configure::read('Session'); if (isset($sessionConfig['defaults'])) { $defaults = self::_defaultConfig($sessionConfig['defaults']); if ($defaults) { $sessionConfig = Hash::merge($defaults, $sessionConfig); } } if (!isset($sessionConfig['ini']['session.cookie_secure']) && env('HTTPS')) { $sessionConfig['ini']['session.cookie_secure'] = 1; } if (isset($sessionConfig['timeout']) && !isset($sessionConfig['cookieTimeout'])) { $sessionConfig['cookieTimeout'] = $sessionConfig['timeout']; } if (!isset($sessionConfig['ini']['session.cookie_lifetime'])) { $sessionConfig['ini']['session.cookie_lifetime'] = $sessionConfig['cookieTimeout'] * 60; } if (!isset($sessionConfig['ini']['session.name'])) { $sessionConfig['ini']['session.name'] = $sessionConfig['cookie']; } self::$_cookieName = $sessionConfig['ini']['session.name']; if (!empty($sessionConfig['handler'])) { $sessionConfig['ini']['session.save_handler'] = 'user'; } if (!isset($sessionConfig['ini']['session.gc_maxlifetime'])) { $sessionConfig['ini']['session.gc_maxlifetime'] = $sessionConfig['timeout'] * 60; } if (!isset($sessionConfig['ini']['session.cookie_httponly'])) { $sessionConfig['ini']['session.cookie_httponly'] = 1; } if (empty($_SESSION)) { if (!empty($sessionConfig['ini']) && is_array($sessionConfig['ini'])) { foreach ($sessionConfig['ini'] as $setting => $value) { if (ini_set($setting, $value) === false) { throw new CakeSessionException(__d('cake_dev', 'Unable to configure the session, setting %s failed.', $setting)); } } } } if (!empty($sessionConfig['handler']) && !isset($sessionConfig['handler']['engine'])) { call_user_func_array('session_set_save_handler', $sessionConfig['handler']); } if (!empty($sessionConfig['handler']['engine'])) { $handler = self::_getHandler($sessionConfig['handler']['engine']); session_set_save_handler(array($handler, 'open'), array($handler, 'close'), array($handler, 'read'), array($handler, 'write'), array($handler, 'destroy'), array($handler, 'gc')); } Configure::write('Session', $sessionConfig); self::$sessionTime = self::$time + $sessionConfig['timeout'] * 60; }