#5811: Session component write function doesn't work in SSL ------------------------+--------------------------------------------------- Reporter: japicka | Owner: Type: Bug | Status: reopened Priority: High | Milestone: 1.2.x.x Component: Session | Version: RC3 Severity: Major | Resolution: Keywords: | Php_version: PHP 5 Cake_version: | ------------------------+--------------------------------------------------- Changes (by japicka):
* status: closed => reopened * resolution: needmoreinfo => Comment: This is the before Filter code function beforeRender() { if (isset($this->requireSSL)) { if (is_array($this->requireSSL)) { if (in_array($this->params['action'],$this->requireSSL)) { $this->Ssl->force(); } else { $this->Ssl->unforce(); } } else { $this->Ssl->unforce(); } } else { $this->Ssl->unforce(); } if( $this->Session->check( 'message' ) ) { $this->set( 'message', $this->Session->read( 'message' ) ); $this->Session->delete( 'message' ); } } This is the component <?php class SslComponent extends Object { var $components = array('RequestHandler'); var $Controller = null; function initialize(&$Controller) { $this->Controller = $Controller; } function force() { if(!$this->RequestHandler->isSSL()) { $this->Controller->redirect('https://'.$this->__url()); } } function unforce() { if($this->RequestHandler->isSSL()) { $this->Controller->redirect('http://'.$this->__urll()); } } function __urll() { $port = env('SERVER_PORT') == 443 ? '' : ':'.env('SERVER_PORT'); return env('SERVER_NAME').$port.env('REQUEST_URI'); } function __url() { $port = env('SERVER_PORT') == 80 ? '' : ':'.env('SERVER_PORT'); return env('SERVER_NAME').$port.env('REQUEST_URI'); } } ?> In the controllers in question you have a variable called requireSSL which is an array of actions in the controller that requires ssl. (i.e. login, or sign-up if credit card information is entered). If I put the code from beforeRender in beforeFilter it just redirects endlessly and the apache server errors out. Also if the action has already happened then the session variable should be set then shouldn't it, but it isn't in the ssl case. The way to test this is to put the code I have in app_controller.php beforeRender, and the component goes where it is supposed to go, then just add the array variable to an action in another controller that sets up a session variable. It will not get set in SSL mode in RC3 in RC2 it will -- Ticket URL: <https://trac.cakephp.org/ticket/5811#comment:2> CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/> Cake is a rapid development framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "tickets cakephp" group. To post to this group, send email to tickets-cakephp@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/tickets-cakephp?hl=en -~----------~----~----~----~------~----~------~--~---