X-Git-Url: https://git.m6w6.name/?a=blobdiff_plain;f=app%2FSession.php;h=af1b8e74e4c06afd9e56b72f315670579014a516;hb=26bbafd451da564adc2eb302db679bd4f4eecac5;hp=87189dc0bacda2584fe589573467cf19c4ce042d;hpb=ebc0d017c8a24bd16ca1f4347b39b07ba4349135;p=pharext%2Fpharext.org

diff --git a/app/Session.php b/app/Session.php
index 87189dc..af1b8e7 100644
--- a/app/Session.php
+++ b/app/Session.php
@@ -3,14 +3,26 @@
 namespace app;
 
 use ArrayAccess;
-use merry\Config;
+use http\Env\Response;
+use http\Params;
 
 class Session implements ArrayAccess
 {
-	function __construct(Config $config) {
+	function __construct(Config $config, BaseUrl $baseUrl, Response $response) {
+		ini_set("session.cookie_path", $baseUrl->path);
 		foreach ($config->session as $key => $val) {
 			ini_set("session.$key", $val);
 		}
+		if (ini_get("session.use_cookies")) {
+			$response->addHeader("Vary", "cookie");
+		}
+		$response->addHeader("Cache-Control",
+			new Params([
+				"private" => true,
+				"must-revalidate" => true,
+				"max-age" => ini_get("session.cache_expire") * 60
+			])
+		);
 		session_start();
 	}