Home Explore Help
Register Sign In
biodantas
/
gnu-social
forked from diogo/gnu-social
Watch 1
Star 0
Fork 0
Files
Branch: master
Branches Tags
gnu-social
/
lib
/
internalsessionhandler.php

internalsessionhandler.php 6.9 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226 
  1. <?php
    2. 

  2. // This file is part of GNU social - https://www.gnu.org/software/social
    3. 

  3. //
    4. 

  4. // GNU social is free software: you can redistribute it and/or modify
    5. 

  5. // it under the terms of the GNU Affero General Public License as published by
    6. 

  6. // the Free Software Foundation, either version 3 of the License, or
    7. 

  7. // (at your option) any later version.
    8. 

  8. //
    9. 

  9. // GNU social is distributed in the hope that it will be useful,
    10. 

  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. // GNU Affero General Public License for more details.
    13. 

  13. //
    14. 

  14. // You should have received a copy of the GNU Affero General Public License
    15. 

  15. // along with GNU social.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. /**
    18. 

  18.  * GNU social's implementation of SessionHandler
    19. 

  19.  *
    20. 

  20.  * @package   GNUsocial
    21. 

  21.  * @author    Evan Prodromou
    22. 

  22.  * @author    Brion Vibber
    23. 

  23.  * @author    Mikael Nordfeldth
    24. 

  24.  * @author    Sorokin Alexei
    25. 

  25.  * @author    Diogo Cordeiro <diogo@fc.up.pt>
    26. 

  26.  * @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
    27. 

  27.  * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
    28. 

  28.  */
    29. 

  29. 

  30. defined('GNUSOCIAL') || die();
    31. 

  31. 

  32. /**
    33. 

  33.  * Superclass representing the associated interfaces of session handling.
    34. 

  34.  *
    35. 

  35.  * @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
    36. 

  36.  * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
    37. 

  37.  */
    38. 

  38. class InternalSessionHandler implements SessionHandlerInterface
    39. 

  39. {
    40. 

  40.     /**
    41. 

  41.      * A helper function to print a session-related message to the debug log if
    42. 

  42.      * the site session debug configuration option is enabled.
    43. 

  43.      * @param $msg
    44. 

  44.      * @return void
    45. 

  45.      */
    46. 

  46.     public static function logdeb($msg)
    47. 

  47.     {
    48. 

  48.         if (common_config('sessions', 'debug')) {
    49. 

  49.             common_debug("Session: " . $msg);
    50. 

  50.         }
    51. 

  51.     }
    52. 

  52. 

  53.     /**
    54. 

  54.      * Dummy option for saving to file needed for full PHP adherence.
    55. 

  55.      *
    56. 

  56.      * @param $save_path
    57. 

  57.      * @param $session_name
    58. 

  58.      * @return bool true
    59. 

  59.      */
    60. 

  60.     public function open($save_path, $session_name)
    61. 

  61.     {
    62. 

  62.         return true;
    63. 

  63.     }
    64. 

  64. 

  65.     /**
    66. 

  66.      * Dummy option for saving to file needed for full PHP adherence.
    67. 

  67.      *
    68. 

  68.      * @return bool true
    69. 

  69.      */
    70. 

  70.     public function close()
    71. 

  71.     {
    72. 

  72.         return true;
    73. 

  73.     }
    74. 

  74. 

  75.     /**
    76. 

  76.      * Fetch the session data for the session with the given $id.
    77. 

  77.      *
    78. 

  78.      * @param $id
    79. 

  79.      * @return string Returns an encoded string of the read data. If nothing was read, it must return an empty string. Note this value is returned internally to PHP for processing.
    80. 

  80.      */
    81. 

  81.     public function read($id)
    82. 

  82.     {
    83. 

  83.         self::logdeb("Fetching session '$id'.");
    84. 

  84. 

  85.         $session = Session::getKV('id', $id);
    86. 

  86. 

  87.         if (empty($session)) {
    88. 

  88.             self::logdeb("Couldn't find '$id'.");
    89. 

  89.             return '';
    90. 

  90.         } else {
    91. 

  91.             self::logdeb("Found '$id', returning " .
    92. 

  92.                          strlen($session->session_data) .
    93. 

  93.                          " chars of data.");
    94. 

  94.             return (string)$session->session_data;
    95. 

  95.         }
    96. 

  96.     }
    97. 

  97. 

  98.     /**
    99. 

  99.      * Write the session data for session with given $id as $session_data.
    100. 

  100.      *
    101. 

  101.      * @param $id
    102. 

  102.      * @param $session_data
    103. 

  103.      * @return bool Returns TRUE on success or FALSE on failure.
    104. 

  104.      */
    105. 

  105.     public function write($id, $session_data)
    106. 

  106.     {
    107. 

  107.         self::logdeb("Writing session '$id'.");
    108. 

  108. 

  109.         $session = Session::getKV('id', $id);
    110. 

  110. 

  111.         if (empty($session)) {
    112. 

  112.             self::logdeb("'$id' doesn't yet exist; inserting.");
    113. 

  113.             $session = new Session();
    114. 

  114. 

  115.             $session->id = $id;
    116. 

  116.             $session->session_data = $session_data;
    117. 

  117.             $session->created = common_sql_now();
    118. 

  118. 

  119.             $result = $session->insert();
    120. 

  120. 

  121.             if (!$result) {
    122. 

  122.                 common_log_db_error($session, 'INSERT', __FILE__);
    123. 

  123.                 self::logdeb("Failed to insert '$id'.");
    124. 

  124.             } else {
    125. 

  125.                 self::logdeb("Successfully inserted '$id' (result = $result).");
    126. 

  126.             }
    127. 

  127.             return (bool) $result;
    128. 

  128.         } else {
    129. 

  129.             self::logdeb("'$id' already exists; updating.");
    130. 

  130.             if (strcmp($session->session_data, $session_data) == 0) {
    131. 

  131.                 self::logdeb("Not writing session '$id' - unchanged.");
    132. 

  132.                 return true;
    133. 

  133.             } else {
    134. 

  134.                 self::logdeb("Session '$id' data changed - updating.");
    135. 

  135. 

  136.                 // Only update the required field
    137. 

  137.                 $orig = clone($session);
    138. 

  138.                 $session->session_data = $session_data;
    139. 

  139.                 $result = $session->update($orig);
    140. 

  140. 

  141.                 if (!$result) {
    142. 

  142.                     common_log_db_error($session, 'UPDATE', __FILE__);
    143. 

  143.                     self::logdeb("Failed to update '$id'.");
    144. 

  144.                 } else {
    145. 

  145.                     self::logdeb("Successfully updated '$id' (result = $result).");
    146. 

  146.                 }
    147. 

  147. 

  148.                 return (bool) $result;
    149. 

  149.             }
    150. 

  150.         }
    151. 

  151.     }
    152. 

  152. 

  153.     /**
    154. 

  154.      * Find sessions that have persisted beyond $maxlifetime and delete them.
    155. 

  155.      * This will be limited by config['sessions']['gc_limit'] - it won't delete
    156. 

  156.      * more than the number of sessions specified there at a single pass.
    157. 

  157.      *
    158. 

  158.      * @param $maxlifetime
    159. 

  159.      * @return bool Returns TRUE on success or FALSE on failure.
    160. 

  160.      */
    161. 

  161.     public function gc($maxlifetime)
    162. 

  162.     {
    163. 

  163.         self::logdeb("Garbage Collector has now started with maxlifetime = '$maxlifetime'.");
    164. 

  164. 

  165.         $epoch = common_sql_date(time() - $maxlifetime);
    166. 

  166. 

  167.         $ids = [];
    168. 

  168. 

  169.         $session = new Session();
    170. 

  170.         $session->whereAdd('modified < "' . $epoch . '"');
    171. 

  171.         $session->selectAdd();
    172. 

  172.         $session->selectAdd('id');
    173. 

  173. 

  174.         $limit = common_config('sessions', 'gc_limit');
    175. 

  175.         if ($limit > 0) {
    176. 

  176.             // On large sites, too many sessions to expire
    177. 

  177.             // at once will just result in failure.
    178. 

  178.             $session->limit($limit);
    179. 

  179.         }
    180. 

  180. 

  181.         $session->find();
    182. 

  182. 

  183.         while ($session->fetch()) {
    184. 

  184.             $ids[] = $session->id;
    185. 

  185.         }
    186. 

  186. 

  187.         $session->free();
    188. 

  188. 

  189.         self::logdeb("Garbage Collector found " . count($ids) . " ids to delete.");
    190. 

  190. 

  191.         foreach ($ids as $id) {
    192. 

  192.             self::logdeb("Garbage Collector will now delete session '$id'.");
    193. 

  193.             self::destroy($id);
    194. 

  194.         }
    195. 

  195. 

  196.         return true;
    197. 

  197.     }
    198. 

  198. 

  199.     /**
    200. 

  200.      * Deletes session with given id $id.
    201. 

  201.      *
    202. 

  202.      * @param $id
    203. 

  203.      * @return bool Returns TRUE on success or FALSE on failure.
    204. 

  204.      */
    205. 

  205.     public function destroy($id)
    206. 

  206.     {
    207. 

  207.         self::logdeb("Destroying session '$id'.");
    208. 

  208. 

  209.         $session = Session::getKV('id', $id);
    210. 

  210. 

  211.         if (empty($session)) {
    212. 

  212.             self::logdeb("Can't find '$id' to destroy.");
    213. 

  213.             return false;
    214. 

  214.         } else {
    215. 

  215.             $result = $session->delete();
    216. 

  216.             if (!$result) {
    217. 

  217.                 common_log_db_error($session, 'DELETE', __FILE__);
    218. 

  218.                 self::logdeb("Failed to destroy '$id'.");
    219. 

  219.             } else {
    220. 

  220.                 self::logdeb("Successfully destroyed '$id' (result = $result).");
    221. 

  221.             }
    222. 

  222.             return (bool) $result;
    223. 

  223.         }
    224. 

  224.     }
    225. 

  225. }
    226. 

  226.