MAPG-172 don't send session if user didn't consent the cookies

This commit is contained in:
Bence Pőcze 2020-06-24 21:37:58 +02:00
parent d5d3563ddc
commit 0be20a6097

View File

@ -49,6 +49,7 @@ Container::$routeCollection->group('admin', function (MapGuesser\Routing\RouteCo
$routeCollection->post('admin.deleteMap', 'deleteMap/{mapId}', [MapGuesser\Controller\MapAdminController::class, 'deleteMap']);
});
if (isset($_COOKIE['COOKIES_CONSENT'])) {
Container::$sessionHandler = new MapGuesser\Session\DatabaseSessionHandler();
session_set_save_handler(Container::$sessionHandler, true);
@ -58,6 +59,9 @@ session_start([
'cookie_httponly' => true,
'cookie_samesite' => 'Lax'
]);
} else {
$_SESSION = [];
}
Container::$request = new MapGuesser\Request\Request($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'], $_GET, $_POST, $_SESSION);