diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php index 52c7706456..52369bbffa 100644 --- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php +++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php @@ -470,6 +470,12 @@ class Configuration implements ConfigurationInterface $rootNode ->children() ->arrayNode('session') + ->validate() + ->ifTrue(function ($v) { + return empty($v['handler_id']) && !empty($v['save_path']); + }) + ->thenInvalid('Session save path is ignored without a handler service') + ->end() ->info('session configuration') ->canBeEnabled() ->children() @@ -498,7 +504,7 @@ class Configuration implements ConfigurationInterface ->defaultTrue() ->setDeprecated('The "%path%.%node%" option is enabled by default and deprecated since Symfony 3.4. It will be always enabled in 4.0.') ->end() - ->scalarNode('save_path')->defaultValue('%kernel.cache_dir%/sessions')->end() + ->scalarNode('save_path')->end() ->integerNode('metadata_update_threshold') ->defaultValue('0') ->info('seconds to wait between 2 session metadata updates') diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php index bacd35b910..8243ac65fd 100644 --- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php +++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php @@ -877,6 +877,11 @@ class FrameworkExtension extends Extension // session handler (the internal callback registered with PHP session management) if (null === $config['handler_id']) { + // If the user set a save_path without using a non-default \SessionHandler, it will silently be ignored + if (isset($config['save_path'])) { + throw new LogicException('Session save path is ignored without a handler service'); + } + // Set the handler class to be null $container->getDefinition('session.storage.native')->replaceArgument(1, null); $container->getDefinition('session.storage.php_bridge')->replaceArgument(0, null); @@ -884,6 +889,10 @@ class FrameworkExtension extends Extension $container->setAlias('session.handler', $config['handler_id'])->setPrivate(true); } + if (!isset($config['save_path'])) { + $config['save_path'] = ini_get('session.save_path'); + } + $container->setParameter('session.save_path', $config['save_path']); if (\PHP_VERSION_ID < 70000) { diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php index 91764a642e..b1dea4cba4 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php +++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php @@ -378,7 +378,6 @@ class ConfigurationTest extends TestCase 'handler_id' => 'session.handler.native_file', 'cookie_httponly' => true, 'gc_probability' => 1, - 'save_path' => '%kernel.cache_dir%/sessions', 'metadata_update_threshold' => '0', 'use_strict_mode' => true, ], diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/session_savepath.php b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/session_savepath.php new file mode 100644 index 0000000000..89841bca43 --- /dev/null +++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/session_savepath.php @@ -0,0 +1,8 @@ +loadFromExtension('framework', [ + 'session' => [ + 'handler_id' => null, + 'save_path' => '/some/path', + ], +]); diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/session_savepath.xml b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/session_savepath.xml new file mode 100644 index 0000000000..a9ddd8016b --- /dev/null +++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/session_savepath.xml @@ -0,0 +1,12 @@ + + + + + + + + diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/session_savepath.yml b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/session_savepath.yml new file mode 100644 index 0000000000..174ebe5869 --- /dev/null +++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/session_savepath.yml @@ -0,0 +1,4 @@ +framework: + session: + handler_id: null + save_path: /some/path diff --git a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php index 73c33a3f50..ce305d16cc 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php +++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php @@ -23,6 +23,7 @@ use Symfony\Component\Cache\Adapter\DoctrineAdapter; use Symfony\Component\Cache\Adapter\FilesystemAdapter; use Symfony\Component\Cache\Adapter\ProxyAdapter; use Symfony\Component\Cache\Adapter\RedisAdapter; +use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException; use Symfony\Component\DependencyInjection\ChildDefinition; use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface; use Symfony\Component\DependencyInjection\ContainerBuilder; @@ -473,6 +474,12 @@ abstract class FrameworkExtensionTest extends TestCase $this->assertNull($container->getDefinition('session.storage.php_bridge')->getArgument(0)); } + public function testNullSessionHandlerWithSavePath() + { + $this->expectException(InvalidConfigurationException::class); + $this->createContainerFromFile('session_savepath'); + } + public function testRequest() { $container = $this->createContainerFromFile('full');