Skip to content

GitLab

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

foodsharing-dev
foodsharing
Merge requests
!2999

Draft: Clean up $_SESSION access only via Session-Class

Review changes
Download
Patches
Plain diff

KoeMai requested to merge 1769-clean-up-access-to-session into master Dec 30, 2023

Overview 2
Commits 21
Pipelines 20
Changes 54

Closes #1769

What does this MR do?

The future refactoring of session handling requires a clear API, to simplify the dependencies. This MR removes all direct access to $_SESSION.

I do not know if the could I changes is really in use.

Replace mobile device detection
Replace regionId access
Replace regions access
Replace pulse message buffer
Replace session picture cache (Unclear need)
Replace "Client" access
Move hastodoquiz to QuizXhr !3075 (merged)
extract current user from session (image, user details, ..)
move PrivacyAcceptStates to legal module
generate user UserOption Storage
Remove complex fAuthorization !3078 (merged)
Extract Csrf
Extract FlashMessages
extract isMobile !3115 (closed) !3116 (merged)
remove direct session access !3099 (merged)
extract Buddy list !2987 (merged)
Move "remember me" to separate class
Replace internal Session access to Sessioninterface
rename Foodsharing/Session to SecurityTransaction
Insert Symfony Session

How confident are you it won't break things if deployed?

I hope not. Unable to test all, test should ensure this.

Links to related issues

How to test

Checkout branch locally
Login as foodsaver
... -->

Screenshots (if applicable)

Checklist

added a test, or explain why one is not needed/possible...
no unrelated changes
asked someone for a code review
set a "for:" label to indicate who will be affected by this change
added to the next milestone (see https://gitlab.com/foodsharing-dev/foodsharing/-/milestones, unless it has a "for:Dev" label)
added an entry to CHANGELOG.md
added a short text in the release notes to /release-notes/YYYY-MM.md
Once your MR has been merged, you are responsible to create a testing issue in the Beta Testing forum: https://foodsharing.de/region?bid=734&sub=forum. Please change the MRs label to "state:Beta testing".
- Consider writing a detailed description in German.
- Describe in a few sentences, what should be tested from a user perspective.
- Also mention different settings (e.g. different browsers, roles, ...) how this change can be tested.
- Be aware, that also non technical people should understand.

Closes #1769

Edited Feb 11, 2024 by KoeMai

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking