ZF2-52: ::regenerateId() fails and ::rememberMe() clears session stor…

…age (http://framework.zend.com/issues/browse/ZF2-52)
zendframework · Aug 22, 2011 · 145b973 · 145b973
18 parents d92ccc9 + eb1f131 + f383de1 + abc631a + 666ec86 + e22a167 + bb8b8f6 + b55f760 + f23a913 + 9ba9f17 + d01f94f + 9c4e0cc + 63c4a7e + 9eedf95 + 980bffb + 03cf7b3 + 8bbf35d + aff3454
commit 145b973
Showing 1 changed file with 13 additions and 18 deletions.
diff --git a/src/SessionManager.php b/src/SessionManager.php
@@ -84,14 +84,16 @@ public function sessionExists()
     /**
      * Start session
      *
-     * if No sesion currently exists, attempt to start it. Calls 
-     * {@link isValid()} once session_start() is called, and raises an 
+     * if No sesion currently exists, attempt to start it. Calls
+     * {@link isValid()} once session_start() is called, and raises an
      * exception if validation fails.
-     * 
+     *
+     * @param bool $preserveStorage        If set to true, current session storage will not be overwritten by the 
+     *                                     contents of $_SESSION.
      * @return void
      * @throws Exception
      */
-    public function start()
+    public function start($preserveStorage = false)
     {
         if ($this->sessionExists()) {
             return;
@@ -107,7 +109,9 @@ public function start()
         if ($storage instanceof Storage\SessionStorage
             && $_SESSION !== $storage
         ) {
-            $storage->fromArray($_SESSION);
+            if(!$preserveStorage){
+                $storage->fromArray($_SESSION);
+            }
             $_SESSION = $storage;
         }
     }
@@ -257,9 +261,7 @@ public function regenerateId()
             session_regenerate_id();
             return $this;
         }
-        $this->destroy();
         session_regenerate_id();
-        $this->start();
         return $this;
     }
 
@@ -384,19 +386,12 @@ protected function _setSessionCookieLifetime($ttl)
             return;
         }
 
-        if ($this->sessionExists()) {
-            $this->destroy(array('send_expire_cookie' => false));
-
-            // Since a cookie was destroyed, we should regenerate the ID
-            $this->regenerateId();
-        }
-
-        // Now simply set the cookie TTL
+        // Set new cookie TTL
         $config->setCookieLifetime($ttl);
 
-        if (!$this->sessionExists()) {
-            // Restart session if necessary
-            $this->start();
+        if ($this->sessionExists()) {
+            // There is a running session so we'll regenerate id to send a new cookie
+            $this->regenerateId();
         }
     }
 }