Development

/branches/1.4/lib/storage/sfSessionStorage.class.php

You must first sign up to be able to contribute.

root/branches/1.4/lib/storage/sfSessionStorage.class.php

Revision 31471, 5.0 kB (checked in by fabien, 2 years ago)

changed the default value for session_cache_limiter to 'null'.

The default behavior for the session cache limiter has been changed.

Before:

* The PHP session cache limiter was disabled (which means that for some

aggressive caches that store pages even when they have cookies, you had
sessions shared between users; which is wrong);

* To enable it, you would have set it to null to get the default PHP

behavior (as configured in php.ini) or to any other valid value (see
session_cache_limiter documentation page on php.net).

After:

* The default session cache limiter configured in php.ini is used (most of the

time, if has a conservative value);

* You can still set another value or disable it completely by setting

session_cache_limiter to false in your configuration.

  • Property svn:mime-type set to text/x-php
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
Line 
1 <?php
2
3 /*
4  * This file is part of the symfony package.
5  * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
6  * (c) 2004-2006 Sean Kerr <sean@code-box.org>
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11
12 /**
13  * sfSessionStorage allows you to store persistent symfony data in the user session.
14  *
15  * <b>Optional parameters:</b>
16  *
17  * # <b>auto_start</b>   - [Yes]     - Should session_start() automatically be called?
18  * # <b>session_name</b> - [symfony] - The name of the session.
19  *
20  * @package    symfony
21  * @subpackage storage
22  * @author     Fabien Potencier <fabien.potencier@symfony-project.com>
23  * @author     Sean Kerr <sean@code-box.org>
24  * @version    SVN: $Id$
25  */
26 class sfSessionStorage extends sfStorage
27 {
28   static protected
29     $sessionIdRegenerated = false,
30     $sessionStarted       = false;
31
32   /**
33    * Available options:
34    *
35    *  * session_name:            The cookie name (symfony by default)
36    *  * session_id:              The session id (null by default)
37    *  * auto_start:              Whether to start the session (true by default)
38    *  * session_cookie_lifetime: Cookie lifetime
39    *  * session_cookie_path:     Cookie path
40    *  * session_cookie_domain:   Cookie domain
41    *  * session_cookie_secure:   Cookie secure
42    *  * session_cookie_httponly: Cookie http only (only for PHP >= 5.2)
43    *
44    * The default values for all 'session_cookie_*' options are those returned by the session_get_cookie_params() function
45    *
46    * @param array $options  An associative array of options
47    *
48    * @see sfStorage
49    */
50   public function initialize($options = null)
51   {
52     $cookieDefaults = session_get_cookie_params();
53
54     $options = array_merge(array(
55       'session_name'            => 'symfony',
56       'session_id'              => null,
57       'auto_start'              => true,
58       'session_cookie_lifetime' => $cookieDefaults['lifetime'],
59       'session_cookie_path'     => $cookieDefaults['path'],
60       'session_cookie_domain'   => $cookieDefaults['domain'],
61       'session_cookie_secure'   => $cookieDefaults['secure'],
62       'session_cookie_httponly' => isset($cookieDefaults['httponly']) ? $cookieDefaults['httponly'] : false,
63       'session_cache_limiter'   => null,
64     ), $options);
65
66     // initialize parent
67     parent::initialize($options);
68
69     // set session name
70     $sessionName = $this->options['session_name'];
71
72     session_name($sessionName);
73
74     if (!(boolean) ini_get('session.use_cookies') && $sessionId = $this->options['session_id'])
75     {
76       session_id($sessionId);
77     }
78
79     $lifetime = $this->options['session_cookie_lifetime'];
80     $path     = $this->options['session_cookie_path'];
81     $domain   = $this->options['session_cookie_domain'];
82     $secure   = $this->options['session_cookie_secure'];
83     $httpOnly = $this->options['session_cookie_httponly'];
84     session_set_cookie_params($lifetime, $path, $domain, $secure, $httpOnly);
85
86     if (null !== $this->options['session_cache_limiter'])
87     {
88       session_cache_limiter($this->options['session_cache_limiter']);
89     }
90
91     if ($this->options['auto_start'] && !self::$sessionStarted)
92     {
93       session_start();
94       self::$sessionStarted = true;
95     }
96   }
97
98   /**
99    * Reads data from this storage.
100    *
101    * The preferred format for a key is directory style so naming conflicts can be avoided.
102    *
103    * @param  string $key  A unique key identifying your data
104    *
105    * @return mixed Data associated with the key
106    */
107   public function read($key)
108   {
109     $retval = null;
110
111     if (isset($_SESSION[$key]))
112     {
113       $retval = $_SESSION[$key];
114     }
115
116     return $retval;
117   }
118
119   /**
120    * Removes data from this storage.
121    *
122    * The preferred format for a key is directory style so naming conflicts can be avoided.
123    *
124    * @param  string $key  A unique key identifying your data
125    *
126    * @return mixed Data associated with the key
127    */
128   public function remove($key)
129   {
130     $retval = null;
131
132     if (isset($_SESSION[$key]))
133     {
134       $retval = $_SESSION[$key];
135       unset($_SESSION[$key]);
136     }
137
138     return $retval;
139   }
140
141   /**
142    * Writes data to this storage.
143    *
144    * The preferred format for a key is directory style so naming conflicts can be avoided.
145    *
146    * @param string $key   A unique key identifying your data
147    * @param mixed  $data  Data associated with your key
148    *
149    */
150   public function write($key, $data)
151   {
152     $_SESSION[$key] = $data;
153   }
154
155   /**
156    * Regenerates id that represents this storage.
157    *
158    * @param  boolean $destroy Destroy session when regenerating?
159    *
160    * @return boolean True if session regenerated, false if error
161    *
162    */
163   public function regenerate($destroy = false)
164   {
165     if (self::$sessionIdRegenerated)
166     {
167       return;
168     }
169
170     // regenerate a new session id once per object
171     session_regenerate_id($destroy);
172
173     self::$sessionIdRegenerated = true;
174   }
175
176   /**
177    * Executes the shutdown procedure.
178    *
179    */
180   public function shutdown()
181   {
182     // don't need a shutdown procedure because read/write do it in real-time
183     session_write_close();
184   }
185 }
186
Note: See TracBrowser for help on using the browser.