Development

/branches/1.1/lib/storage/sfSessionStorage.class.php

You must first sign up to be able to contribute.

root/branches/1.1/lib/storage/sfSessionStorage.class.php

Revision 10425, 4.9 kB (checked in by nicolas, 6 years ago)

[1.1] closes #4053 - fixed regenerated session id wasn't reflected in database based session storage handlers

  • Property svn:mime-type set to text/x-php
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Rev Date
Line 
1 <?php
2
3 /*
4  * This file is part of the symfony package.
5  * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
6  * (c) 2004-2006 Sean Kerr <sean@code-box.org>
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11
12 /**
13  * sfSessionStorage allows you to store persistent symfony data in the user session.
14  *
15  * <b>Optional parameters:</b>
16  *
17  * # <b>auto_start</b>   - [Yes]     - Should session_start() automatically be called?
18  * # <b>session_name</b> - [symfony] - The name of the session.
19  *
20  * @package    symfony
21  * @subpackage storage
22  * @author     Fabien Potencier <fabien.potencier@symfony-project.com>
23  * @author     Sean Kerr <sean@code-box.org>
24  * @version    SVN: $Id$
25  */
26 class sfSessionStorage extends sfStorage
27 {
28   static protected
29     $sessionIdRegenerated = false,
30     $sessionStarted       = false;
31
32   /**
33    * Available options:
34    *
35    *  * session_name:            The cookie name (symfony by default)
36    *  * session_id:              The session id (null by default)
37    *  * auto_start:              Whether to start the session (true by default)
38    *  * session_cookie_lifetime: Cookie lifetime
39    *  * session_cookie_path:     Cookie path
40    *  * session_cookie_domain:   Cookie domain
41    *  * session_cookie_secure:   Cookie secure
42    *  * session_cookie_httponly: Cookie http only (only for PHP >= 5.2)
43    *
44    * The default values for all 'session_cookie_*' options are those returned by the session_get_cookie_params() function
45    *
46    * @param array $options  An associative array of options
47    *
48    * @see sfStorage
49    */
50   public function initialize($options = null)
51   {
52     $cookieDefaults = session_get_cookie_params();
53
54     $options = array_merge(array(
55       'session_name' => 'symfony',
56       'session_id'   => null,
57       'auto_start' => true,
58       'session_cookie_lifetime' => $cookieDefaults['lifetime'],
59       'session_cookie_path' => $cookieDefaults['path'],
60       'session_cookie_domain' => $cookieDefaults['domain'],
61       'session_cookie_secure' => $cookieDefaults['secure'],
62       'session_cookie_httponly' => isset($cookieDefaults['httponly']) ? $cookieDefaults['httponly'] : false,
63     ), $options);
64
65     // initialize parent
66     parent::initialize($options);
67
68     // set session name
69     $sessionName = $this->options['session_name'];
70
71     session_name($sessionName);
72
73     if (!(boolean) ini_get('session.use_cookies') && $sessionId = $this->options['session_id'])
74     {
75       session_id($sessionId);
76     }
77
78     $lifetime = $this->options['session_cookie_lifetime'];
79     $path     = $this->options['session_cookie_path'];
80     $domain   = $this->options['session_cookie_domain'];
81     $secure   = $this->options['session_cookie_secure'];
82     $httpOnly = $this->options['session_cookie_httponly'];
83     if (version_compare(phpversion(), '5.2', '>='))
84     {
85       session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly);
86     }
87     else
88     {
89       session_set_cookie_params($lifetime, $path, $domain, $secure);
90     }
91
92     if ($this->options['auto_start'] && !self::$sessionStarted)
93     {
94       session_start();
95       self::$sessionStarted = true;
96     }
97   }
98
99   /**
100    * Reads data from this storage.
101    *
102    * The preferred format for a key is directory style so naming conflicts can be avoided.
103    *
104    * @param  string $key  A unique key identifying your data
105    *
106    * @return mixed Data associated with the key
107    */
108   public function read($key)
109   {
110     $retval = null;
111
112     if (isset($_SESSION[$key]))
113     {
114       $retval = $_SESSION[$key];
115     }
116
117     return $retval;
118   }
119
120   /**
121    * Removes data from this storage.
122    *
123    * The preferred format for a key is directory style so naming conflicts can be avoided.
124    *
125    * @param  string $key  A unique key identifying your data
126    *
127    * @return mixed Data associated with the key
128    */
129   public function remove($key)
130   {
131     $retval = null;
132
133     if (isset($_SESSION[$key]))
134     {
135       $retval = $_SESSION[$key];
136       unset($_SESSION[$key]);
137     }
138
139     return $retval;
140   }
141
142   /**
143    * Writes data to this storage.
144    *
145    * The preferred format for a key is directory style so naming conflicts can be avoided.
146    *
147    * @param string $key   A unique key identifying your data
148    * @param mixed  $data  Data associated with your key
149    *
150    */
151   public function write($key, $data)
152   {
153     $_SESSION[$key] = $data;
154   }
155
156   /**
157    * Regenerates id that represents this storage.
158    *
159    * @param  boolean $destroy Destroy session when regenerating?
160    *
161    * @return boolean True if session regenerated, false if error
162    *
163    */
164   public function regenerate($destroy = false)
165   {
166     if (self::$sessionIdRegenerated)
167     {
168       return;
169     }
170
171     // regenerate a new session id once per object
172     session_regenerate_id($destroy);
173
174     self::$sessionIdRegenerated = true;
175   }
176
177   /**
178    * Executes the shutdown procedure.
179    *
180    */
181   public function shutdown()
182   {
183     // don't need a shutdown procedure because read/write do it in real-time
184   }
185 }
186
Note: See TracBrowser for help on using the browser.