assert_equal(true, $krumb["secure"]);
assert_equal(true, $krumb["httponly"]);
});
it("sets the secret key", function ($args) {
$cookie = $args[0];
assert_equal("819b03089487407e44177a2bbec6ee270cfc2964785558d63b489e4cf4d3c9dfefe27b2fc188d4beb96471e1d5c68478dfbbbab43df51cef3e7450236d38d746", $cookie->secret);
});
it("returns values stored in session for a new request", function ($args) {
$cookie = $args[0];
$cookie->set("name", "fernyb");
$cookie->set("age", "24");
$cookie->set("id", "100");
$cookie->save();
$session_data = $cookie->session_data;
$new_request = new CookieStore();
$new_request->initialize(array("session_key" => $cookie->key, "secret" => $cookie->secret));
$new_request->load_session($session_data);
assert_equal("fernyb", $new_request->params["name"]);
assert_equal("24", $new_request->params["age"]);
assert_equal("100", $new_request->params["id"]);
});
it("does not load the session when its tampered", function ($a) {
$cookie = $a[0];
$cookie->set("name", "fernyb");
$cookie->set("id", "100");
$cookie->save();
$session_data = $cookie->session_data;
list($data, $signature) = explode("--", $session_data, 2);
$new_data = base64_decode($data);
$new_data = unserialize($new_data);
# make changes to the data
