CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
stampNew example
if (headers_sent()) {
return false;
}
if (null !== $lifetime && $lifetime != \ini_get('session.cookie_lifetime')) {
$this->save();
ini_set('session.cookie_lifetime', $lifetime);
$this->start();
}
if ($destroy) {
$this->metadataBag->stampNew();
}
return session_regenerate_id($destroy);
}
/** * @return void */
public function save()
{
// Store a copy so we can restore the bags in case the session was not left empty
return false;
}
if (null !== $lifetime && $lifetime != \ini_get('session.cookie_lifetime')) {
$this->save();
ini_set('session.cookie_lifetime', $lifetime);
$this->start();
}
if ($destroy) {
$this->metadataBag->stampNew();
}
return session_regenerate_id($destroy);
}
/** * @return void */
public function save()
{
// Store a copy so we can restore the bags in case the session was not left empty
$current_user = $this->loggedInUser;
$this->drupalLogout();
$this->drupalLogin($current_user);
}
}
/** * {@inheritdoc} */
protected function drupalLogout() {
parent::drupalLogout();
$this->container->get('session_manager.metadata_bag')->stampNew();
}
}
$this->drupalLogout();
$this->drupalLogin($current_user);
}
}
/** * {@inheritdoc} */
protected function drupalLogout() {
parent::drupalLogout();
$this->container->get('session_manager.metadata_bag')->stampNew();
}
}
if (headers_sent()) {
return false;
}
if (null !== $lifetime && $lifetime != \ini_get('session.cookie_lifetime')) {
$this->save();
ini_set('session.cookie_lifetime', $lifetime);
$this->start();
}
if ($destroy) {
$this->metadataBag->stampNew();
}
return session_regenerate_id($destroy);
}
/** * @return void */
public function save()
{
// Store a copy so we can restore the bags in case the session was not left empty
return false;
}
if (null !== $lifetime && $lifetime != \ini_get('session.cookie_lifetime')) {
$this->save();
ini_set('session.cookie_lifetime', $lifetime);
$this->start();
}
if ($destroy) {
$this->metadataBag->stampNew();
}
return session_regenerate_id($destroy);
}
/** * @return void */
public function save()
{
// Store a copy so we can restore the bags in case the session was not left empty
return $this->meta[static::CSRF_TOKEN_SEED];
}
}
/** * {@inheritdoc} * * phpcs:ignore Drupal.Commenting.FunctionComment.VoidReturn * @return void */
public function stampNew($lifetime = NULL) {
parent::stampNew($lifetime);
// Set the token seed immediately to avoid a race condition between two // simultaneous requests without a seed. $this->setCsrfTokenSeed(Crypt::randomBytesBase64());
}
}
}
}
/** * {@inheritdoc} * * phpcs:ignore Drupal.Commenting.FunctionComment.VoidReturn * @return void */
public function stampNew($lifetime = NULL) {
parent::stampNew($lifetime);
// Set the token seed immediately to avoid a race condition between two // simultaneous requests without a seed. $this->setCsrfTokenSeed(Crypt::randomBytesBase64());
}
}
class MetadataBagTest extends UnitTestCase {
/** * @covers ::stampNew */
public function testStampNew() {
$metadata = new MetadataBag(new Settings([]));
$metadata->setCsrfTokenSeed('a_cryptographically_secure_long_random_string_should_used_here');
$metadata->stampNew();
$this->assertNotEquals('a_cryptographically_secure_long_random_string_should_used_here', $metadata->getCsrfTokenSeed());
}
}
$this->loadSession();
return true;
}
public function regenerate(bool $destroy = false, int $lifetime = null): bool
{
if (!$this->started) {
$this->start();
}
$this->metadataBag->stampNew($lifetime);
$this->id = $this->generateId();
return true;
}
public function getId(): string
{
return $this->id;
}
/** * @return void */
return true;
}
public function regenerate(bool $destroy = false, int $lifetime = null): bool
{
if (!$this->started) {
$this->start();
}
$this->metadataBag->stampNew($lifetime);
$this->id = $this->generateId();
return true;
}
public function getId(): string
{
return $this->id;
}
/** * @return void */
$this->loadSession();
return true;
}
public function regenerate(bool $destroy = false, int $lifetime = null): bool
{
if (!$this->started) {
$this->start();
}
$this->metadataBag->stampNew($lifetime);
$this->id = $this->generateId();
return true;
}
public function getId(): string
{
return $this->id;
}
/** * @return void */
return true;
}
public function regenerate(bool $destroy = false, int $lifetime = null): bool
{
if (!$this->started) {
$this->start();
}
$this->metadataBag->stampNew($lifetime);
$this->id = $this->generateId();
return true;
}
public function getId(): string
{
return $this->id;
}
/** * @return void */
// Drupal will always destroy the existing session when regenerating a
// session. This is inline with the recommendations of @link https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#renew-the-session-id-after-any-privilege-level-change
// OWASP session management cheat sheet. @endlink
$destroy = TRUE;
// Cannot regenerate the session ID for non-active sessions. if (\PHP_SESSION_ACTIVE !== session_status()) {
// Ensure the metadata bag has been stamped. If the parent::regenerate() // is called prior to the session being started it will not refresh the // metadata as expected. $this->getMetadataBag()->stampNew($lifetime);
return FALSE;
}
return parent::regenerate($destroy, $lifetime);
}
/** * {@inheritdoc} */
public function delete($uid) {
// Nothing to do if we are not allowed to change the session.
// Cannot regenerate the session ID for non-active sessions. if (\PHP_SESSION_ACTIVE !== session_status()) {
// Ensure the metadata bag has been stamped. If the parent::regenerate() // is called prior to the session being started it will not refresh the // metadata as expected. $this->getMetadataBag()->stampNew($lifetime);
return FALSE;
}
return parent::regenerate($destroy, $lifetime);
}
/** * {@inheritdoc} */
public function delete($uid) {
// Nothing to do if we are not allowed to change the session.