tp6 session flash 方法当前下次请求依然可见

浏览:273 发布日期:2019/05/10
5.0.0 - 普通 - 未处理
    /**
     * Session初始化
     * @access public
     * @param Request $request
     * @param Closure $next
     * @return void
     */
    public function handle($request, Closure $next)
    {
        // Session初始化
        $varSessionId = $this->app->config->get('session.var_session_id');
        $cookieName   = $this->app->config->get('session.name') ?: 'PHPSESSID';

        if ($varSessionId && $request->request($varSessionId)) {
            $sessionId = $request->request($varSessionId);
        } else {
            $sessionId = $request->cookie($cookieName) ?: '';
        }

        $this->session->setId($sessionId);

        $request->withSession($this->session);

        $response = $next($request)->setSession($this->session);

        $this->app->cookie->set($cookieName, $this->session->getId());


        // 清空当次请求有效的数据
        if (!($response instanceof RedirectResponse)) {
            $this->session->flush();
        }

        return $response;
    }
框架是实现的方式是在中间件 SessionInit中调用$this->session->flush();    /**
     * 清空当前请求的session数据
     * @access public
     * @return void
     */
    public function flush()
    {
        if (!$this->init) {
            return;
        }

        $items = $this->get('__flash__');
        
        if (!empty($items)) {
            $time = $items['__time__'];
            if ($this->request->time(true) > $time) {
                unset($items['__time__']);

                foreach ($items as $item) {
                    $this->delete($item);
                }

                $this->set('__flash__', []);
            }
        }
    }
flush实现方式是本次请求时间与session记录的时间对比,两个在中间件中是同一个时间,导致第一次无法删除掉,flush应该改成">="
评论(
后面还有条评论,点击查看>>