public function NativeSessionStorage::regenerate in Zircon Profile 8
Same name and namespace in other branches
- 8.0 vendor/symfony/http-foundation/Session/Storage/NativeSessionStorage.php \Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage::regenerate()
Regenerates id that represents this storage.
This method must invoke session_regenerate_id($destroy) unless this interface is used for a storage object designed for unit or functional testing where a real PHP session would interfere with testing.
Note regenerate+destroy should not clear the session data in memory only delete the session data from persistent storage.
Care: When regenerating the session ID no locking is involved in PHPs session design. See https://bugs.php.net/bug.php?id=61470 for a discussion. So you must make sure the regenerated session is saved BEFORE sending the headers with the new ID. Symfonys HttpKernel offers a listener for this. See Symfony\Component\HttpKernel\EventListener\SaveSessionListener. Otherwise session data could get lost again for concurrent requests with the new ID. One result could be that you get logged out after just logging in.
Parameters
bool $destroy Destroy session when regenerating?:
int $lifetime Sets the cookie lifetime for the session cookie. A null value: will leave the system settings unchanged, 0 sets the cookie to expire with browser session. Time is in seconds, and is not a Unix timestamp.
Return value
bool True if session regenerated, false if error
Throws
\RuntimeException If an error occurs while regenerating this storage
Overrides SessionStorageInterface::regenerate
1 method overrides NativeSessionStorage::regenerate()
- SessionManager::regenerate in core/
lib/ Drupal/ Core/ Session/ SessionManager.php - Regenerates id that represents this storage.
File
- vendor/
symfony/ http-foundation/ Session/ Storage/ NativeSessionStorage.php, line 196
Class
- NativeSessionStorage
- This provides a base class for session attribute storage.
Namespace
Symfony\Component\HttpFoundation\Session\StorageCode
public function regenerate($destroy = false, $lifetime = null) {
// Cannot regenerate the session ID for non-active sessions.
if (PHP_VERSION_ID >= 50400 && \PHP_SESSION_ACTIVE !== session_status()) {
return false;
}
// Check if session ID exists in PHP 5.3
if (PHP_VERSION_ID < 50400 && '' === session_id()) {
return false;
}
if (null !== $lifetime) {
ini_set('session.cookie_lifetime', $lifetime);
}
if ($destroy) {
$this->metadataBag
->stampNew();
}
$isRegenerated = session_regenerate_id($destroy);
// The reference to $_SESSION in session bags is lost in PHP7 and we need to re-create it.
// @see https://bugs.php.net/bug.php?id=70013
$this
->loadSession();
return $isRegenerated;
}