PageRenderTime 91ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/Zend/Session.php

https://bitbucket.org/claudiu_marginean/magento-hg-mirror
PHP | 881 lines | 404 code | 131 blank | 346 comment | 79 complexity | 4c8e95698c04475c6dd890239eb5d5fb MD5 | raw file
Possible License(s): CC-BY-SA-3.0, LGPL-2.1, GPL-2.0, WTFPL
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_Session
  17. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  18. * @license http://framework.zend.com/license/new-bsd New BSD License
  19. * @version $Id: Session.php 22587 2010-07-16 20:14:18Z ralph $
  20. * @since Preview Release 0.2
  21. */
  22. /**
  23. * @see Zend_Session_Abstract
  24. */
  25. #require_once 'Zend/Session/Abstract.php';
  26. /**
  27. * @see Zend_Session_Namespace
  28. */
  29. #require_once 'Zend/Session/Namespace.php';
  30. /**
  31. * @see Zend_Session_SaveHandler_Interface
  32. */
  33. #require_once 'Zend/Session/SaveHandler/Interface.php';
  34. /**
  35. * Zend_Session
  36. *
  37. * @category Zend
  38. * @package Zend_Session
  39. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  40. * @license http://framework.zend.com/license/new-bsd New BSD License
  41. */
  42. class Zend_Session extends Zend_Session_Abstract
  43. {
  44. /**
  45. * Whether or not Zend_Session is being used with unit tests
  46. *
  47. * @internal
  48. * @var bool
  49. */
  50. public static $_unitTestEnabled = false;
  51. /**
  52. * $_throwStartupException
  53. *
  54. * @var bool|bitset This could also be a combiniation of error codes to catch
  55. */
  56. protected static $_throwStartupExceptions = true;
  57. /**
  58. * Check whether or not the session was started
  59. *
  60. * @var bool
  61. */
  62. private static $_sessionStarted = false;
  63. /**
  64. * Whether or not the session id has been regenerated this request.
  65. *
  66. * Id regeneration state
  67. * <0 - regenerate requested when session is started
  68. * 0 - do nothing
  69. * >0 - already called session_regenerate_id()
  70. *
  71. * @var int
  72. */
  73. private static $_regenerateIdState = 0;
  74. /**
  75. * Private list of php's ini values for ext/session
  76. * null values will default to the php.ini value, otherwise
  77. * the value below will overwrite the default ini value, unless
  78. * the user has set an option explicity with setOptions()
  79. *
  80. * @var array
  81. */
  82. private static $_defaultOptions = array(
  83. 'save_path' => null,
  84. 'name' => null, /* this should be set to a unique value for each application */
  85. 'save_handler' => null,
  86. //'auto_start' => null, /* intentionally excluded (see manual) */
  87. 'gc_probability' => null,
  88. 'gc_divisor' => null,
  89. 'gc_maxlifetime' => null,
  90. 'serialize_handler' => null,
  91. 'cookie_lifetime' => null,
  92. 'cookie_path' => null,
  93. 'cookie_domain' => null,
  94. 'cookie_secure' => null,
  95. 'cookie_httponly' => null,
  96. 'use_cookies' => null,
  97. 'use_only_cookies' => 'on',
  98. 'referer_check' => null,
  99. 'entropy_file' => null,
  100. 'entropy_length' => null,
  101. 'cache_limiter' => null,
  102. 'cache_expire' => null,
  103. 'use_trans_sid' => null,
  104. 'bug_compat_42' => null,
  105. 'bug_compat_warn' => null,
  106. 'hash_function' => null,
  107. 'hash_bits_per_character' => null
  108. );
  109. /**
  110. * List of options pertaining to Zend_Session that can be set by developers
  111. * using Zend_Session::setOptions(). This list intentionally duplicates
  112. * the individual declaration of static "class" variables by the same names.
  113. *
  114. * @var array
  115. */
  116. private static $_localOptions = array(
  117. 'strict' => '_strict',
  118. 'remember_me_seconds' => '_rememberMeSeconds',
  119. 'throw_startup_exceptions' => '_throwStartupExceptions'
  120. );
  121. /**
  122. * Whether or not write close has been performed.
  123. *
  124. * @var bool
  125. */
  126. private static $_writeClosed = false;
  127. /**
  128. * Whether or not session id cookie has been deleted
  129. *
  130. * @var bool
  131. */
  132. private static $_sessionCookieDeleted = false;
  133. /**
  134. * Whether or not session has been destroyed via session_destroy()
  135. *
  136. * @var bool
  137. */
  138. private static $_destroyed = false;
  139. /**
  140. * Whether or not session must be initiated before usage
  141. *
  142. * @var bool
  143. */
  144. private static $_strict = false;
  145. /**
  146. * Default number of seconds the session will be remembered for when asked to be remembered
  147. *
  148. * @var int
  149. */
  150. private static $_rememberMeSeconds = 1209600; // 2 weeks
  151. /**
  152. * Whether the default options listed in Zend_Session::$_localOptions have been set
  153. *
  154. * @var bool
  155. */
  156. private static $_defaultOptionsSet = false;
  157. /**
  158. * A reference to the set session save handler
  159. *
  160. * @var Zend_Session_SaveHandler_Interface
  161. */
  162. private static $_saveHandler = null;
  163. /**
  164. * Constructor overriding - make sure that a developer cannot instantiate
  165. */
  166. protected function __construct()
  167. {
  168. }
  169. /**
  170. * setOptions - set both the class specified
  171. *
  172. * @param array $userOptions - pass-by-keyword style array of <option name, option value> pairs
  173. * @throws Zend_Session_Exception
  174. * @return void
  175. */
  176. public static function setOptions(array $userOptions = array())
  177. {
  178. // set default options on first run only (before applying user settings)
  179. if (!self::$_defaultOptionsSet) {
  180. foreach (self::$_defaultOptions as $defaultOptionName => $defaultOptionValue) {
  181. if (isset(self::$_defaultOptions[$defaultOptionName])) {
  182. ini_set("session.$defaultOptionName", $defaultOptionValue);
  183. }
  184. }
  185. self::$_defaultOptionsSet = true;
  186. }
  187. // set the options the user has requested to set
  188. foreach ($userOptions as $userOptionName => $userOptionValue) {
  189. $userOptionName = strtolower($userOptionName);
  190. // set the ini based values
  191. if (array_key_exists($userOptionName, self::$_defaultOptions)) {
  192. ini_set("session.$userOptionName", $userOptionValue);
  193. }
  194. elseif (isset(self::$_localOptions[$userOptionName])) {
  195. self::${self::$_localOptions[$userOptionName]} = $userOptionValue;
  196. }
  197. else {
  198. /** @see Zend_Session_Exception */
  199. #require_once 'Zend/Session/Exception.php';
  200. throw new Zend_Session_Exception("Unknown option: $userOptionName = $userOptionValue");
  201. }
  202. }
  203. }
  204. /**
  205. * getOptions()
  206. *
  207. * @param string $optionName OPTIONAL
  208. * @return array|string
  209. */
  210. public static function getOptions($optionName = null)
  211. {
  212. $options = array();
  213. foreach (ini_get_all('session') as $sysOptionName => $sysOptionValues) {
  214. $options[substr($sysOptionName, 8)] = $sysOptionValues['local_value'];
  215. }
  216. foreach (self::$_localOptions as $localOptionName => $localOptionMemberName) {
  217. $options[$localOptionName] = self::${$localOptionMemberName};
  218. }
  219. if ($optionName) {
  220. if (array_key_exists($optionName, $options)) {
  221. return $options[$optionName];
  222. }
  223. return null;
  224. }
  225. return $options;
  226. }
  227. /**
  228. * setSaveHandler() - Session Save Handler assignment
  229. *
  230. * @param Zend_Session_SaveHandler_Interface $interface
  231. * @return void
  232. */
  233. public static function setSaveHandler(Zend_Session_SaveHandler_Interface $saveHandler)
  234. {
  235. self::$_saveHandler = $saveHandler;
  236. if (self::$_unitTestEnabled) {
  237. return;
  238. }
  239. session_set_save_handler(
  240. array(&$saveHandler, 'open'),
  241. array(&$saveHandler, 'close'),
  242. array(&$saveHandler, 'read'),
  243. array(&$saveHandler, 'write'),
  244. array(&$saveHandler, 'destroy'),
  245. array(&$saveHandler, 'gc')
  246. );
  247. }
  248. /**
  249. * getSaveHandler() - Get the session Save Handler
  250. *
  251. * @return Zend_Session_SaveHandler_Interface
  252. */
  253. public static function getSaveHandler()
  254. {
  255. return self::$_saveHandler;
  256. }
  257. /**
  258. * regenerateId() - Regenerate the session id. Best practice is to call this after
  259. * session is started. If called prior to session starting, session id will be regenerated
  260. * at start time.
  261. *
  262. * @throws Zend_Session_Exception
  263. * @return void
  264. */
  265. public static function regenerateId()
  266. {
  267. if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
  268. /** @see Zend_Session_Exception */
  269. #require_once 'Zend/Session/Exception.php';
  270. throw new Zend_Session_Exception("You must call " . __CLASS__ . '::' . __FUNCTION__ .
  271. "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
  272. }
  273. if (self::$_sessionStarted && self::$_regenerateIdState <= 0) {
  274. if (!self::$_unitTestEnabled) {
  275. session_regenerate_id(true);
  276. }
  277. self::$_regenerateIdState = 1;
  278. } else {
  279. /**
  280. * @todo If we can detect that this requester had no session previously,
  281. * then why regenerate the id before the session has started?
  282. * Feedback wanted for:
  283. //
  284. if (isset($_COOKIE[session_name()]) || (!use only cookies && isset($_REQUEST[session_name()]))) {
  285. self::$_regenerateIdState = 1;
  286. } else {
  287. self::$_regenerateIdState = -1;
  288. }
  289. //*/
  290. self::$_regenerateIdState = -1;
  291. }
  292. }
  293. /**
  294. * rememberMe() - Write a persistent cookie that expires after a number of seconds in the future. If no number of
  295. * seconds is specified, then this defaults to self::$_rememberMeSeconds. Due to clock errors on end users' systems,
  296. * large values are recommended to avoid undesirable expiration of session cookies.
  297. *
  298. * @param $seconds integer - OPTIONAL specifies TTL for cookie in seconds from present time
  299. * @return void
  300. */
  301. public static function rememberMe($seconds = null)
  302. {
  303. $seconds = (int) $seconds;
  304. $seconds = ($seconds > 0) ? $seconds : self::$_rememberMeSeconds;
  305. self::rememberUntil($seconds);
  306. }
  307. /**
  308. * forgetMe() - Write a volatile session cookie, removing any persistent cookie that may have existed. The session
  309. * would end upon, for example, termination of a web browser program.
  310. *
  311. * @return void
  312. */
  313. public static function forgetMe()
  314. {
  315. self::rememberUntil(0);
  316. }
  317. /**
  318. * rememberUntil() - This method does the work of changing the state of the session cookie and making
  319. * sure that it gets resent to the browser via regenerateId()
  320. *
  321. * @param int $seconds
  322. * @return void
  323. */
  324. public static function rememberUntil($seconds = 0)
  325. {
  326. if (self::$_unitTestEnabled) {
  327. self::regenerateId();
  328. return;
  329. }
  330. $cookieParams = session_get_cookie_params();
  331. session_set_cookie_params(
  332. $seconds,
  333. $cookieParams['path'],
  334. $cookieParams['domain'],
  335. $cookieParams['secure']
  336. );
  337. // normally "rememberMe()" represents a security context change, so should use new session id
  338. self::regenerateId();
  339. }
  340. /**
  341. * sessionExists() - whether or not a session exists for the current request
  342. *
  343. * @return bool
  344. */
  345. public static function sessionExists()
  346. {
  347. if (ini_get('session.use_cookies') == '1' && isset($_COOKIE[session_name()])) {
  348. return true;
  349. } elseif (!empty($_REQUEST[session_name()])) {
  350. return true;
  351. } elseif (self::$_unitTestEnabled) {
  352. return true;
  353. }
  354. return false;
  355. }
  356. /**
  357. * Whether or not session has been destroyed via session_destroy()
  358. *
  359. * @return bool
  360. */
  361. public static function isDestroyed()
  362. {
  363. return self::$_destroyed;
  364. }
  365. /**
  366. * start() - Start the session.
  367. *
  368. * @param bool|array $options OPTIONAL Either user supplied options, or flag indicating if start initiated automatically
  369. * @throws Zend_Session_Exception
  370. * @return void
  371. */
  372. public static function start($options = false)
  373. {
  374. if (self::$_sessionStarted && self::$_destroyed) {
  375. #require_once 'Zend/Session/Exception.php';
  376. throw new Zend_Session_Exception('The session was explicitly destroyed during this request, attempting to re-start is not allowed.');
  377. }
  378. if (self::$_sessionStarted) {
  379. return; // already started
  380. }
  381. // make sure our default options (at the least) have been set
  382. if (!self::$_defaultOptionsSet) {
  383. self::setOptions(is_array($options) ? $options : array());
  384. }
  385. // In strict mode, do not allow auto-starting Zend_Session, such as via "new Zend_Session_Namespace()"
  386. if (self::$_strict && $options === true) {
  387. /** @see Zend_Session_Exception */
  388. #require_once 'Zend/Session/Exception.php';
  389. throw new Zend_Session_Exception('You must explicitly start the session with Zend_Session::start() when session options are set to strict.');
  390. }
  391. $filename = $linenum = null;
  392. if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
  393. /** @see Zend_Session_Exception */
  394. #require_once 'Zend/Session/Exception.php';
  395. throw new Zend_Session_Exception("Session must be started before any output has been sent to the browser;"
  396. . " output started in {$filename}/{$linenum}");
  397. }
  398. // See http://www.php.net/manual/en/ref.session.php for explanation
  399. if (!self::$_unitTestEnabled && defined('SID')) {
  400. /** @see Zend_Session_Exception */
  401. #require_once 'Zend/Session/Exception.php';
  402. throw new Zend_Session_Exception('session has already been started by session.auto-start or session_start()');
  403. }
  404. /**
  405. * Hack to throw exceptions on start instead of php errors
  406. * @see http://framework.zend.com/issues/browse/ZF-1325
  407. */
  408. $errorLevel = (is_int(self::$_throwStartupExceptions)) ? self::$_throwStartupExceptions : E_ALL;
  409. /** @see Zend_Session_Exception */
  410. if (!self::$_unitTestEnabled) {
  411. if (self::$_throwStartupExceptions) {
  412. #require_once 'Zend/Session/Exception.php';
  413. set_error_handler(array('Zend_Session_Exception', 'handleSessionStartError'), $errorLevel);
  414. }
  415. $startedCleanly = session_start();
  416. if (self::$_throwStartupExceptions) {
  417. restore_error_handler();
  418. }
  419. if (!$startedCleanly || Zend_Session_Exception::$sessionStartError != null) {
  420. if (self::$_throwStartupExceptions) {
  421. set_error_handler(array('Zend_Session_Exception', 'handleSilentWriteClose'), $errorLevel);
  422. }
  423. session_write_close();
  424. if (self::$_throwStartupExceptions) {
  425. restore_error_handler();
  426. throw new Zend_Session_Exception(__CLASS__ . '::' . __FUNCTION__ . '() - ' . Zend_Session_Exception::$sessionStartError);
  427. }
  428. }
  429. }
  430. parent::$_readable = true;
  431. parent::$_writable = true;
  432. self::$_sessionStarted = true;
  433. if (self::$_regenerateIdState === -1) {
  434. self::regenerateId();
  435. }
  436. // run validators if they exist
  437. if (isset($_SESSION['__ZF']['VALID'])) {
  438. self::_processValidators();
  439. }
  440. self::_processStartupMetadataGlobal();
  441. }
  442. /**
  443. * _processGlobalMetadata() - this method initizes the sessions GLOBAL
  444. * metadata, mostly global data expiration calculations.
  445. *
  446. * @return void
  447. */
  448. private static function _processStartupMetadataGlobal()
  449. {
  450. // process global metadata
  451. if (isset($_SESSION['__ZF'])) {
  452. // expire globally expired values
  453. foreach ($_SESSION['__ZF'] as $namespace => $namespace_metadata) {
  454. // Expire Namespace by Time (ENT)
  455. if (isset($namespace_metadata['ENT']) && ($namespace_metadata['ENT'] > 0) && (time() > $namespace_metadata['ENT']) ) {
  456. unset($_SESSION[$namespace]);
  457. unset($_SESSION['__ZF'][$namespace]);
  458. }
  459. // Expire Namespace by Global Hop (ENGH) if it wasnt expired above
  460. if (isset($_SESSION['__ZF'][$namespace]) && isset($namespace_metadata['ENGH']) && $namespace_metadata['ENGH'] >= 1) {
  461. $_SESSION['__ZF'][$namespace]['ENGH']--;
  462. if ($_SESSION['__ZF'][$namespace]['ENGH'] === 0) {
  463. if (isset($_SESSION[$namespace])) {
  464. parent::$_expiringData[$namespace] = $_SESSION[$namespace];
  465. unset($_SESSION[$namespace]);
  466. }
  467. unset($_SESSION['__ZF'][$namespace]);
  468. }
  469. }
  470. // Expire Namespace Variables by Time (ENVT)
  471. if (isset($namespace_metadata['ENVT'])) {
  472. foreach ($namespace_metadata['ENVT'] as $variable => $time) {
  473. if (time() > $time) {
  474. unset($_SESSION[$namespace][$variable]);
  475. unset($_SESSION['__ZF'][$namespace]['ENVT'][$variable]);
  476. }
  477. }
  478. if (empty($_SESSION['__ZF'][$namespace]['ENVT'])) {
  479. unset($_SESSION['__ZF'][$namespace]['ENVT']);
  480. }
  481. }
  482. // Expire Namespace Variables by Global Hop (ENVGH)
  483. if (isset($namespace_metadata['ENVGH'])) {
  484. foreach ($namespace_metadata['ENVGH'] as $variable => $hops) {
  485. $_SESSION['__ZF'][$namespace]['ENVGH'][$variable]--;
  486. if ($_SESSION['__ZF'][$namespace]['ENVGH'][$variable] === 0) {
  487. if (isset($_SESSION[$namespace][$variable])) {
  488. parent::$_expiringData[$namespace][$variable] = $_SESSION[$namespace][$variable];
  489. unset($_SESSION[$namespace][$variable]);
  490. }
  491. unset($_SESSION['__ZF'][$namespace]['ENVGH'][$variable]);
  492. }
  493. }
  494. if (empty($_SESSION['__ZF'][$namespace]['ENVGH'])) {
  495. unset($_SESSION['__ZF'][$namespace]['ENVGH']);
  496. }
  497. }
  498. }
  499. if (isset($namespace) && empty($_SESSION['__ZF'][$namespace])) {
  500. unset($_SESSION['__ZF'][$namespace]);
  501. }
  502. }
  503. if (isset($_SESSION['__ZF']) && empty($_SESSION['__ZF'])) {
  504. unset($_SESSION['__ZF']);
  505. }
  506. }
  507. /**
  508. * isStarted() - convenience method to determine if the session is already started.
  509. *
  510. * @return bool
  511. */
  512. public static function isStarted()
  513. {
  514. return self::$_sessionStarted;
  515. }
  516. /**
  517. * isRegenerated() - convenience method to determine if session_regenerate_id()
  518. * has been called during this request by Zend_Session.
  519. *
  520. * @return bool
  521. */
  522. public static function isRegenerated()
  523. {
  524. return ( (self::$_regenerateIdState > 0) ? true : false );
  525. }
  526. /**
  527. * getId() - get the current session id
  528. *
  529. * @return string
  530. */
  531. public static function getId()
  532. {
  533. return session_id();
  534. }
  535. /**
  536. * setId() - set an id to a user specified id
  537. *
  538. * @throws Zend_Session_Exception
  539. * @param string $id
  540. * @return void
  541. */
  542. public static function setId($id)
  543. {
  544. if (!self::$_unitTestEnabled && defined('SID')) {
  545. /** @see Zend_Session_Exception */
  546. #require_once 'Zend/Session/Exception.php';
  547. throw new Zend_Session_Exception('The session has already been started. The session id must be set first.');
  548. }
  549. if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
  550. /** @see Zend_Session_Exception */
  551. #require_once 'Zend/Session/Exception.php';
  552. throw new Zend_Session_Exception("You must call ".__CLASS__.'::'.__FUNCTION__.
  553. "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
  554. }
  555. if (!is_string($id) || $id === '') {
  556. /** @see Zend_Session_Exception */
  557. #require_once 'Zend/Session/Exception.php';
  558. throw new Zend_Session_Exception('You must provide a non-empty string as a session identifier.');
  559. }
  560. session_id($id);
  561. }
  562. /**
  563. * registerValidator() - register a validator that will attempt to validate this session for
  564. * every future request
  565. *
  566. * @param Zend_Session_Validator_Interface $validator
  567. * @return void
  568. */
  569. public static function registerValidator(Zend_Session_Validator_Interface $validator)
  570. {
  571. $validator->setup();
  572. }
  573. /**
  574. * stop() - Disable write access. Optionally disable read (not implemented).
  575. *
  576. * @return void
  577. */
  578. public static function stop()
  579. {
  580. parent::$_writable = false;
  581. }
  582. /**
  583. * writeClose() - Shutdown the sesssion, close writing and detach $_SESSION from the back-end storage mechanism.
  584. * This will complete the internal data transformation on this request.
  585. *
  586. * @param bool $readonly - OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
  587. * @return void
  588. */
  589. public static function writeClose($readonly = true)
  590. {
  591. if (self::$_unitTestEnabled) {
  592. return;
  593. }
  594. if (self::$_writeClosed) {
  595. return;
  596. }
  597. if ($readonly) {
  598. parent::$_writable = false;
  599. }
  600. session_write_close();
  601. self::$_writeClosed = true;
  602. }
  603. /**
  604. * destroy() - This is used to destroy session data, and optionally, the session cookie itself
  605. *
  606. * @param bool $remove_cookie - OPTIONAL remove session id cookie, defaults to true (remove cookie)
  607. * @param bool $readonly - OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
  608. * @return void
  609. */
  610. public static function destroy($remove_cookie = true, $readonly = true)
  611. {
  612. if (self::$_unitTestEnabled) {
  613. return;
  614. }
  615. if (self::$_destroyed) {
  616. return;
  617. }
  618. if ($readonly) {
  619. parent::$_writable = false;
  620. }
  621. session_destroy();
  622. self::$_destroyed = true;
  623. if ($remove_cookie) {
  624. self::expireSessionCookie();
  625. }
  626. }
  627. /**
  628. * expireSessionCookie() - Sends an expired session id cookie, causing the client to delete the session cookie
  629. *
  630. * @return void
  631. */
  632. public static function expireSessionCookie()
  633. {
  634. if (self::$_unitTestEnabled) {
  635. return;
  636. }
  637. if (self::$_sessionCookieDeleted) {
  638. return;
  639. }
  640. self::$_sessionCookieDeleted = true;
  641. if (isset($_COOKIE[session_name()])) {
  642. $cookie_params = session_get_cookie_params();
  643. setcookie(
  644. session_name(),
  645. false,
  646. 315554400, // strtotime('1980-01-01'),
  647. $cookie_params['path'],
  648. $cookie_params['domain'],
  649. $cookie_params['secure']
  650. );
  651. }
  652. }
  653. /**
  654. * _processValidator() - internal function that is called in the existence of VALID metadata
  655. *
  656. * @throws Zend_Session_Exception
  657. * @return void
  658. */
  659. private static function _processValidators()
  660. {
  661. foreach ($_SESSION['__ZF']['VALID'] as $validator_name => $valid_data) {
  662. if (!class_exists($validator_name)) {
  663. #require_once 'Zend/Loader.php';
  664. Zend_Loader::loadClass($validator_name);
  665. }
  666. $validator = new $validator_name;
  667. if ($validator->validate() === false) {
  668. /** @see Zend_Session_Exception */
  669. #require_once 'Zend/Session/Exception.php';
  670. throw new Zend_Session_Exception("This session is not valid according to {$validator_name}.");
  671. }
  672. }
  673. }
  674. /**
  675. * namespaceIsset() - check to see if a namespace is set
  676. *
  677. * @param string $namespace
  678. * @return bool
  679. */
  680. public static function namespaceIsset($namespace)
  681. {
  682. return parent::_namespaceIsset($namespace);
  683. }
  684. /**
  685. * namespaceUnset() - unset a namespace or a variable within a namespace
  686. *
  687. * @param string $namespace
  688. * @throws Zend_Session_Exception
  689. * @return void
  690. */
  691. public static function namespaceUnset($namespace)
  692. {
  693. parent::_namespaceUnset($namespace);
  694. Zend_Session_Namespace::resetSingleInstance($namespace);
  695. }
  696. /**
  697. * namespaceGet() - get all variables in a namespace
  698. * Deprecated: Use getIterator() in Zend_Session_Namespace.
  699. *
  700. * @param string $namespace
  701. * @return array
  702. */
  703. public static function namespaceGet($namespace)
  704. {
  705. return parent::_namespaceGetAll($namespace);
  706. }
  707. /**
  708. * getIterator() - return an iteratable object for use in foreach and the like,
  709. * this completes the IteratorAggregate interface
  710. *
  711. * @throws Zend_Session_Exception
  712. * @return ArrayObject
  713. */
  714. public static function getIterator()
  715. {
  716. if (parent::$_readable === false) {
  717. /** @see Zend_Session_Exception */
  718. #require_once 'Zend/Session/Exception.php';
  719. throw new Zend_Session_Exception(parent::_THROW_NOT_READABLE_MSG);
  720. }
  721. $spaces = array();
  722. if (isset($_SESSION)) {
  723. $spaces = array_keys($_SESSION);
  724. foreach($spaces as $key => $space) {
  725. if (!strncmp($space, '__', 2) || !is_array($_SESSION[$space])) {
  726. unset($spaces[$key]);
  727. }
  728. }
  729. }
  730. return new ArrayObject(array_merge($spaces, array_keys(parent::$_expiringData)));
  731. }
  732. /**
  733. * isWritable() - returns a boolean indicating if namespaces can write (use setters)
  734. *
  735. * @return bool
  736. */
  737. public static function isWritable()
  738. {
  739. return parent::$_writable;
  740. }
  741. /**
  742. * isReadable() - returns a boolean indicating if namespaces can write (use setters)
  743. *
  744. * @return bool
  745. */
  746. public static function isReadable()
  747. {
  748. return parent::$_readable;
  749. }
  750. }