Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 7474a6799b44e4988b6a7a4adcc2901ec0b993b4^! / . / system / libraries / Session / drivers / Session_redis_driver.php
commit7474a6799b44e4988b6a7a4adcc2901ec0b993b4[log] [tgz]
authorAndrey Andreev <narf@devilix.net>Fri Oct 31 23:35:32 2014 +0200
committerAndrey Andreev <narf@devilix.net>Fri Oct 31 23:35:32 2014 +0200
tree6873bef76c1efec9e72cb1a25e8fe08a385fbcf1
parentc6e50989480d5e9a9847177b8dc7cefa6559329a [diff] [blame]
#3073 (feature/session): Fix session_regenerate_id() issues

diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index ef18def..bc6150d 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php

@@ -135,6 +135,9 @@
 	{
 		if (isset($this->_redis) && $this->_get_lock($session_id))
 		{
+			// Needed by write() to detect session_regenerate_id() calls
+			$this->_session_id = $session_id;
+
 			$session_data = (string) $this->_redis->get($this->_key_prefix.$session_id);
 			$this->_fingerprint = md5($session_data);
 			return $session_data;
@@ -145,7 +148,23 @@
 
 	public function write($session_id, $session_data)
 	{
-		if (isset($this->_redis, $this->_lock_key))
+		if ( ! isset($this->_redis))
+		{
+			return FALSE;
+		}
+		// Was the ID regenerated?
+		elseif ($session_id !== $this->_session_id)
+		{
+			if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
+			{
+				return FALSE;
+			}
+
+			$this->_fingerprint = md5('');
+			$this->_session_id = $session_id;
+		}
+
+		if (isset($this->_lock_key))
 		{
 			$this->_redis->setTimeout($this->_lock_key, 5);
 			if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
@@ -190,7 +209,7 @@
 			return TRUE;
 		}
 
-		return FALSE;
+		return TRUE;
 	}
 
 	// ------------------------------------------------------------------------
@@ -204,20 +223,17 @@
 				log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
 			}
 
-			return ($this->_cookie_destroy() && $this->close());
+			return $this->_cookie_destroy();
 		}
 
-		return $this->close();
+		return FALSE;
 	}
 
 	// ------------------------------------------------------------------------
 
 	public function gc($maxlifetime)
 	{
-		// TODO: keys()/getKeys() is said to be performance-intensive,
-		// although it supports patterns (*, [charlist] at the very least).
-		// scan() seems to be recommended, but requires redis 2.8
-		// Not sure if we need any of these though, as we set keys with expire times
+		// Not necessary, Redis takes care of that.
 		return TRUE;
 	}