PageRenderTime 56ms CodeModel.GetById 29ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/vendor/symfony/lib/storage/sfCacheSessionStorage.class.php

https://github.com/openpne/OpenPNE3
PHP | 290 lines | 165 code | 34 blank | 91 comment | 18 complexity | ae56002a05bb4cc09be5c22f0d9acee6 MD5 | raw file
Possible License(s): Apache-2.0, LGPL-2.1 
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * sfCacheSessionStorage manages session storage via a signed cookie and cache backend.
    5. 

  5.  *
    6. 

  6.  * This class stores the session data in via sfCache instance and with an id issued in a
    7. 

  7.  * signed cookie. Useful when you don't want to store the session.
    8. 

  8.  *
    9. 

  9.  * @package    symfony
    10. 

  10.  * @subpackage storage
    11. 

  11.  * @author     Dustin Whittle <dustin.whittle@symfony-project.com>
    12. 

  12.  */
    13. 

  13. class sfCacheSessionStorage extends sfStorage
    14. 

  14. {
    15. 

  15.   protected
    16. 

  16.     $id          = null,
    17. 

  17.     $context     = null,
    18. 

  18.     $dispatcher  = null,
    19. 

  19.     $request     = null,
    20. 

  20.     $response    = null,
    21. 

  21.     $cache       = null,
    22. 

  22.     $data        = array(),
    23. 

  23.     $dataChanged = false;
    24. 

  24. 

  25.   /**
    26. 

  26.    * Initialize this Storage.
    27. 

  27.    *
    28. 

  28.    * @param array $options  An associative array of initialization parameters.
    29. 

  29.    *                        session_name [required] name of session to use
    30. 

  30.    *                        session_cookie_path [required] cookie path
    31. 

  31.    *                        session_cookie_domain [required] cookie domain
    32. 

  32.    *                        session_cookie_lifetime [required] liftime of cookie
    33. 

  33.    *                        session_cookie_secure [required] send only if secure connection
    34. 

  34.    *                        session_cookie_http_only [required] accessible only via http protocol
    35. 

  35.    *
    36. 

  36.    * @return bool true, when initialization completes successfully.
    37. 

  37.    *
    38. 

  38.    * @throws <b>sfInitializationException</b> If an error occurs while initializing this Storage.
    39. 

  39.    */
    40. 

  40.   public function initialize($options = array())
    41. 

  41.   {
    42. 

  42.     // initialize parent
    43. 

  43. 

  44.     // bc with a slightly different name formerly used here, let's be
    45. 

  45.     // compatible with the base class name for it from here on out
    46. 

  46.     if (isset($options['session_cookie_http_only']))
    47. 

  47.     {
    48. 

  48.       $options['session_cookie_httponly'] = $options['session_cookie_http_only'];
    49. 

  49.     }
    50. 

  50. 

  51.     parent::initialize(array_merge(array('session_name' => 'sfproject',
    52. 

  52.                                          'session_cookie_lifetime' => '+30 days',
    53. 

  53.                                          'session_cookie_path' => '/',
    54. 

  54.                                          'session_cookie_domain' => null,
    55. 

  55.                                          'session_cookie_secure' => false,
    56. 

  56.                                          'session_cookie_httponly' => true,
    57. 

  57.                                          'session_cookie_secret' => 'sf$ecret'), $options));
    58. 

  58. 

  59.     // create cache instance
    60. 

  60.     if (isset($this->options['cache']) && $this->options['cache']['class'])
    61. 

  61.     {
    62. 

  62.       $this->cache = new $this->options['cache']['class'](is_array($this->options['cache']['param']) ? $this->options['cache']['param'] : array());
    63. 

  63.     }
    64. 

  64.     else
    65. 

  65.     {
    66. 

  66.       throw new InvalidArgumentException('sfCacheSessionStorage requires cache option.');
    67. 

  67.     }
    68. 

  68. 

  69.     $this->context     = sfContext::getInstance();
    70. 

  70. 

  71.     $this->dispatcher  = $this->context->getEventDispatcher();
    72. 

  72.     $this->request     = $this->context->getRequest();
    73. 

  73.     $this->response    = $this->context->getResponse();
    74. 

  74. 

  75.     $cookie = $this->request->getCookie($this->options['session_name']);
    76. 

  76. 

  77.     if(strpos($cookie, ':') !== false)
    78. 

  78.     {
    79. 

  79.       // split cookie data id:signature(id+secret)
    80. 

  80.       list($id, $signature) = explode(':', $cookie, 2);
    81. 

  81. 

  82.       if($signature == sha1($id.':'.$this->options['session_cookie_secret']))
    83. 

  83.       {
    84. 

  84.         // cookie is valid
    85. 

  85.         $this->id = $id;
    86. 

  86.       }
    87. 

  87.       else
    88. 

  88.       {
    89. 

  89.         // cookie signature broken
    90. 

  90.         $this->id = null;
    91. 

  91.       }
    92. 

  92.     }
    93. 

  93.     else
    94. 

  94.     {
    95. 

  95.       // cookie format wrong
    96. 

  96.       $this->id = null;
    97. 

  97.     }
    98. 

  98. 

  99.     if(empty($this->id))
    100. 

  100.     {
    101. 

  101.        $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'localhost';
    102. 

  102.        $ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'ua';
    103. 

  103. 

  104.        // generate new id based on random # / ip / user agent / secret
    105. 

  105.        $this->id = md5(mt_rand(0, 999999).$ip.$ua.$this->options['session_cookie_secret']);
    106. 

  106. 

  107.        if(sfConfig::get('sf_logging_enabled'))
    108. 

  108.        {
    109. 

  109.          $this->dispatcher->notify(new sfEvent($this, 'application.log', array('New session created')));
    110. 

  110.        }
    111. 

  111. 

  112.        // only send cookie when id is issued
    113. 

  113.        $this->response->setCookie($this->options['session_name'],
    114. 

  114.                                   $this->id.':'.sha1($this->id.':'.$this->options['session_cookie_secret']),
    115. 

  115.                                   $this->options['session_cookie_lifetime'],
    116. 

  116.                                   $this->options['session_cookie_path'],
    117. 

  117.                                   $this->options['session_cookie_domain'],
    118. 

  118.                                   $this->options['session_cookie_secure'],
    119. 

  119.                                   $this->options['session_cookie_httponly']);
    120. 

  120. 

  121.        $this->data = array();
    122. 

  122.     }
    123. 

  123.     else
    124. 

  124.     {
    125. 

  125.       // load data from cache. Watch out for the default case. We could
    126. 

  126.       // serialize(array()) as the default to the call but that would be a performance hit
    127. 

  127.       $raw = $this->cache->get($this->id, null);
    128. 

  128.       if (null === $raw)
    129. 

  129.       {
    130. 

  130.         $this->data = array();
    131. 

  131.       }
    132. 

  132.       else
    133. 

  133.       {
    134. 

  134.         $data = @unserialize($raw);
    135. 

  135.         // We test 'b:0' special case, because such a string would result
    136. 

  136.         // in $data being === false, while raw is serialized
    137. 

  137.         // see http://stackoverflow.com/questions/1369936/check-to-see-if-a-string-is-serialized
    138. 

  138.         if ( $raw === 'b:0;' || $data !== false)
    139. 

  139.         {
    140. 

  140.           $this->data = $data;
    141. 

  141.         }
    142. 

  142.         else
    143. 

  143.         {
    144. 

  144.           // Probably an old cached value (BC)
    145. 

  145.           $this->data = $raw;
    146. 

  146.         }
    147. 

  147.       }
    148. 

  148. 

  149.       if(sfConfig::get('sf_logging_enabled'))
    150. 

  150.       {
    151. 

  151.         $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Restored previous session')));
    152. 

  152.       }
    153. 

  153.     }
    154. 

  154.     session_id($this->id);
    155. 

  155.     $this->response->addCacheControlHttpHeader('private');
    156. 

  156. 

  157.     return true;
    158. 

  158.   }
    159. 

  159. 

  160.   /**
    161. 

  161.    * Write data to this storage.
    162. 

  162.    *
    163. 

  163.    * The preferred format for a key is directory style so naming conflicts can be avoided.
    164. 

  164.    *
    165. 

  165.    * @param string $key  A unique key identifying your data.
    166. 

  166.    * @param mixed  $data Data associated with your key.
    167. 

  167.    *
    168. 

  168.    * @return void
    169. 

  169.    */
    170. 

  170.   public function write($key, $data)
    171. 

  171.   {
    172. 

  172.     $this->dataChanged = true;
    173. 

  173. 

  174.     $this->data[$key] =& $data;
    175. 

  175.   }
    176. 

  176. 

  177.   /**
    178. 

  178.    * Read data from this storage.
    179. 

  179.    *
    180. 

  180.    * The preferred format for a key is directory style so naming conflicts can be avoided.
    181. 

  181.    *
    182. 

  182.    * @param string $key A unique key identifying your data.
    183. 

  183.    *
    184. 

  184.    * @return mixed Data associated with the key.
    185. 

  185.    */
    186. 

  186.   public function read($key)
    187. 

  187.   {
    188. 

  188.     $retval = null;
    189. 

  189. 

  190.     if (isset($this->data[$key]))
    191. 

  191.     {
    192. 

  192.       $retval =& $this->data[$key];
    193. 

  193.     }
    194. 

  194. 

  195.     return $retval;
    196. 

  196.   }
    197. 

  197. 

  198.   /**
    199. 

  199.    * Remove data from this storage.
    200. 

  200.    *
    201. 

  201.    * The preferred format for a key is directory style so naming conflicts can be avoided.
    202. 

  202.    *
    203. 

  203.    * @param string $key A unique key identifying your data.
    204. 

  204.    *
    205. 

  205.    * @return mixed Data associated with the key.
    206. 

  206.    */
    207. 

  207.   public function remove($key)
    208. 

  208.   {
    209. 

  209.     $retval = null;
    210. 

  210. 

  211.     if (isset($this->data[$key]))
    212. 

  212.     {
    213. 

  213.       $this->dataChanged = true;
    214. 

  214. 

  215.       $retval =& $this->data[$key];
    216. 

  216.       unset($this->data[$key]);
    217. 

  217.     }
    218. 

  218. 

  219.     return $retval;
    220. 

  220.   }
    221. 

  221. 

  222.   /**
    223. 

  223.    * Regenerates id that represents this storage.
    224. 

  224.    *
    225. 

  225.    * @param boolean $destroy Destroy session when regenerating?
    226. 

  226.    *
    227. 

  227.    * @return boolean True if session regenerated, false if error
    228. 

  228.    *
    229. 

  229.    * @throws <b>sfStorageException</b> If an error occurs while regenerating this storage
    230. 

  230.    */
    231. 

  231.   public function regenerate($destroy = false)
    232. 

  232.   {
    233. 

  233.     if($destroy)
    234. 

  234.     {
    235. 

  235.       $this->data = array();
    236. 

  236.       $this->cache->remove($this->id);
    237. 

  237.     }
    238. 

  238. 

  239.     // generate session id
    240. 

  240.     $ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'ua';
    241. 

  241. 

  242.     $this->id = md5(mt_rand(0, 999999).$_SERVER['REMOTE_ADDR'].$ua.$this->options['session_cookie_secret']);
    243. 

  243. 

  244.     // save data to cache
    245. 

  245.     $this->cache->set($this->id, serialize($this->data));
    246. 

  246. 

  247.     // update session id in signed cookie
    248. 

  248.     $this->response->setCookie($this->options['session_name'],
    249. 

  249.                                $this->id.':'.sha1($this->id.':'.$this->options['session_cookie_secret']),
    250. 

  250.                                $this->options['session_cookie_lifetime'],
    251. 

  251.                                $this->options['session_cookie_path'],
    252. 

  252.                                $this->options['session_cookie_domain'],
    253. 

  253.                                $this->options['session_cookie_secure'],
    254. 

  254.                                $this->options['session_cookie_httponly']);
    255. 

  255.     session_id($this->id);
    256. 

  256.     return true;
    257. 

  257.   }
    258. 

  258. 

  259.   /**
    260. 

  260.    * Expires the session storage instance.
    261. 

  261.    */
    262. 

  262.   public function expire()
    263. 

  263.   {
    264. 

  264.     // destroy data and regenerate id
    265. 

  265.     $this->regenerate(true);
    266. 

  266. 

  267.     if(sfConfig::get('sf_logging_enabled'))
    268. 

  268.     {
    269. 

  269.       $this->dispatcher->notify(new sfEvent($this, 'application.log', array('new session created due to expiraton')));
    270. 

  270.     }
    271. 

  271.   }
    272. 

  272. 

  273.   /**
    274. 

  274.    * Executes the shutdown procedure.
    275. 

  275.    *
    276. 

  276.    * @throws <b>sfStorageException</b> If an error occurs while shutting down this storage
    277. 

  277.    */
    278. 

  278.   public function shutdown()
    279. 

  279.   {
    280. 

  280.     // only update cache if session has changed
    281. 

  281.     if($this->dataChanged === true)
    282. 

  282.     {
    283. 

  283.       $this->cache->set($this->id, serialize($this->data));
    284. 

  284.       if(sfConfig::get('sf_logging_enabled'))
    285. 

  285.       {
    286. 

  286.         $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Storing session to cache')));
    287. 

  287.       }
    288. 

  288.     }
    289. 

  289.   }
    290. 

  290. }
    291. 

  291.