1: <?php
2:
3: 4: 5: 6: 7: 8: 9: 10: 11:
12:
13:
14:
15: 16: 17: 18: 19: 20:
21: class NSession extends NObject
22: {
23:
24: const DEFAULT_FILE_LIFETIME = 10800;
25:
26:
27: public $verificationKeyGenerator;
28:
29:
30: private $regenerationNeeded;
31:
32:
33: private static $started;
34:
35:
36: private $options = array(
37:
38: 'referer_check' => '',
39: 'use_cookies' => 1,
40: 'use_only_cookies' => 1,
41: 'use_trans_sid' => 0,
42:
43:
44: 'cookie_lifetime' => 0,
45: 'cookie_path' => '/',
46: 'cookie_domain' => '',
47: 'cookie_secure' => FALSE,
48: 'cookie_httponly' => TRUE,
49:
50:
51: 'gc_maxlifetime' => self::DEFAULT_FILE_LIFETIME,
52: 'cache_limiter' => NULL,
53: 'cache_expire' => NULL,
54: 'hash_function' => NULL,
55: 'hash_bits_per_character' => NULL,
56: );
57:
58:
59:
60: 61: 62: 63: 64:
65: public function start()
66: {
67: if (self::$started) {
68: return;
69: }
70:
71:
72:
73: try {
74: $this->configure($this->options);
75: } catch (NotSupportedException $e) {
76:
77: }
78:
79: if (!defined('SID')) {
80: NTools::tryError();
81: session_start();
82: if (NTools::catchError($msg)) {
83: @session_write_close();
84: throw new InvalidStateException($msg);
85: }
86: }
87:
88: self::$started = TRUE;
89: if ($this->regenerationNeeded) {
90: session_regenerate_id(TRUE);
91: $this->regenerationNeeded = FALSE;
92: }
93:
94: 95: 96: 97: 98:
99:
100: unset($_SESSION['__NT'], $_SESSION['__NS'], $_SESSION['__NM']);
101:
102:
103: $nf = & $_SESSION['__NF'];
104: if (empty($nf)) {
105: $nf = array('C' => 0);
106: } else {
107: $nf['C']++;
108: }
109:
110:
111: $browserKey = $this->getHttpRequest()->getCookie('nette-browser');
112: if (!$browserKey) {
113: $browserKey = (string) lcg_value();
114: }
115: $browserClosed = !isset($nf['B']) || $nf['B'] !== $browserKey;
116: $nf['B'] = $browserKey;
117:
118:
119: $this->sendCookie();
120:
121:
122: if (isset($nf['META'])) {
123: $now = time();
124:
125: foreach ($nf['META'] as $namespace => $metadata) {
126: if (is_array($metadata)) {
127: foreach ($metadata as $variable => $value) {
128: if ((!empty($value['B']) && $browserClosed) || (!empty($value['T']) && $now > $value['T'])
129: || ($variable !== '' && is_object($nf['DATA'][$namespace][$variable]) && (isset($value['V']) ? $value['V'] : NULL)
130: !== NClassReflection::from($nf['DATA'][$namespace][$variable])->getAnnotation('serializationVersion'))) {
131:
132: if ($variable === '') {
133: unset($nf['META'][$namespace], $nf['DATA'][$namespace]);
134: continue 2;
135: }
136: unset($nf['META'][$namespace][$variable], $nf['DATA'][$namespace][$variable]);
137: }
138: }
139: }
140: }
141: }
142:
143: register_shutdown_function(array($this, 'clean'));
144: }
145:
146:
147:
148: 149: 150: 151:
152: public function isStarted()
153: {
154: return (bool) self::$started;
155: }
156:
157:
158:
159: 160: 161: 162:
163: public function close()
164: {
165: if (self::$started) {
166: $this->clean();
167: session_write_close();
168: self::$started = FALSE;
169: }
170: }
171:
172:
173:
174: 175: 176: 177:
178: public function destroy()
179: {
180: if (!self::$started) {
181: throw new InvalidStateException('Session is not started.');
182: }
183:
184: session_destroy();
185: $_SESSION = NULL;
186: self::$started = FALSE;
187: if (!$this->getHttpResponse()->isSent()) {
188: $params = session_get_cookie_params();
189: $this->getHttpResponse()->deleteCookie(session_name(), $params['path'], $params['domain'], $params['secure']);
190: }
191: }
192:
193:
194:
195: 196: 197: 198:
199: public function exists()
200: {
201: return self::$started || $this->getHttpRequest()->getCookie(session_name()) !== NULL;
202: }
203:
204:
205:
206: 207: 208: 209: 210:
211: public function regenerateId()
212: {
213: if (self::$started) {
214: if (headers_sent($file, $line)) {
215: throw new InvalidStateException("Cannot regenerate session ID after HTTP headers have been sent" . ($file ? " (output started at $file:$line)." : "."));
216: }
217: session_regenerate_id(TRUE);
218:
219: } else {
220: $this->regenerationNeeded = TRUE;
221: }
222: }
223:
224:
225:
226: 227: 228: 229:
230: public function getId()
231: {
232: return session_id();
233: }
234:
235:
236:
237: 238: 239: 240: 241:
242: public function setName($name)
243: {
244: if (!is_string($name) || !preg_match('#[^0-9.][^.]*$#A', $name)) {
245: throw new InvalidArgumentException('Session name must be a string and cannot contain dot.');
246: }
247:
248: session_name($name);
249: return $this->setOptions(array(
250: 'name' => $name,
251: ));
252: }
253:
254:
255:
256: 257: 258: 259:
260: public function getName()
261: {
262: return session_name();
263: }
264:
265:
266:
267:
268:
269:
270:
271: 272: 273: 274: 275: 276: 277:
278: public function getNamespace($namespace, $class = 'NSessionNamespace')
279: {
280: if (!is_string($namespace) || $namespace === '') {
281: throw new InvalidArgumentException('Session namespace must be a non-empty string.');
282: }
283:
284: if (!self::$started) {
285: $this->start();
286: }
287:
288: return new $class($_SESSION['__NF']['DATA'][$namespace], $_SESSION['__NF']['META'][$namespace]);
289: }
290:
291:
292:
293: 294: 295: 296: 297:
298: public function hasNamespace($namespace)
299: {
300: if ($this->exists() && !self::$started) {
301: $this->start();
302: }
303:
304: return !empty($_SESSION['__NF']['DATA'][$namespace]);
305: }
306:
307:
308:
309: 310: 311: 312:
313: public function getIterator()
314: {
315: if ($this->exists() && !self::$started) {
316: $this->start();
317: }
318:
319: if (isset($_SESSION['__NF']['DATA'])) {
320: return new ArrayIterator(array_keys($_SESSION['__NF']['DATA']));
321:
322: } else {
323: return new ArrayIterator;
324: }
325: }
326:
327:
328:
329: 330: 331: 332:
333: public function clean()
334: {
335: if (!self::$started || empty($_SESSION)) {
336: return;
337: }
338:
339: $nf = & $_SESSION['__NF'];
340: if (isset($nf['META']) && is_array($nf['META'])) {
341: foreach ($nf['META'] as $name => $foo) {
342: if (empty($nf['META'][$name])) {
343: unset($nf['META'][$name]);
344: }
345: }
346: }
347:
348: if (empty($nf['META'])) {
349: unset($nf['META']);
350: }
351:
352: if (empty($nf['DATA'])) {
353: unset($nf['DATA']);
354: }
355:
356: if (empty($_SESSION)) {
357:
358: }
359: }
360:
361:
362:
363:
364:
365:
366:
367: 368: 369: 370: 371: 372: 373:
374: public function setOptions(array $options)
375: {
376: if (self::$started) {
377: $this->configure($options);
378: }
379: $this->options = $options + $this->options;
380: if (!empty($options['auto_start'])) {
381: $this->start();
382: }
383: return $this;
384: }
385:
386:
387:
388: 389: 390: 391:
392: public function getOptions()
393: {
394: return $this->options;
395: }
396:
397:
398:
399: 400: 401: 402: 403:
404: private function configure(array $config)
405: {
406: $special = array('cache_expire' => 1, 'cache_limiter' => 1, 'save_path' => 1, 'name' => 1);
407:
408: foreach ($config as $key => $value) {
409: if (!strncmp($key, 'session.', 8)) {
410: $key = substr($key, 8);
411: }
412:
413: if ($value === NULL || ini_get("session.$key") == $value) {
414: continue;
415:
416: } elseif (strncmp($key, 'cookie_', 7) === 0) {
417: if (!isset($cookie)) {
418: $cookie = session_get_cookie_params();
419: }
420: $cookie[substr($key, 7)] = $value;
421:
422: } else {
423: if (defined('SID')) {
424: throw new InvalidStateException("Unable to set 'session.$key' to value '$value' when session has been started by session.auto_start or session_start().");
425: }
426: if (isset($special[$key])) {
427: $key = "session_$key";
428: $key($value);
429:
430: } elseif (function_exists('ini_set')) {
431: ini_set("session.$key", $value);
432:
433: } else {
434:
435: }
436: }
437: }
438:
439: if (isset($cookie)) {
440: session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure'], $cookie['httponly']);
441: if (self::$started) {
442: $this->sendCookie();
443: }
444: }
445: }
446:
447:
448:
449: 450: 451: 452: 453:
454: public function setExpiration($time)
455: {
456: if (empty($time)) {
457: return $this->setOptions(array(
458: 'gc_maxlifetime' => self::DEFAULT_FILE_LIFETIME,
459: 'cookie_lifetime' => 0,
460: ));
461:
462: } else {
463: $time = NDateTime53::from($time)->format('U') - time();
464: return $this->setOptions(array(
465: 'gc_maxlifetime' => $time,
466: 'cookie_lifetime' => $time,
467: ));
468: }
469: }
470:
471:
472:
473: 474: 475: 476: 477: 478: 479:
480: public function setCookieParams($path, $domain = NULL, $secure = NULL)
481: {
482: return $this->setOptions(array(
483: 'cookie_path' => $path,
484: 'cookie_domain' => $domain,
485: 'cookie_secure' => $secure
486: ));
487: }
488:
489:
490:
491: 492: 493: 494:
495: public function getCookieParams()
496: {
497: return session_get_cookie_params();
498: }
499:
500:
501:
502: 503: 504: 505:
506: public function setSavePath($path)
507: {
508: return $this->setOptions(array(
509: 'save_path' => $path,
510: ));
511: }
512:
513:
514:
515: 516: 517: 518:
519: private function sendCookie()
520: {
521: $cookie = $this->getCookieParams();
522: $this->getHttpResponse()->setCookie(session_name(), session_id(), $cookie['lifetime'] ? $cookie['lifetime'] + time() : 0, $cookie['path'], $cookie['domain'], $cookie['secure'], $cookie['httponly']);
523: $this->getHttpResponse()->setCookie('nette-browser', $_SESSION['__NF']['B'], NHttpResponse::BROWSER, $cookie['path'], $cookie['domain']);
524: }
525:
526:
527:
528:
529:
530:
531:
532: 533: 534:
535: protected function getHttpRequest()
536: {
537: return NEnvironment::getHttpRequest();
538: }
539:
540:
541:
542: 543: 544:
545: protected function getHttpResponse()
546: {
547: return NEnvironment::getHttpResponse();
548: }
549:
550: }
551: