Righting a wrong in the Session library
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed.
- Revert the addition of all_flashdata().
- Deprecate all_userdata().
- Fix related changelog entries that were all inconsistent.
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index 4e556b2..4796e84 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -516,7 +516,7 @@
.'<legend style="color:#000;"> '.$this->CI->lang->line('profiler_session_data').' (<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_session_data\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show').'</span>)</legend>'
.'<table style="width:100%;display:none;" id="ci_profiler_session_data">';
- foreach ($this->CI->session->all_userdata() as $key => $val)
+ foreach ($this->CI->session->userdata() as $key => $val)
{
if (is_array($val) OR is_object($val))
{
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index ac97b94..d9f2f50 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -238,9 +238,14 @@
* @param string Item key
* @return string Item value or NULL if not found
*/
- public function userdata($item)
+ public function userdata($item = NULL)
{
- return isset($this->userdata[$item]) ? $this->userdata[$item] : NULL;
+ if (isset($item))
+ {
+ return isset($this->userdata[$item]) ? $this->userdata[$item] : NULL;
+ }
+
+ return isset($this->userdata) ? $this->userdata : array();
}
// ------------------------------------------------------------------------
@@ -248,35 +253,12 @@
/**
* Fetch all session data
*
+ * @deprecated 3.0.0 Use userdata() with no parameters instead
* @return array User data array
*/
public function all_userdata()
{
- return isset($this->userdata) ? $this->userdata : NULL;
- }
-
- // ------------------------------------------------------------------------
-
- /**
- * Fetch all flashdata
- *
- * @return array Flash data array
- */
- public function all_flashdata()
- {
- $out = array();
-
- // loop through all userdata
- foreach ($this->all_userdata() as $key => $val)
- {
- // if it contains flashdata, add it
- if (strpos($key, self::FLASHDATA_KEY.self::FLASHDATA_OLD) !== FALSE)
- {
- $key = str_replace(self::FLASHDATA_KEY.self::FLASHDATA_OLD, '', $key);
- $out[$key] = $val;
- }
- }
- return $out;
+ return isset($this->userdata) ? $this->userdata : array();
}
// ------------------------------------------------------------------------
@@ -417,11 +399,25 @@
* @param string Item key
* @return string
*/
- public function flashdata($key)
+ public function flashdata($key = NULL)
{
- // Prepend key and retrieve value
- $flashdata_key = self::FLASHDATA_KEY.self::FLASHDATA_OLD.$key;
- return $this->userdata($flashdata_key);
+ if (isset($key))
+ {
+ return $this->userdata(self::FLASHDATA_KEY.self::FLASHDATA_OLD.$key);
+ }
+
+ // Get our flashdata items from userdata
+ $out = array();
+ foreach ($this->userdata() as $key => $val)
+ {
+ if (strpos($key, self::FLASHDATA_KEY.self::FLASHDATA_OLD) !== FALSE)
+ {
+ $key = str_replace(self::FLASHDATA_KEY.self::FLASHDATA_OLD, '', $key);
+ $out[$key] = $val;
+ }
+ }
+
+ return $out;
}
// ------------------------------------------------------------------------
@@ -514,11 +510,25 @@
* @param string Item key
* @return string
*/
- public function tempdata($key)
+ public function tempdata($key = NULL)
{
- // Prepend key and return value
- $tempdata_key = self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key;
- return $this->userdata($tempdata_key);
+ if (isset($key))
+ {
+ return $this->userdata(self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key);
+ }
+
+ // Get our tempdata items from userdata
+ $out = array();
+ foreach ($this->userdata() as $key => $val)
+ {
+ if (strpos($key, self::FLASHDATA_KEY.self::FLASHDATA_EXP) !== FALSE)
+ {
+ $key = str_replace(self::FLASHDATA_KEY.self::FLASHDATA_EXP, '', $key);
+ $out[$key] = $val;
+ }
+ }
+
+ return $out;
}
// ------------------------------------------------------------------------
@@ -531,13 +541,12 @@
*/
protected function _flashdata_mark()
{
- foreach ($this->all_userdata() as $name => $value)
+ foreach ($this->userdata() as $name => $value)
{
$parts = explode(self::FLASHDATA_NEW, $name);
if (count($parts) === 2)
{
- $new_name = self::FLASHDATA_KEY.self::FLASHDATA_OLD.$parts[1];
- $this->set_userdata($new_name, $value);
+ $this->set_userdata(self::FLASHDATA_KEY.self::FLASHDATA_OLD.$parts[1], $value);
$this->unset_userdata($name);
}
}
@@ -552,7 +561,7 @@
*/
protected function _flashdata_sweep()
{
- $userdata = $this->all_userdata();
+ $userdata = $this->userdata();
foreach (array_keys($userdata) as $key)
{
if (strpos($key, self::FLASHDATA_OLD))
@@ -581,7 +590,7 @@
// Unset expired elements
$now = time();
- $userdata = $this->all_userdata();
+ $userdata = $this->userdata();
foreach (array_keys($userdata) as $key)
{
if (strpos($key, self::FLASHDATA_EXP) && $expirations[$key] < $now)
diff --git a/tests/codeigniter/libraries/Session_test.php b/tests/codeigniter/libraries/Session_test.php
index 6edda99..cff0fdb 100644
--- a/tests/codeigniter/libraries/Session_test.php
+++ b/tests/codeigniter/libraries/Session_test.php
@@ -156,11 +156,11 @@
$this->session->native->set_userdata($ndata);
// Make sure all values are present
- $call = $this->session->cookie->all_userdata();
+ $call = $this->session->cookie->userdata();
foreach ($cdata as $key => $value) {
$this->assertEquals($value, $call[$key]);
}
- $nall = $this->session->native->all_userdata();
+ $nall = $this->session->native->userdata();
foreach ($ndata as $key => $value) {
$this->assertEquals($value, $nall[$key]);
}
@@ -283,8 +283,8 @@
// Simulate page reload and verify independent messages
$this->session->cookie->reload();
$this->session->native->reload();
- $this->assertEquals($cdata, $this->session->cookie->all_flashdata());
- $this->assertEquals($ndata, $this->session->native->all_flashdata());
+ $this->assertEquals($cdata, $this->session->cookie->flashdata());
+ $this->assertEquals($ndata, $this->session->native->flashdata());
// Keep messages
$this->session->cookie->keep_flashdata($kdata);
@@ -293,14 +293,14 @@
// Simulate next page reload and verify message persistence
$this->session->cookie->reload();
$this->session->native->reload();
- $this->assertEquals($cdata, $this->session->cookie->all_flashdata());
- $this->assertEquals($ndata, $this->session->native->all_flashdata());
+ $this->assertEquals($cdata, $this->session->cookie->flashdata());
+ $this->assertEquals($ndata, $this->session->native->flashdata());
// Simulate next page reload and verify absence of messages
$this->session->cookie->reload();
$this->session->native->reload();
- $this->assertEmpty($this->session->cookie->all_flashdata());
- $this->assertEmpty($this->session->native->all_flashdata());
+ $this->assertEmpty($this->session->cookie->flashdata());
+ $this->assertEmpty($this->session->native->flashdata());
}
/**
@@ -329,8 +329,8 @@
// Simulate page reload and make sure all values are present
$this->session->cookie->reload();
$this->session->native->reload();
- $this->assertEquals($cdata, $this->session->cookie->all_flashdata());
- $this->assertEquals($ndata, $this->session->native->all_flashdata());
+ $this->assertEquals($cdata, $this->session->cookie->flashdata());
+ $this->assertEquals($ndata, $this->session->native->flashdata());
}
/**
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 5130501..3124dea 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -259,22 +259,18 @@
- :doc:`Session Library <libraries/sessions>` changes include:
- - Library changed to :doc:`Driver <general/drivers>` with classic Cookie driver as default.
- - Added Native PHP Session driver to work with ``$_SESSION``.
- - Custom drivers can be added anywhere in package paths and be loaded with the library.
- - Drivers interchangeable on the fly.
- - New **tempdata** feature allows setting user data items with an expiration time.
- - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *config.php* file.
- - Cookie driver now respects php.ini's *session.gc_probability* and *session.gc_divisor* settings.
- - Cookie driver now uses HMAC authentication instead of the simple md5 checksum.
- - The Cookie driver now also checks authentication on encrypted session data.
- - Changed the Cookie driver to select only one row when using database sessions.
- - Cookie driver now only writes to database at end of request when using database.
- - Cookie driver now uses PHP functions for faster array manipulation when using database.
- - Added ``all_flashdata()`` method to session class. Returns an associative array of only flashdata.
- - Added ``has_userdata()`` method to verify existence of userdata item.
- - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata.
- - ``keep_flashdata()`` now accepts an array of keys.
+ - Library changed to :doc:`Driver <general/drivers>` with classic 'cookie' driver as the default.
+ - Added a 'native' PHP Session driver to work with ``$_SESSION``.
+ - Added a new **tempdata** feature that allows setting userdata items with expiration time (``tempdata()``, ``set_tempdata()``, ``unset_tempdata()``).
+ - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *application/config.php* file.
+ - Changed 'cookie' driver to respect php.ini's *session.gc_probability* and *session.gc_divisor* settings.
+ - Changed 'cookie' driver to use HMAC authentication instead of a simple md5 checksum.
+ - Changed 'cookie' driver to select only one row when using database sessions.
+ - Changed 'cookie' driver to write to only write to the database at end of page execution.
+ - Changed method ``keep_flashdata()`` to also accept an array of keys.
+ - Changed methods ``userdata()``, ``flashdata()`` to return an array of all userdata/flashdata when no parameter is passed.
+ - Deprecated method ``all_userdata()`` - it is now just an alias for ``userdata()`` with no parameters.
+ - Added method ``has_userdata()`` that verifies the existence of a userdata item.
- Added *debug* level log messages for key events in the session validation process.
- :doc:`File Uploading Library <libraries/file_uploading>` changes include:
@@ -687,6 +683,7 @@
- Fixed a bug (#2737) - :doc:`XML-RPC Library <libraries/xmlrpc>` used objects as array keys, which triggered E_NOTICE messages.
- Fixed a bug (#2729) - ``CI_Security::_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives.
- Fixed a bug (#2771) - ``CI_Security::xss_clean()`` didn't take into account HTML5 entities.
+- Fixed a bug in the :doc:`Session Library <libraries/sessions>` 'cookie' driver where authentication was not performed for encrypted cookies.
Version 2.1.4
=============
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst
index ca7569b..88bb111 100644
--- a/user_guide_src/source/installation/upgrade_300.rst
+++ b/user_guide_src/source/installation/upgrade_300.rst
@@ -469,6 +469,21 @@
.. note:: These options are still available, but you're strongly encouraged to remove their usage
sooner rather than later.
+Session Library method all_userdata()
+=====================================
+
+As seen in the :doc:`Change Log <../changelog>`, :doc:`Session Library <libraries/sessions>`
+method ``userdata()`` now allows you to fetch all userdata by simply omitting its parameter::
+
+ $this->session->userdata();
+
+This makes the ``all_userdata()`` method redudant and therefore it is now just an alias for
+``userdata()`` with the above shown usage and is being deprecated and scheduled for removal
+in CodeIgniter 3.1+.
+
+.. note:: This method is still available, but you're strongly encouraged to remove its usage
+ sooner rather than later.
+
Database Forge method add_column() with an AFTER clause
=======================================================
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst
index 2f8bea0..3368a9f 100644
--- a/user_guide_src/source/libraries/sessions.rst
+++ b/user_guide_src/source/libraries/sessions.rst
@@ -137,7 +137,7 @@
An array of all userdata can be retrieved as follows::
- $this->session->all_userdata()
+ $this->session->userdata()
And returns an associative array like the following::
@@ -194,7 +194,7 @@
An array of all flashdata can be retrieved as follows::
- $this->session->all_flashdata();
+ $this->session->flashdata();
If you find that you need to preserve a flashdata variable through an