Open Journal Systems  3.3.0
AbstractSessionHandler.php
1 <?php
2 
3 /*
4  * This file is part of the Symfony package.
5  *
6  * (c) Fabien Potencier <fabien@symfony.com>
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11 
12 namespace Symfony\Component\HttpFoundation\Session\Storage\Handler;
13 
14 use Symfony\Component\HttpFoundation\Session\SessionUtils;
15 
23 abstract class AbstractSessionHandler implements \SessionHandlerInterface, \SessionUpdateTimestampHandlerInterface
24 {
25  private $sessionName;
26  private $prefetchId;
27  private $prefetchData;
28  private $newSessionId;
29  private $igbinaryEmptyData;
30 
34  public function open($savePath, $sessionName)
35  {
36  $this->sessionName = $sessionName;
37  if (!headers_sent() && !ini_get('session.cache_limiter') && '0' !== ini_get('session.cache_limiter')) {
38  header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
39  }
40 
41  return true;
42  }
43 
49  abstract protected function doRead($sessionId);
50 
57  abstract protected function doWrite($sessionId, $data);
58 
64  abstract protected function doDestroy($sessionId);
65 
69  public function validateId($sessionId)
70  {
71  $this->prefetchData = $this->read($sessionId);
72  $this->prefetchId = $sessionId;
73 
74  if (\PHP_VERSION_ID < 70317 || (70400 <= \PHP_VERSION_ID && \PHP_VERSION_ID < 70405)) {
75  // work around https://bugs.php.net/79413
76  foreach (debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS) as $frame) {
77  if (!isset($frame['class']) && isset($frame['function']) && \in_array($frame['function'], ['session_regenerate_id', 'session_create_id'], true)) {
78  return '' === $this->prefetchData;
79  }
80  }
81  }
82 
83  return '' !== $this->prefetchData;
84  }
85 
89  public function read($sessionId)
90  {
91  if (null !== $this->prefetchId) {
92  $prefetchId = $this->prefetchId;
93  $prefetchData = $this->prefetchData;
94  $this->prefetchId = $this->prefetchData = null;
95 
96  if ($prefetchId === $sessionId || '' === $prefetchData) {
97  $this->newSessionId = '' === $prefetchData ? $sessionId : null;
98 
99  return $prefetchData;
100  }
101  }
102 
103  $data = $this->doRead($sessionId);
104  $this->newSessionId = '' === $data ? $sessionId : null;
105 
106  return $data;
107  }
108 
112  public function write($sessionId, $data)
113  {
114  if (null === $this->igbinaryEmptyData) {
115  // see https://github.com/igbinary/igbinary/issues/146
116  $this->igbinaryEmptyData = \function_exists('igbinary_serialize') ? igbinary_serialize([]) : '';
117  }
118  if ('' === $data || $this->igbinaryEmptyData === $data) {
119  return $this->destroy($sessionId);
120  }
121  $this->newSessionId = null;
122 
123  return $this->doWrite($sessionId, $data);
124  }
125 
129  public function destroy($sessionId)
130  {
131  if (!headers_sent() && filter_var(ini_get('session.use_cookies'), FILTER_VALIDATE_BOOLEAN)) {
132  if (!$this->sessionName) {
133  throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', static::class));
134  }
135  $cookie = SessionUtils::popSessionCookie($this->sessionName, $sessionId);
136 
137  /*
138  * We send an invalidation Set-Cookie header (zero lifetime)
139  * when either the session was started or a cookie with
140  * the session name was sent by the client (in which case
141  * we know it's invalid as a valid session cookie would've
142  * started the session).
143  */
144  if (null === $cookie || isset($_COOKIE[$this->sessionName])) {
145  if (\PHP_VERSION_ID < 70300) {
146  setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN));
147  } else {
148  $params = session_get_cookie_params();
149  unset($params['lifetime']);
150  setcookie($this->sessionName, '', $params);
151  }
152  }
153  }
154 
155  return $this->newSessionId === $sessionId || $this->doDestroy($sessionId);
156  }
157 }
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\doRead
doRead($sessionId)
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\doWrite
doWrite($sessionId, $data)
Symfony\Component\HttpFoundation\Session\SessionUtils
Definition: SessionUtils.php:22
Symfony\Component\HttpFoundation\Session\SessionUtils\popSessionCookie
static popSessionCookie(string $sessionName, string $sessionId)
Definition: SessionUtils.php:28
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\write
write($sessionId, $data)
Definition: AbstractSessionHandler.php:112
Symfony\Component\HttpFoundation\Session\Storage\Handler
Definition: lib/vendor/symfony/http-foundation/Session/Storage/Handler/MemcachedSessionHandler.php:12
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\doDestroy
doDestroy($sessionId)
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\validateId
validateId($sessionId)
Definition: AbstractSessionHandler.php:69
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\open
open($savePath, $sessionName)
Definition: AbstractSessionHandler.php:34
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\read
read($sessionId)
Definition: AbstractSessionHandler.php:89
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler\destroy
destroy($sessionId)
Definition: AbstractSessionHandler.php:129
Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler
Definition: AbstractSessionHandler.php:23