Started some tests for Session library

system/Session/Handlers/BaseHandler.php

@@ -119,7 +119,7 @@ abstract class BaseHandler implements \SessionHandlerInterface
 	 * Constructor
 	 * @param BaseConfig $config
 	 */
-	public function __construct(BaseConfig $config)
+	public function __construct($config)
 	{
 		$this->cookiePrefix = $config->cookiePrefix;
 		$this->cookieDomain = $config->cookieDomain;

system/Session/Handlers/FileHandler.php

@@ -77,7 +77,7 @@ class FileHandler extends BaseHandler implements \SessionHandlerInterface
 	 * Constructor
 	 * @param BaseConfig $config
 	 */
-	public function __construct(BaseConfig $config)
+	public function __construct($config)
 	{
 		parent::__construct($config);
 

system/Session/Session.php

@@ -50,13 +50,6 @@ class Session implements SessionInterface
 
 	use LoggerAwareTrait;
 
-	/**
-	 * Userdata array.
-	 *
-	 * Just a reference to $_SESSION, for BC purposes.
-	 */
-	protected $userdata;
-
 	/**
 	 * Instance of the driver to use.
 	 *
@@ -159,7 +152,7 @@ class Session implements SessionInterface
 	 * @param \SessionHandlerInterface $driver
 	 * @param \Config\App $config
 	 */
-	public function __construct(\SessionHandlerInterface $driver, \Config\App $config)
+	public function __construct(\SessionHandlerInterface $driver, $config)
 	{
 		$this->driver = $driver;
 
@@ -183,7 +176,7 @@ public function __construct(\SessionHandlerInterface $driver, \Config\App $confi
 	 */
 	public function start()
 	{
-		if (is_cli())
+		if (is_cli() && ENVIRONMENT !== 'testing')
 		{
 			$this->logger->debug('Session: Initialization under CLI aborted.');
 
@@ -204,9 +197,9 @@ public function start()
 
 		$this->configure();
 
-		session_set_save_handler($this->driver, true);
+        $this->setSaveHandler();
 
-		// Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
+        // Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
 		if (isset($_COOKIE[$this->sessionCookieName]) && (
 				! is_string($_COOKIE[$this->sessionCookieName]) || ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->sessionCookieName])
 				)
@@ -215,9 +208,9 @@ public function start()
 			unset($_COOKIE[$this->sessionCookieName]);
 		}
 
-		session_start();
+        $this->startSession();
 
-		// Is session ID auto-regeneration configured? (ignoring ajax requests)
+        // Is session ID auto-regeneration configured? (ignoring ajax requests)
 		if ((empty($_SERVER['HTTP_X_REQUESTED_WITH']) ||
 				strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest') && ($regenerate_time = $this->sessionTimeToUpdate) > 0
 		)
@@ -235,16 +228,8 @@ public function start()
 		// unless it is being currently created or regenerated
 		elseif (isset($_COOKIE[$this->sessionCookieName]) && $_COOKIE[$this->sessionCookieName] === session_id())
 		{
-			setcookie(
-					$this->sessionCookieName,
-					session_id(),
-					(empty($this->sessionExpiration) ? 0 : time() + $this->sessionExpiration),
-					$this->cookiePath,
-					$this->cookieDomain,
-					$this->cookieSecure,
-					true
-			);
-		}
+            $this->setCookie();
+        }
 
 		$this->initVars();
 
@@ -330,31 +315,31 @@ protected function configure()
 	 */
 	protected function initVars()
 	{
-		if (! empty($_SESSION['__ci_vars']))
-		{
-			$current_time = time();
-
-			foreach ($_SESSION['__ci_vars'] as $key => &$value)
-			{
-				if ($value === 'new')
-				{
-					$_SESSION['__ci_vars'][$key] = 'old';
-				}
-				// Hacky, but 'old' will (implicitly) always be less than time() ;)
-				// DO NOT move this above the 'new' check!
-				elseif ($value < $current_time)
-				{
-					unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]);
-				}
-			}
-
-			if (empty($_SESSION['__ci_vars']))
-			{
-				unset($_SESSION['__ci_vars']);
-			}
-		}
-
-		$this->userdata = & $_SESSION;
+		if (empty($_SESSION['__ci_vars']))
+        {
+            return;
+        }
+
+        $current_time = time();
+
+        foreach ($_SESSION['__ci_vars'] as $key => &$value)
+        {
+            if ($value === 'new')
+            {
+                $_SESSION['__ci_vars'][$key] = 'old';
+            }
+            // Hacky, but 'old' will (implicitly) always be less than time() ;)
+            // DO NOT move this above the 'new' check!
+            elseif ($value < $current_time)
+            {
+                unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]);
+            }
+        }
+
+        if (empty($_SESSION['__ci_vars']))
+        {
+            unset($_SESSION['__ci_vars']);
+        }
 	}
 
 	//--------------------------------------------------------------------
@@ -445,7 +430,8 @@ public function get(string $key = null)
 				['__ci_vars'], $this->getFlashKeys(), $this->getTempKeys()
 		);
 
-		foreach (array_keys($_SESSION) as $key)
+		$keys = array_keys($_SESSION);
+		foreach ($keys as $key)
 		{
 			if (! in_array($key, $_exclude, true))
 			{
@@ -862,5 +848,40 @@ public function getTempKeys()
 		return $keys;
 	}
 
-	//--------------------------------------------------------------------
+    /**
+     * Sets the driver as the session handler in PHP.
+     * Extracted for easier testing.
+     */
+    protected function setSaveHandler()
+    {
+        session_set_save_handler($this->driver, true);
+    }
+
+    /**
+     * Starts the session.
+     * Extracted for testing reasons.
+     */
+    protected function startSession()
+    {
+        session_start();
+    }
+
+    /**
+     * Takes care of setting the cookie on the client side.
+     * Extracted for testing reasons.
+     */
+    protected function setCookie()
+    {
+        setcookie(
+            $this->sessionCookieName,
+            session_id(),
+            (empty($this->sessionExpiration) ? 0 : time()+$this->sessionExpiration),
+            $this->cookiePath,
+            $this->cookieDomain,
+            $this->cookieSecure,
+            true
+        );
+    }
+
+    //--------------------------------------------------------------------
 }

tests/_support/Session/MockSession.php

@@ -0,0 +1,69 @@
+<?php namespace CodeIgniter\Session;
+
+/**
+ * Class MockSession
+ *
+ * Provides a safe way to test the Session class itself,
+ * that doesn't interact with the session or cookies at all.
+ */
+class MockSession extends Session
+{
+    /**
+     * Holds our "cookie" data.
+     * @var array
+     */
+    public $cookies = [];
+
+    public $didRegenerate = false;
+
+    //--------------------------------------------------------------------
+
+    /**
+     * Sets the driver as the session handler in PHP.
+     * Extracted for easier testing.
+     */
+    protected function setSaveHandler()
+    {
+//        session_set_save_handler($this->driver, true);
+    }
+
+    //--------------------------------------------------------------------
+
+    /**
+     * Starts the session.
+     * Extracted for testing reasons.
+     */
+    protected function startSession()
+    {
+//        session_start();
+    }
+
+    //--------------------------------------------------------------------
+
+    /**
+     * Takes care of setting the cookie on the client side.
+     * Extracted for testing reasons.
+     */
+    protected function setCookie()
+    {
+        $this->cookies[] = [
+            $this->sessionCookieName,
+            session_id(),
+            (empty($this->sessionExpiration) ? 0 : time()+$this->sessionExpiration),
+            $this->cookiePath,
+            $this->cookieDomain,
+            $this->cookieSecure,
+            true
+        ];
+    }
+
+    //--------------------------------------------------------------------
+
+    public function regenerate(bool $destroy = false)
+    {
+        $this->didRegenerate = true;
+        $_SESSION['__ci_last_regenerate'] = time();
+    }
+
+    //--------------------------------------------------------------------
+}