FishEye: file osCommerce/trunk/oscommerce/includes/classes/session.php

Annotated File View

hpdl	1	1	<?php
hpdl	1	2	/*
mattice	151	3	$Id: session.php 1498 2007-03-29 14:04:50Z hpdl $
hpdl	1	4
		5	osCommerce, Open Source E-Commerce Solutions
		6	http://www.oscommerce.com
		7
hpdl	368	8	Copyright (c) 2005 osCommerce
hpdl	1	9
hpdl	1498	10	This program is free software; you can redistribute it and/or modify
		11	it under the terms of the GNU General Public License v2 (1991)
		12	as published by the Free Software Foundation.
hpdl	1	13	*/
		14
		15	class osC_Session {
		16
		17	/* Private variables */
hpdl	368	18	var $_cookie_parameters,
		19	$_is_started = false,
		20	$_id,
		21	$_name,
		22	$_save_path;
hpdl	1	23
hpdl	1	24	// class constructor
hpdl	368	25	function osC_Session($name = 'sid') {
hpdl	368	26	$this->setName($name);
hpdl	1	27	$this->setSavePath(DIR_FS_WORK);
		28	$this->setCookieParameters();
		29
		30	if (STORE_SESSIONS == 'mysql') {
		31	session_set_save_handler(array(&$this, '_open'),
		32	array(&$this, '_close'),
		33	array(&$this, '_read'),
		34	array(&$this, '_write'),
		35	array(&$this, '_destroy'),
		36	array(&$this, '_gc'));
hpdl	1107	37
hpdl	1107	38	register_shutdown_function('session_write_close');
hpdl	1	39	}
		40	}
		41
		42	// class methods
		43	function start() {
		44	$sane_session_id = true;
		45
hpdl	368	46	if (isset($_GET[$this->_name]) && (empty($_GET[$this->_name]) \|\| (ctype_alnum($_GET[$this->_name]) === false))) {
		47	$sane_session_id = false;
		48	} elseif (isset($_POST[$this->_name]) && (empty($_POST[$this->_name]) \|\| (ctype_alnum($_POST[$this->_name]) === false))) {
		49	$sane_session_id = false;
		50	} elseif (isset($_COOKIE[$this->_name]) && (empty($_COOKIE[$this->_name]) \|\| (ctype_alnum($_COOKIE[$this->_name]) === false))) {
		51	$sane_session_id = false;
		52	}
hpdl	1	53
hpdl	368	54	if ($sane_session_id === false) {
		55	if (isset($_COOKIE[$this->_name])) {
		56	setcookie($this->getName(), '', time()-42000, $this->getCookieParameters('path'), $this->getCookieParameters('domain'));
hpdl	1	57	}
hpdl	1	58
hpdl	757	59	osc_redirect(osc_href_link(FILENAME_DEFAULT, null, 'NONSSL', false));
hpdl	1	60	} elseif (session_start()) {
		61	$this->setStarted(true);
		62	$this->setID();
		63
		64	return true;
		65	}
		66
		67	return false;
		68	}
		69
hpdl	368	70	function hasStarted() {
hpdl	368	71	return $this->_is_started;
hpdl	1	72	}
		73
		74	function close() {
hpdl	368	75	return session_write_close();
hpdl	1	76	}
		77
		78	function destroy() {
hpdl	368	79	if (isset($_COOKIE[$this->_name])) {
hpdl	368	80	unset($_COOKIE[$this->_name]);
hpdl	1	81	}
		82
		83	if (STORE_SESSIONS == '') {
hpdl	368	84	if (file_exists($this->_save_path . $this->_id)) {
hpdl	368	85	@unlink($this->_save_path . $this->_id);
hpdl	1	86	}
		87	}
		88
		89	return session_destroy();
		90	}
		91
		92	function recreate() {
		93	$session_backup = $_SESSION;
		94
		95	$this->destroy();
		96
		97	$this->osC_Session();
		98
		99	$this->start();
		100
		101	$_SESSION = $session_backup;
		102
		103	unset($session_backup);
		104	}
		105
		106	function getSavePath() {
hpdl	368	107	return $this->_save_path;
hpdl	1	108	}
hpdl	1	109
hpdl	368	110	function getID() {
		111	return $this->_id;
		112	}
		113
		114	function getName() {
		115	return $this->_name;
		116	}
		117
hpdl	1	118	function setName($name) {
		119	session_name($name);
		120
hpdl	368	121	$this->_name = session_name();
hpdl	1	122	}
		123
		124	function setID() {
hpdl	368	125	$this->_id = session_id();
hpdl	1	126	}
		127
		128	function setSavePath($path) {
		129	if (substr($path, -1) == '/') {
		130	$path = substr($path, 0, -1);
		131	}
		132
		133	session_save_path($path);
		134
hpdl	368	135	$this->_save_path = session_save_path();
hpdl	1	136	}
		137
		138	function setStarted($state) {
hpdl	368	139	if ($state === true) {
hpdl	368	140	$this->_is_started = true;
hpdl	1	141	} else {
hpdl	368	142	$this->_is_started = false;
hpdl	1	143	}
		144	}
		145
		146	function setCookieParameters($lifetime = 0, $path = false, $domain = false, $secure = false) {
		147	global $request_type;
		148
		149	if ($path === false) {
		150	$path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH);
		151	}
		152
		153	if ($domain === false) {
		154	$domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN);
		155	}
		156
		157	return session_set_cookie_params($lifetime, $path, $domain, $secure);
		158	}
		159
		160	function getCookieParameters($key = '') {
		161	if (isset($this->_cookie_parameters) === false) {
		162	$this->_cookie_parameters = session_get_cookie_params();
		163	}
		164
		165	if (isset($this->_cookie_parameters[$key])) {
		166	return $this->_cookie_parameters[$key];
		167	}
		168
		169	return $this->_cookie_parameters;
		170	}
		171
		172	function _open() {
		173	return true;
		174	}
		175
		176	function _close() {
		177	return true;
		178	}
		179
		180	function _read($key) {
		181	global $osC_Database;
		182
		183	$Qsession = $osC_Database->query('select value from :table_sessions where sesskey = :sesskey and expiry > :expiry');
		184	$Qsession->bindRaw(':table_sessions', TABLE_SESSIONS);
		185	$Qsession->bindValue(':sesskey', $key);
		186	$Qsession->bindRaw(':expiry', time());
		187	$Qsession->execute();
		188
		189	if ($Qsession->numberOfRows() > 0) {
		190	$value = $Qsession->value('value');
		191
		192	$Qsession->freeResult();
		193
		194	return $value;
		195	}
		196
		197	return false;
		198	}
		199
		200	function _write($key, $value) {
		201	global $osC_Database;
		202
		203	if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
		204	$SESS_LIFE = 1440;
		205	}
		206
207	$expiry = time() + $SESS_LIFE;
208
209	$Qsession = $osC_Database->query('select count(*) as total from :table_sessions where sesskey = :sesskey');
210	$Qsession->bindRaw(':table_sessions', TABLE_SESSIONS);
211	$Qsession->bindValue(':sesskey', $key);
212	$Qsession->execute();
213
214	if ($Qsession->valueInt('total') > 0) {
215	$Qsession = $osC_Database->query('update :table_sessions set expiry = :expiry, value = :value where sesskey = :sesskey');
216	} else {
217	$Qsession = $osC_Database->query('insert into :table_sessions values (:sesskey, :expiry, :value)');
218	}
219	$Qsession->bindRaw(':table_sessions', TABLE_SESSIONS);
220	$Qsession->bindValue(':sesskey', $key);
221	$Qsession->bindValue(':expiry', $expiry);
222	$Qsession->bindValue(':value', $value);
223
224	if ($Qsession->execute()) {
225	$write = true;
226	} else {
227	$write = false;
228	}
229
230	$Qsession->freeResult();
231
232	return $write;
233	}
234
235	function _destroy($key) {
236	global $osC_Database;
237
238	$Qsession = $osC_Database->query('delete from :table_sessions where sesskey = :sesskey');
239	$Qsession->bindRaw(':table_sessions', TABLE_SESSIONS);
240	$Qsession->bindValue(':sesskey', $key);
241	$Qsession->execute();
242
243	$Qsession->freeResult();
244	}
245
246	function _gc($maxlifetime) {
247	global $osC_Database;
248
249	$Qsession = $osC_Database->query('delete from :table_sessions where expiry < :expiry');
250	$Qsession->bindRaw(':table_sessions', TABLE_SESSIONS);
251	$Qsession->bindValue(':expiry', time());
252	$Qsession->execute();
253
254	$Qsession->freeResult();
255	}
256	}
257	?>

FishEye

View

Diff

Annotations

Annotated File View