From 05a15b6092c67dd326cf4fd16eab1e5931c956b1 Mon Sep 17 00:00:00 2001 From: Nico Hoffmann Date: Sun, 31 Dec 2023 12:28:18 +0100 Subject: [PATCH] Mute PHP notice from Session unserialize --- composer.json | 2 +- phpunit.xml.dist | 6 ++++++ src/Session/Session.php | 4 ++-- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/composer.json b/composer.json index a15c8cacb0..7a9af45f37 100644 --- a/composer.json +++ b/composer.json @@ -106,7 +106,7 @@ "@test" ], "fix": "php-cs-fixer fix", - "test": "phpunit --stderr --display-warnings", + "test": "phpunit --stderr", "test:coverage": "XDEBUG_MODE=coverage phpunit --stderr --coverage-html=tests/coverage", "zip": "composer archive --format=zip --file=dist" } diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 8055d6cf8e..6fa32c47e2 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -6,6 +6,12 @@ colors="true" stderr="true" cacheDirectory=".phpunit.cache" + displayDetailsOnIncompleteTests="true" + displayDetailsOnSkippedTests="true" + displayDetailsOnTestsThatTriggerDeprecations="true" + displayDetailsOnTestsThatTriggerErrors="true" + displayDetailsOnTestsThatTriggerNotices="true" + displayDetailsOnTestsThatTriggerWarnings="true" > diff --git a/src/Session/Session.php b/src/Session/Session.php index 5dd652d8d1..e5302582a8 100644 --- a/src/Session/Session.php +++ b/src/Session/Session.php @@ -11,7 +11,6 @@ use Kirby\Http\Url; use Kirby\Toolkit\Str; use Kirby\Toolkit\SymmetricCrypto; -use Throwable; /** * @package Kirby Session @@ -661,6 +660,7 @@ protected function init(): void // skip if we don't have the key (only the case for moved sessions) $hmac = Str::before($data, "\n"); $data = trim(Str::after($data, "\n")); + if ( $this->tokenKey !== null && hash_equals(hash_hmac('sha256', $data, $this->tokenKey), $hmac) !== true @@ -675,7 +675,7 @@ protected function init(): void } // decode the serialized data - $data = unserialize($data); + $data = @unserialize($data); if ($data === false) { throw new LogicException([