Releases: ingenerator/php-utils
Fix device ID bug in CLI environments, add Mutex wrapper
- Init the DeviceIdentifier to a fixed value in the CLI environment without setting any cookies, to prevent
errors if the process has already sent output. - Add MutexWrapper with Mock and Db (mysql) backed implementations for preventing concurrent executions
of code.
Use device ID instead of session ID for logging
- [BREAKING] Removed the $session_id parameter from
DefaultLogMetadata::requestTrace- use the new
DefaultLogMetadata::deviceIdentityLazymethod instead to capture the device ID into the logs.
The session ID was removed because reading from $_COOKIE does not provide a value on the user's first
request, and other methods (e.g. session_id()) may not give an accurate value if the session cookie name
is customised but the session has not been started at the time of logging. - Add class to assign users a device ID cookie and provide the value for logging
- Add class to wrap accessing / setting / deleting cookies for injectability and testability
- Add helper method to get a DateTimeImmutable from a unix timestamp, in current timezone
Add Stackdriver logging framework and array / singleton helpers
Merge pull request #22 from ingenerator/1.x-feat-loggers Add StackdriverApplicationLogger and dependencies
Fix fatal error on updateSessionTimestamp due to incorrect variable naming
Made all vars consistent as $session_id to avoid recurrence.
Fix MysqlSession to always return a value from releaseLock
Merge pull request #20 from ingenerator/1.x-improve-session-handler Fix MysqlSession to always return a value from releaseLock
Update MysqlSession: strict session IDs, new internal implementation
The updated hander solves a couple of edge cases where the session data could be written but not read if using the wrong hash. This would for example occur if an attacker attempted to overwrite and existing session, or if the hash salt changed during a user's session. The new handler uses strict session mode and custom handler logic to validate the session ID, including checking the hash, and issues a new session ID if it is invalid. The updated logic is also more performant at the database as sessions are only INSERTed on creation and subsequently UPDATEd, rather than the previous INSERT...ON DUPLICATE KEY UPDATE. **Note that ->initialise() now sets the session.use_strict_mode ini value as it is required for proper operation. This should be set anyway, and is only relevant to the handler (of which there can be only one) so this is not considered to be true global state or a breaking change.
Static Asset URL provider
Add StaticAssetUrlProvider to provide simple cache-busted local URLs for CSS etc in local dev or remote (e.g. cloud storage / s3) urls in production.
Allow DeploymentConfig->map() to return values in standalone environment
Allow DeploymentConfig->map() to return values in standalone environment
This brings the standalone closer to the behaviour of other environments, except that it will continue to return null if there is nothing mapped (where other environments will throw). ->read continues to return null in standalone in every case. Note that standalone will now return a value if there's one mapped for any (*) - which is a minor breaking change to the behaviour of the standalone environment.
Deployment config and string encoding support
- Add Base64Url StringEncoding helper class - like base64, but with entirely websafe characters for URLs etc
- Add JSON StringEncoding helper class - safe json parsing, encoding and prettifying with sane defaults
- Add DeploymentConfig sub-package for loading (and, optionally, decrypting) runtime environment configuration
Allow asserting that StoppedMockClock never slept
Merge pull request #13 from ingenerator/1.0/allow-assert-not-slept Allow asserting that the StoppedMockClock never slept