Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 19cd88799f27bef8d502250c86eddcd72789bdb3 / . / system / libraries / Session / drivers / Session_native.php
blob: d7b9e84103f66f723365f74a5b7d789503e7e366 [file] [log] [blame]
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
2/**
3 * CodeIgniter
4 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
6 *
7 * NOTICE OF LICENSE
8 *
9 * Licensed under the Open Software License version 3.0
10 *
11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]18 *
19 * @package CodeIgniter
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]20 * @author EllisLab Dev Team
21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]23 * @link http://codeigniter.com
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]24 * @since Version 1.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]25 * @filesource
26 */
27
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]28/**
29 * Native PHP session management driver
30 *
31 * This is the driver that uses the native PHP $_SESSION array through the Session driver library.
32 *
33 * @package CodeIgniter
34 * @subpackage Libraries
35 * @category Sessions
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]36 * @author EllisLab Dev Team
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]37 */
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]38class CI_Session_native extends CI_Session_driver {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]39
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]40 /**
41 * Initialize session driver object
42 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]43 * @return void
44 */
45 protected function initialize()
46 {
47 // Get config parameters
48 $config = array();
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]49 $prefs = array(
50 'sess_cookie_name',
51 'sess_expire_on_close',
52 'sess_expiration',
53 'sess_match_ip',
54 'sess_match_useragent',
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]55 'sess_time_to_update',
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]56 'cookie_prefix',
57 'cookie_path',
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame^]58 'cookie_domain',
59 'cookie_secure',
60 'cookie_httponly'
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]61 );
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]62
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]63 foreach ($prefs as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]64 {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]65 $config[$key] = isset($this->_parent->params[$key])
66 ? $this->_parent->params[$key]
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]67 : $this->CI->config->item($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]68 }
69
70 // Set session name, if specified
71 if ($config['sess_cookie_name'])
72 {
dchill42aee92652012-08-26 21:45:35 -0400[diff] [blame]73 // Differentiate name from cookie driver with '_id' suffix
74 $name = $config['sess_cookie_name'].'_id';
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]75 if ($config['cookie_prefix'])
76 {
77 // Prepend cookie prefix
78 $name = $config['cookie_prefix'].$name;
79 }
80 session_name($name);
81 }
82
83 // Set expiration, path, and domain
84 $expire = 7200;
85 $path = '/';
86 $domain = '';
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame^]87 $secure = FALSE;
88 $http_only = FALSE;
89
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]90 if ($config['sess_expiration'] !== FALSE)
91 {
92 // Default to 2 years if expiration is "0"
93 $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration'];
94 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]95
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]96 if ($config['cookie_path'])
97 {
98 // Use specified path
99 $path = $config['cookie_path'];
100 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]101
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]102 if ($config['cookie_domain'])
103 {
104 // Use specified domain
105 $domain = $config['cookie_domain'];
106 }
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame^]107
108 if ($config['cookie_secure'])
109 {
110 // Send over SSL / HTTPS only?
111 $secure = $config['cookie_secure'];
112 }
113
114 if ($config['cookie_httponly'])
115 {
116 // only available to HTTP(S)?
117 $http_only = $config['http_only'];
118 }
119
120 session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]121
122 // Start session
123 session_start();
124
125 // Check session expiration, ip, and agent
126 $now = time();
127 $destroy = FALSE;
Andrey Andreev02117682012-10-15 11:12:37 +0300[diff] [blame]128 if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]129 {
130 // Expired - destroy
131 $destroy = TRUE;
132 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]133 elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]134 && $_SESSION['ip_address'] !== $this->CI->input->ip_address())
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]135 {
136 // IP doesn't match - destroy
137 $destroy = TRUE;
138 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]139 elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]140 && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50)))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]141 {
142 // Agent doesn't match - destroy
143 $destroy = TRUE;
144 }
145
146 // Destroy expired or invalid session
147 if ($destroy)
148 {
149 // Clear old session and start new
150 $this->sess_destroy();
151 session_start();
152 }
153
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]154 // Check for update time
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]155 if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
156 && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]157 {
158 // Regenerate ID, but don't destroy session
159 $this->sess_regenerate(FALSE);
160 }
161
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]162 // Set activity time
163 $_SESSION['last_activity'] = $now;
164
165 // Set matching values as required
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]166 if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]167 {
168 // Store user IP address
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]169 $_SESSION['ip_address'] = $this->CI->input->ip_address();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]170 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]171
172 if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]173 {
174 // Store user agent string
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]175 $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50));
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]176 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]177
178 // Make session ID available
179 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]180 }
181
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]182 // ------------------------------------------------------------------------
183
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]184 /**
185 * Save the session data
186 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]187 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]188 */
189 public function sess_save()
190 {
191 // Nothing to do - changes to $_SESSION are automatically saved
192 }
193
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]194 // ------------------------------------------------------------------------
195
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]196 /**
197 * Destroy the current session
198 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]199 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]200 */
201 public function sess_destroy()
202 {
203 // Cleanup session
204 $_SESSION = array();
205 $name = session_name();
206 if (isset($_COOKIE[$name]))
207 {
208 // Clear session cookie
209 $params = session_get_cookie_params();
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame^]210 setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]211 unset($_COOKIE[$name]);
212 }
213 session_destroy();
214 }
215
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]216 // ------------------------------------------------------------------------
217
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]218 /**
219 * Regenerate the current session
220 *
221 * Regenerate the session id
222 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]223 * @param bool Destroy session data flag (default: FALSE)
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]224 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]225 */
dchill4277ee3fd2012-07-24 11:50:01 -0400[diff] [blame]226 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]227 {
228 // Just regenerate id, passing destroy flag
229 session_regenerate_id($destroy);
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]230 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]231 }
232
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]233 // ------------------------------------------------------------------------
234
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]235 /**
236 * Get a reference to user data array
237 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]238 * @return array Reference to userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]239 */
240 public function &get_userdata()
241 {
242 // Just return reference to $_SESSION
243 return $_SESSION;
244 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]245
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]246}
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]247
248/* End of file Session_native.php */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]249/* Location: ./system/libraries/Session/drivers/Session_native.php */