Issues in SessionConfiguration.php - All Issues - Inspection of "- Redis handler always uses the TTL in setex()" - kodedphp/session - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 4cd94b...0d0336 )

by Mihail

created 2019-12-10 21:57 UTC

SessionConfiguration.php (1 issue)

Labels

Severity

Major 1

<?php

/*
 * This file is part of the Koded package.
 *
 * (c) Mihail Binev <[email protected]>
 *
 * Please view the LICENSE distributed with this source code
 * for the full copyright and license information.
 *
 */

namespace Koded\Session;

use Koded\Stdlib\{Config, Immutable};
use Koded\Stdlib\Interfaces\ConfigurationFactory;


class SessionConfiguration extends Config
{

    public function __construct(ConfigurationFactory $settings)
    {
        $this
            ->set('name', 'session')
            ->import($settings->get('session', []))
            ->import([
                'use_strict_mode'  => '1', // enable to prevent session fixation
                'use_trans_sid'    => '0', // disable to prevent session fixation and hijacking
                'use_only_cookies' => '1', // disable session identifiers in the URLs
                'cache_limiter'    => '',  // disable response headers
                'referer_check'    => '',  // disable it, not a safe implementation (with substr() check)
            ]);

        if ($this->get('expire_at_browser_close')) {
            ini_set('session.cookie_lifetime', 0);
            $this->set('cookie_lifetime', 0);
        }

        foreach ($this as $name => $value) {
            @ini_set('session.' . $name, $value);
            /** @scrutinizer ignore-unhandled */ @ini_set('session.' . $name, $value);
        }
    }

    public function handler(): string
    {
        return $this->get('save_handler', 'files');
    }

    /**
     * Session directives for session_start() function.
     *
     * @return array
     */
    public function sessionParameters(): array
    {
        return (new Immutable($this->filter(ini_get_all('session', false), 'session.', false)))
            ->extract([
                'cache_expire',
                'cache_limiter',
                'gc_maxlifetime',
                'name',
                'referer_check',
                'serialize_handler',
                'sid_bits_per_character',
                'sid_length',
                'use_cookies',
                'use_only_cookies',
                'use_strict_mode',
                'use_trans_sid',
            ]);
    }
}


kodedphp / session

Push — master ( 4cd94b...0d0336 )

SessionConfiguration.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like