MAPG-172 don't send session if user didn't consent the cookies

This commit is contained in:
Bence Pőcze 2020-06-24 21:37:58 +02:00
parent d5d3563ddc
commit 0be20a6097

20
web.php
View File

@ -49,15 +49,19 @@ Container::$routeCollection->group('admin', function (MapGuesser\Routing\RouteCo
$routeCollection->post('admin.deleteMap', 'deleteMap/{mapId}', [MapGuesser\Controller\MapAdminController::class, 'deleteMap']); $routeCollection->post('admin.deleteMap', 'deleteMap/{mapId}', [MapGuesser\Controller\MapAdminController::class, 'deleteMap']);
}); });
Container::$sessionHandler = new MapGuesser\Session\DatabaseSessionHandler(); if (isset($_COOKIE['COOKIES_CONSENT'])) {
Container::$sessionHandler = new MapGuesser\Session\DatabaseSessionHandler();
session_set_save_handler(Container::$sessionHandler, true); session_set_save_handler(Container::$sessionHandler, true);
session_start([ session_start([
'gc_maxlifetime' => 604800, 'gc_maxlifetime' => 604800,
'cookie_lifetime' => 604800, 'cookie_lifetime' => 604800,
'cookie_httponly' => true, 'cookie_httponly' => true,
'cookie_samesite' => 'Lax' 'cookie_samesite' => 'Lax'
]); ]);
} else {
$_SESSION = [];
}
Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION); Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION);