Description: ------------ In order to have a more accurate control over cookies such as path, domain, secure channel (only https) and avoid javascript access to cookies (I'm concerned about the requirement that implies: PHP 5.2.x or newer), I've extended the class HTTP_Session2 implementing a new private method that sets the cookie variables (see attached file): - setCookieVars(...) And modified the method to include all these parameters and call to setCookieVars: - useCookies(...) I hope this helps. Dario

Added patch HTTP_Session2_cookie_vars.

Can you try to submit a real patch (aka a diff)? Just get the original copy of the file and do this: diff -up Session2.php.orig Session2.php (or the other way around) :)

Added patch Session2_patch_20100324.

I hope the uploaded patch has the correct format. Dario.

Yes, all correct, I'll review this and try to write a test too for the 0.8.0 release.

This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. I committed your patch with minor changes, let me know when you get a chance to check it out. http://svn.php.net/viewvc/pear/packages/HTTP_Session2/trunk/

Actually; this added two parse errors. Also, the use of time() makes it harder to test these particular changs

Till, I fixed the parse errors in r318878. Can you eyeball the changes and other recent commits in that area to check you are happy with 'em / no other parse errors exist? http://test.pear.php.net:8080/job/HTTP_Session2/ should pick up the change in a few hours; or you can kick off a build if you want.

http://svn.php.net/viewvc/pear/packages/HTTP_Session2/trunk/HTTP/Session2.php? revision=309131&view=markup#l411 was the line introduced.

Thanks, I didn't see this for some reason.