From 106a602f10a8e71a76ca502f1f1f1279586aec13 Mon Sep 17 00:00:00 2001 From: Craig Heydenburg Date: Thu, 6 Apr 2017 06:36:39 -0400 Subject: [PATCH] allow sessions to file. fixes #2001, #2186 and refs #3454 (#3522) * allow sessions to file. fixes #2001, #2186 and refs #3454 * ci and changelog * hacky fix to disable csrf_protection when using cli * update matthiasnoback/symfony-console-form to v2 * remove hack for csrf_protection * correct mistake * correct docs --- CHANGELOG-1.5.md | 3 ++ composer.lock | 34 +++++++++---------- src/app/config/config.yml | 5 +-- src/app/config/dynamic/default.yml | 3 ++ src/app/config/parameters.yml | 1 - src/docs/Core-2.0/Session.md | 17 ++++++++++ .../CoreBundle/Resources/config/session.yml | 15 ++++++-- .../Controller/AjaxInstallController.php | 10 ++---- .../Form/Type/CreateAdminType.php | 4 --- .../Form/Type/DbCredsType.php | 4 --- .../Form/Type/LocaleType.php | 4 --- .../Form/Type/LoginType.php | 4 --- .../Form/Type/RequestContextType.php | 4 --- .../Stage/Install/CompleteStage.php | 9 +++-- .../Bundle/CoreInstallerBundle/composer.json | 2 +- src/system/SecurityCenterModule/Constant.php | 18 ++++++++++ .../Controller/ConfigController.php | 20 +++++++---- .../Form/Type/ConfigType.php | 7 ++-- .../SecurityCenterModuleInstaller.php | 13 ++++++- src/system/SecurityCenterModule/composer.json | 2 +- 20 files changed, 114 insertions(+), 65 deletions(-) create mode 100644 src/docs/Core-2.0/Session.md create mode 100644 src/system/SecurityCenterModule/Constant.php diff --git a/CHANGELOG-1.5.md b/CHANGELOG-1.5.md index a0bb3ce8f0..216e106113 100644 --- a/CHANGELOG-1.5.md +++ b/CHANGELOG-1.5.md @@ -34,6 +34,8 @@ CHANGELOG - ZIKULA 1.5.x - Fixed initialisation of JavaScript polyfills (#3348, #3486). - Fixed wrong link to HTML information pages in security center configuration (#3489). - Fixed storage of lastlogin in user object (#3383). + - Fixed inability to store sessions in files (#2001). + - Re-enabled CSRF token protection in forms in installer (#2186). - Features: - Added Permission-based controls for MenuModule menu items (#3314). @@ -56,6 +58,7 @@ CHANGELOG - ZIKULA 1.5.x - gedmo/doctrine-extensions updated from 2.4.26 to 2.4.27 - jquery.mmenu updated from 5.7.8 to 6.0.2 - liip/imagine-bundle updated from 1.7.2 to 1.7.4 + - matthiasnoback/symfony-console-form updated from 1.2.0 to 2.3.0 - monolog/monolog updated from 1.22.0 to 1.22.1 - paragonie/random_compat updated from 2.0.9 to 2.0.10 - phpdocumentor/reflection-common installed at 1.0 diff --git a/composer.lock b/composer.lock index 14e7219367..f0685ca9b9 100644 --- a/composer.lock +++ b/composer.lock @@ -2684,33 +2684,33 @@ }, { "name": "matthiasnoback/symfony-console-form", - "version": "v1.2.0", + "version": "v2.3.0", "source": { "type": "git", "url": "https://github.com/matthiasnoback/symfony-console-form.git", - "reference": "2d2337827202eade7330a211b4665919f2887575" + "reference": "56433b5bf9e58e7f37228955e56a290cdc53eb69" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/matthiasnoback/symfony-console-form/zipball/2d2337827202eade7330a211b4665919f2887575", - "reference": "2d2337827202eade7330a211b4665919f2887575", + "url": "https://api.github.com/repos/matthiasnoback/symfony-console-form/zipball/56433b5bf9e58e7f37228955e56a290cdc53eb69", + "reference": "56433b5bf9e58e7f37228955e56a290cdc53eb69", "shasum": "" }, "require": { - "php": ">=5.4", - "symfony/console": "~2.5", - "symfony/form": "~2.5" + "php": ">=5.5", + "symfony/console": "~2.8|~3.0", + "symfony/form": "~2.8|~3.0" }, "require-dev": { "beberlei/assert": "~2.1", "behat/behat": "~3.0", - "fabpot/php-cs-fixer": "^1.10", - "symfony/console": "~2.5", - "symfony/finder": "~2.5", - "symfony/form": "~2.5", - "symfony/framework-bundle": "~2.5", - "symfony/validator": "~2.5", - "symfony/yaml": "~2.5" + "friendsofphp/php-cs-fixer": "^1.10", + "phpunit/phpunit": "^4.8", + "symfony/finder": "~2.8|~3.0", + "symfony/framework-bundle": "~2.8|~3.0", + "symfony/security": "~2.8|~3.0", + "symfony/validator": "~2.8|~3.0", + "symfony/yaml": "~2.8|~3.0" }, "type": "library", "autoload": { @@ -2736,7 +2736,7 @@ "form", "symfony" ], - "time": "2015-11-27T19:49:00+00:00" + "time": "2017-02-09T16:06:51+00:00" }, { "name": "matthiasnoback/symfony-service-definition-validator", @@ -4816,7 +4816,7 @@ ], "description": "Based on the theme Andreas08 by Andreas Viklund", "support": { - "source": "https://github.com/zikula/ZikulaAndreas08Theme/tree/master", + "source": "https://github.com/zikula/ZikulaAndreas08Theme/tree/2.0.0", "issues": "https://github.com/zikula/ZikulaAndreas08Theme/issues" }, "time": "2017-04-05T15:20:06+00:00" @@ -5324,7 +5324,7 @@ ], "description": "The SeaBreeze theme is a browser-oriented theme.", "support": { - "source": "https://github.com/zikula/ZikulaSeaBreezeTheme/tree/master", + "source": "https://github.com/zikula/ZikulaSeaBreezeTheme/tree/4.0.0", "issues": "https://github.com/zikula/ZikulaSeaBreezeTheme/issues" }, "time": "2017-04-05T15:20:18+00:00" diff --git a/src/app/config/config.yml b/src/app/config/config.yml index 4da98c9c2e..b4bef4c776 100644 --- a/src/app/config/config.yml +++ b/src/app/config/config.yml @@ -26,8 +26,9 @@ framework: trusted_proxies: ~ session: name: "%zikula.session.name%" - handler_id: zikula_core.bridge.http_foundation.doctrine_session_handler - storage_id: zikula_core.bridge.http_foundation.zikula_session_storage + handler_id: "%zikula.session.handler_id%" + storage_id: "%zikula.session.storage_id%" + save_path: "%zikula.session.save_path%" cookie_httponly: false # must be false for ajax tokens to work but increases chance of XSS attack fragments: ~ diff --git a/src/app/config/dynamic/default.yml b/src/app/config/dynamic/default.yml index 7310e4329f..6a9265e909 100644 --- a/src/app/config/dynamic/default.yml +++ b/src/app/config/dynamic/default.yml @@ -18,6 +18,9 @@ swiftmailer: disable_delivery: false parameters: zikula.session.name: _zsid + zikula.session.handler_id: 'session.handler.native_file' #default symfony value + zikula.session.storage_id: 'zikula_core.bridge.http_foundation.zikula_session_storage_file' #'session.storage.native' default symfony value + zikula.session.save_path: '%kernel.cache_dir%/sessions' #default symfony value # multisites configuration does nothing unless the Multisites module is installed and configured properly. multisites: enabled: false diff --git a/src/app/config/parameters.yml b/src/app/config/parameters.yml index b953c6fb86..f094b661d2 100644 --- a/src/app/config/parameters.yml +++ b/src/app/config/parameters.yml @@ -31,7 +31,6 @@ parameters: secret: ThisTokenIsNotSoSecretChangeIt url_secret: ~ - zikula.session.name: _zsid assets_version: ~ #e.g. 'v1' zikula_asset_manager.combine: true zikula_asset_manager.lifetime: "1 day" diff --git a/src/docs/Core-2.0/Session.md b/src/docs/Core-2.0/Session.md new file mode 100644 index 0000000000..c4af39f76c --- /dev/null +++ b/src/docs/Core-2.0/Session.md @@ -0,0 +1,17 @@ +Session Information +=================== + +Sessions can be stored in the Database or in the Filesystem. This choice as well as a few configuration options +can be set in the ZikulaSecurityCenterModule: + +The following configuration options are converted to a dynamic config and stored in `/src/app/config/dynamic/generated.yml` + - zikula.session.name: _zsid + - zikula.session.handler_id: + 'session.handler.native_file' + or + 'zikula_core.bridge.http_foundation.doctrine_session_handler' + - zikula.session.storage_id: + 'zikula_core.bridge.http_foundation.zikula_session_storage_doctrine' + or + 'zikula_core.bridge.http_foundation.zikula_session_storage_file' + - zikula.session.save_path: '%kernel.cache_dir%/sessions' #default symfony value diff --git a/src/lib/Zikula/Bundle/CoreBundle/Resources/config/session.yml b/src/lib/Zikula/Bundle/CoreBundle/Resources/config/session.yml index cb24817df4..62bc305ffa 100644 --- a/src/lib/Zikula/Bundle/CoreBundle/Resources/config/session.yml +++ b/src/lib/Zikula/Bundle/CoreBundle/Resources/config/session.yml @@ -7,10 +7,9 @@ services: - "@zikula_extensions_module.api.variable" - "%installed%" calls: - - [setStorage, ["@zikula_core.bridge.http_foundation.zikula_session_storage"]] + - [setStorage, ["@zikula_core.bridge.http_foundation.zikula_session_storage_doctrine"]] - - zikula_core.bridge.http_foundation.zikula_session_storage: + zikula_core.bridge.http_foundation.zikula_session_storage_doctrine: class: Zikula\Bridge\HttpFoundation\ZikulaSessionStorage arguments: - "@zikula_extensions_module.api.variable" @@ -19,3 +18,13 @@ services: - "@=null" calls: - [setSaveHandler, ["@zikula_core.bridge.http_foundation.doctrine_session_handler"]] + + zikula_core.bridge.http_foundation.zikula_session_storage_file: + class: Zikula\Bridge\HttpFoundation\ZikulaSessionStorage + arguments: + - "@zikula_extensions_module.api.variable" + - "%session.storage.options%" + - "@=null" + - "@=null" + calls: + - [setSaveHandler, ["@session.handler.native_file"]] diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Controller/AjaxInstallController.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Controller/AjaxInstallController.php index 4b36d59c72..a95d7d49e6 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Controller/AjaxInstallController.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Controller/AjaxInstallController.php @@ -178,19 +178,13 @@ private function updateAdmin() { $entityManager = $this->container->get('doctrine')->getManager(); $params = $this->decodeParameters($this->yamlManager->getParameters()); - - // prepare the data - $username = mb_strtolower($params['username']); - - $nowUTC = new \DateTime(null, new \DateTimeZone('UTC')); - /** @var \Zikula\UsersModule\Entity\UserEntity $userEntity */ $userEntity = $entityManager->find('ZikulaUsersModule:UserEntity', 2); $userEntity->setUname($params['username']); $userEntity->setEmail($params['email']); $userEntity->setActivated(1); - $userEntity->setUser_Regdate($nowUTC); - $userEntity->setLastlogin($nowUTC); + $userEntity->setUser_Regdate(new \DateTime()); + $userEntity->setLastlogin(new \DateTime()); $entityManager->persist($userEntity); $mapping = new AuthenticationMappingEntity(); diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/CreateAdminType.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/CreateAdminType.php index d40ca0c742..4c1c5c5315 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/CreateAdminType.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/CreateAdminType.php @@ -79,11 +79,7 @@ public function getBlockPrefix() public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults([ - 'csrf_protection' => false, 'translator' => new IdentityTranslator() -// 'csrf_field_name' => '_token', -// // a unique key to help generate the secret token -// 'intention' => '_zk_bdcreds', ]); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/DbCredsType.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/DbCredsType.php index f58d6333bd..a80b8d806b 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/DbCredsType.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/DbCredsType.php @@ -119,11 +119,7 @@ public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults([ 'constraints' => new ValidPdoConnection(), - 'csrf_protection' => false, 'translator' => new IdentityTranslator() -// 'csrf_field_name' => '_token', -// // a unique key to help generate the secret token -// 'intention' => '_zk_bdcreds', ]); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LocaleType.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LocaleType.php index 6d6970c4d7..387e3ce971 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LocaleType.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LocaleType.php @@ -42,13 +42,9 @@ public function getBlockPrefix() public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults([ - 'csrf_protection' => false, 'choices' => ['English' => 'en'], 'choice' => 'en', 'translator' => new IdentityTranslator() -// 'csrf_field_name' => '_token', -// // a unique key to help generate the secret token -// 'intention' => '_zk_bdcreds', ]); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LoginType.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LoginType.php index 7bf6251553..ed8c340ab5 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LoginType.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/LoginType.php @@ -55,11 +55,7 @@ public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults([ 'constraints' => new AuthenticateAdminLogin(), - 'csrf_protection' => false, 'translator' => new IdentityTranslator() -// 'csrf_field_name' => '_token', -// // a unique key to help generate the secret token -// 'intention' => '_zk_bdcreds', ]); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/RequestContextType.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/RequestContextType.php index 424df7d134..11924bd345 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/RequestContextType.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Form/Type/RequestContextType.php @@ -61,11 +61,7 @@ public function getBlockPrefix() public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults([ - 'csrf_protection' => false, 'translator' => new IdentityTranslator() -// 'csrf_field_name' => '_token', -// // a unique key to help generate the secret token -// 'intention' => '_zk_bdcreds', ]); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/Stage/Install/CompleteStage.php b/src/lib/Zikula/Bundle/CoreInstallerBundle/Stage/Install/CompleteStage.php index 156a5595b9..05f459d60a 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/Stage/Install/CompleteStage.php +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/Stage/Install/CompleteStage.php @@ -60,14 +60,19 @@ public function getTemplateParams() public function getResponse(Request $request) { + $router = $this->container->get('router'); if ($this->sendEmailToAdmin($request)) { $request->getSession()->getFlashBag()->add('success', $this->__('Congratulations! Zikula has been successfully installed.')); + $request->getSession()->getFlashBag()->add('info', $this->__f( + 'Session are currently configured to use the filesystem. It is recommended that you change this to use the database. Click %here% to configure.', + ['%here%' => '' . $this->__('Security Center') . ''] + )); - return new RedirectResponse($this->container->get('router')->generate('zikulaadminmodule_admin_adminpanel', [], RouterInterface::ABSOLUTE_URL)); + return new RedirectResponse($router->generate('zikulaadminmodule_admin_adminpanel', [], RouterInterface::ABSOLUTE_URL)); } else { $request->getSession()->getFlashBag()->add('warning', $this->__('Email settings are not yet configured. Please configure them below.')); - return new RedirectResponse($this->container->get('router')->generate('zikulamailermodule_config_config', [], RouterInterface::ABSOLUTE_URL)); + return new RedirectResponse($router->generate('zikulamailermodule_config_config', [], RouterInterface::ABSOLUTE_URL)); } } diff --git a/src/lib/Zikula/Bundle/CoreInstallerBundle/composer.json b/src/lib/Zikula/Bundle/CoreInstallerBundle/composer.json index d3603eb660..38103bcc3f 100644 --- a/src/lib/Zikula/Bundle/CoreInstallerBundle/composer.json +++ b/src/lib/Zikula/Bundle/CoreInstallerBundle/composer.json @@ -14,7 +14,7 @@ "require": { "php": ">=5.4.1", "symfony/framework-bundle": "~2.0", - "matthiasnoback/symfony-console-form": "1.*", + "matthiasnoback/symfony-console-form": "2.*", "zikula/wizard": "1.4.*" }, "autoload": { diff --git a/src/system/SecurityCenterModule/Constant.php b/src/system/SecurityCenterModule/Constant.php new file mode 100644 index 0000000000..15e7fa807e --- /dev/null +++ b/src/system/SecurityCenterModule/Constant.php @@ -0,0 +1,18 @@ +createForm('Zikula\SecurityCenterModule\Form\Type\ConfigType', + $form = $this->createForm(ConfigType::class, $modVars, [ 'translator' => $this->get('translator.default') ] @@ -68,7 +70,6 @@ public function configAction(Request $request) if ($form->get('save')->isClicked()) { $formData = $form->getData(); - // Update module variables. $updateCheck = isset($formData['updatecheck']) ? $formData['updatecheck'] : 1; $this->setSystemVar('updatecheck', $updateCheck); @@ -128,12 +129,13 @@ public function configAction(Request $request) // check if sessionsavepath is a dir and if it is writable // if yes, we need to logout - $causeLogout = is_dir($sessionSavePath) ? is_writable($sessionSavePath) : false; - $storeTypeCanBeWritten = $causeLogout; + $storeTypeCanBeWritten = is_dir($sessionSavePath) ? is_writable($sessionSavePath) : false; + $causeLogout = $storeTypeCanBeWritten; - if ($causeLogout == false) { + if ($storeTypeCanBeWritten == false) { // an error occured - we do not change the way of storing session data $this->addFlash('error', $this->__('Error! Session path not writeable!')); + $sessionSavePath = ''; } } if ($storeTypeCanBeWritten == true) { @@ -180,9 +182,15 @@ public function configAction(Request $request) $causeLogout = true; } - // set the session name in custom_parameters.yml + // set the session information in /src/app/config/dynamic/generated.yml $configDumper = $this->get('zikula.dynamic_config_dumper'); $configDumper->setParameter('zikula.session.name', $newSessionName); + $sessionHandlerId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'session.handler.native_file' : 'zikula_core.bridge.http_foundation.doctrine_session_handler'; + $configDumper->setParameter('zikula.session.handler_id', $sessionHandlerId); + $sessionStorageId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'zikula_core.bridge.http_foundation.zikula_session_storage_file' : 'zikula_core.bridge.http_foundation.zikula_session_storage_doctrine'; + $configDumper->setParameter('zikula.session.storage_id', $sessionStorageId); // Symfony default is 'session.storage.native' + $zikulaSessionSavePath = empty($sessionSavePath) ? '%kernel.cache_dir%/sessions' : $sessionSavePath; + $configDumper->setParameter('zikula.session.save_path', $zikulaSessionSavePath); // set the session name in the current container $this->get('service_container')->setParameter('zikula.session.name', $newSessionName); diff --git a/src/system/SecurityCenterModule/Form/Type/ConfigType.php b/src/system/SecurityCenterModule/Form/Type/ConfigType.php index c5d1588796..915db136e7 100644 --- a/src/system/SecurityCenterModule/Form/Type/ConfigType.php +++ b/src/system/SecurityCenterModule/Form/Type/ConfigType.php @@ -14,6 +14,7 @@ use Symfony\Component\Form\AbstractType; use Symfony\Component\Form\FormBuilderInterface; use Symfony\Component\OptionsResolver\OptionsResolver; +use Zikula\SecurityCenterModule\Constant; /** * Configuration form type class. @@ -134,8 +135,8 @@ public function buildForm(FormBuilderInterface $builder, array $options) 'label' => $translator->__('Store sessions'), 'empty_data' => 0, 'choices' => [ - $translator->__('File') => 1, - $translator->__('Database (recommended)') => 0 + $translator->__('File') => Constant::SESSION_STORAGE_FILE, + $translator->__('Database (recommended)') => Constant::SESSION_STORAGE_DATABASE ], 'choices_as_values' => true, 'expanded' => true, @@ -146,7 +147,7 @@ public function buildForm(FormBuilderInterface $builder, array $options) 'label' => $translator->__('Path for saving session files'), 'empty_data' => '', 'required' => false, - 'alert' => [$translator->__("Notice: If you change 'Where to save sessions' to 'File' then you must enter a path in the 'Path for saving session files' box above. The path must be writeable.") => 'info'], + 'alert' => [$translator->__("Notice: If you change 'Where to save sessions' to 'File' then you must enter a path in the 'Path for saving session files' box above. The path must be writeable. Leave value empty for default location '%kernel.cache_dir%/sessions'") => 'info'], 'help' => $translator->__('More information: http://www.php.net/manual/en/session.configuration.php#ini.session.save-path') ]) ->add('gc_probability', 'Symfony\Component\Form\Extension\Core\Type\IntegerType', [ diff --git a/src/system/SecurityCenterModule/SecurityCenterModuleInstaller.php b/src/system/SecurityCenterModule/SecurityCenterModuleInstaller.php index 1f55cae3c9..a03dd50384 100644 --- a/src/system/SecurityCenterModule/SecurityCenterModuleInstaller.php +++ b/src/system/SecurityCenterModule/SecurityCenterModuleInstaller.php @@ -52,7 +52,7 @@ public function install() $this->setSystemVar('seclevel', 'Medium'); $this->setSystemVar('secmeddays', 7); $this->setSystemVar('secinactivemins', 20); - $this->setSystemVar('sessionstoretofile', 0); + $this->setSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_FILE); $this->setSystemVar('sessionsavepath', ''); $this->setSystemVar('gc_probability', 100); $this->setSystemVar('sessioncsrftokenonetime', 1); // 1 means use same token for entire session @@ -242,6 +242,17 @@ public function upgrade($oldVersion) $this->setSystemVar('idsrulepath', 'system/SecurityCenterModule/Resources/config/phpids_zikula_default.xml'); } case '1.5.1': + // set the session information in /src/app/config/dynamic/generated.yml + $configDumper = $this->container->get('zikula.dynamic_config_dumper'); + $sessionStoreToFile = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_DATABASE); + $sessionHandlerId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'session.handler.native_file' : 'zikula_core.bridge.http_foundation.doctrine_session_handler'; + $configDumper->setParameter('zikula.session.handler_id', $sessionHandlerId); + $sessionStorageId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'zikula_core.bridge.http_foundation.zikula_session_storage_file' : 'zikula_core.bridge.http_foundation.zikula_session_storage_doctrine'; + $configDumper->setParameter('zikula.session.storage_id', $sessionStorageId); // Symfony default is 'session.storage.native' + $sessionSavePath = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionsavepath', ''); + $zikulaSessionSavePath = empty($sessionSavePath) ? '%kernel.cache_dir%/sessions' : $sessionSavePath; + $configDumper->setParameter('zikula.session.save_path', $zikulaSessionSavePath); + case '1.5.2': // current version } diff --git a/src/system/SecurityCenterModule/composer.json b/src/system/SecurityCenterModule/composer.json index 66cbe3537a..9846f6fbfd 100644 --- a/src/system/SecurityCenterModule/composer.json +++ b/src/system/SecurityCenterModule/composer.json @@ -1,6 +1,6 @@ { "name": "zikula/securitycenter-module", - "version": "1.5.1", + "version": "1.5.2", "description": "Security administration", "type": "zikula-module", "license": "LGPL-3.0+",