From b7c558a96faadacc5a9893565bc28273640ad5ad Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Wed, 5 Oct 2016 17:26:05 +0900
Subject: [PATCH] Move session delay feature into Session class

---
 classes/context/Context.class.php | 51 ++++----------------------
 common/framework/session.php      | 60 +++++++++++++++++++++++++++++--
 2 files changed, 65 insertions(+), 46 deletions(-)

diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index cc46efcfa..b101b6a69 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -339,30 +339,11 @@ class Context
 			);
 		}
 		
-		// start session if it was previously started
-		$session_name = session_name();
-		$session_id = NULL;
-		if($session_id = $_POST[$session_name])
-		{
-			session_id($session_id);
-		}
-		else
-		{
-			$session_id = $_COOKIE[$session_name];
-		}
-
-		if($session_id !== NULL || !config('session.delay'))
-		{
-			$this->setCacheControl(0, false);
-			$relax_key_checks = ($this->act === 'procFileUpload' && preg_match('/shockwave\s?flash/i', $_SERVER['HTTP_USER_AGENT']));
-			Rhymix\Framework\Session::start($relax_key_checks);
-		}
-		else
-		{
-			$this->setCacheControl(-1, true);
-			$_SESSION = array();
-		}
+		// start session
+		$relax_key_checks = ($this->act === 'procFileUpload' && preg_match('/shockwave\s?flash/i', $_SERVER['HTTP_USER_AGENT']));
+		Rhymix\Framework\Session::start(false, $relax_key_checks);
 
+		// start output buffer
 		ob_start();
 
 		// set authentication information in Context and session
@@ -434,27 +415,9 @@ class Context
 	 * 
 	 * @return void
 	 */
-	public static function checkSessionStatus($force_start = false)
+	public static function checkSessionStatus($force = false)
 	{
-		if(self::getSessionStatus())
-		{
-			return true;
-		}
-		if($force_start || (count($_SESSION) && !headers_sent()))
-		{
-			$tempSession = $_SESSION;
-			unset($_SESSION);
-			Rhymix\Framework\Session::start();
-			foreach ($tempSession as $key => $val)
-			{
-				if ($key !== 'RHYMIX')
-				{
-					$_SESSION[$key] = $val;
-				}
-			}
-			return true;
-		}
-		return false;
+		return Rhymix\Framework\Session::checkStart($force);
 	}
 
 	/**
@@ -471,7 +434,7 @@ class Context
 		}
 		
 		// Check session status and close it if open.
-		if (self::checkSessionStatus())
+		if (Rhymix\Framework\Session::checkStart())
 		{
 			Rhymix\Framework\Session::close();
 		}
diff --git a/common/framework/session.php b/common/framework/session.php
index e8dd1b8b2..6a6eff1cd 100644
--- a/common/framework/session.php
+++ b/common/framework/session.php
@@ -57,11 +57,12 @@ class Session
 	 * 
 	 * This method is called automatically at Rhymix startup.
 	 * There is usually no need to call it manually.
-	 *
+	 * 
+	 * @param bool $force (optional)
 	 * @param bool $relax_key_checks (optional)
 	 * @return bool
 	 */
-	public static function start($relax_key_checks = false)
+	public static function start($force = false, $relax_key_checks = false)
 	{
 		// Do not start the session if it is already started.
 		if (self::$_started)
@@ -78,6 +79,19 @@ class Session
         session_set_cookie_params($lifetime, $path, $domain, false, false);
 		session_name(Config::get('session.name') ?: session_name());
 		
+		// Get session ID from POST parameter if using relaxed key checks.
+		if ($relax_key_checks && isset($_POST[session_name()]))
+		{
+			session_id($_POST[session_name()]);
+		}
+		
+		// Abort if using delayed session.
+		if(Config::get('session.delay') && !$force && !isset($_COOKIE[session_name()]))
+		{
+			$_SESSION = array();
+			return false;
+		}
+		
 		// Start the PHP native session.
 		if (!session_start())
 		{
@@ -165,6 +179,48 @@ class Session
 		}
 	}
 	
+	/**
+	 * Check if the session needs to be started.
+	 * 
+	 * This method is called automatically at Rhymix shutdown.
+	 * It is only necessary if the session is delayed.
+	 * 
+	 * @param bool $force (optional)
+	 * @return bool
+	 */
+	public static function checkStart($force = false)
+	{
+		// Return if the session is already started.
+		if (self::$_started)
+		{
+			return true;
+		}
+		
+		// Start the session if it contains data.
+		if ($force || (count($_SESSION) && !headers_sent()))
+		{
+			// Copy session data to a temporary array.
+			$temp = $_SESSION;
+			unset($_SESSION);
+			
+			// Start the session.
+			self::start(true);
+			
+			// Copy session data back to $_SESSION.
+			foreach ($temp as $key => $val)
+			{
+				if ($key !== 'RHYMIX')
+				{
+					$_SESSION[$key] = $val;
+				}
+			}
+			return true;
+		}
+		
+		// Return false if nothing needed to be done.
+		return false;
+	}
+	
 	/**
 	 * Create the data structure for a new Rhymix session.
 	 *