Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 1d0bd83d0f4b9f133bf9657113fc50d57d767762 / . / system / libraries / Session / Session.php
blob: 3b391a8eff064b953618e27e4a9fc3af0efe5126 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame]5 * An open source application development framework for PHP
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]6 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]7 * This content is released under the MIT License (MIT)
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]8 *
Andrey Andreev125ef472016-01-11 12:33:00 +0200[diff] [blame]9 * Copyright (c) 2014 - 2016, British Columbia Institute of Technology
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]10 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]11 * Permission is hereby granted, free of charge, to any person obtaining a copy
12 * of this software and associated documentation files (the "Software"), to deal
13 * in the Software without restriction, including without limitation the rights
14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 * copies of the Software, and to permit persons to whom the Software is
16 * furnished to do so, subject to the following conditions:
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]17 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 *
29 * @package CodeIgniter
30 * @author EllisLab Dev Team
Andrey Andreev1924e872016-01-11 12:55:34 +0200[diff] [blame]31 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
Andrey Andreev125ef472016-01-11 12:33:00 +0200[diff] [blame]32 * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]33 * @license http://opensource.org/licenses/MIT MIT License
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]34 * @link https://codeigniter.com
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]35 * @since Version 2.0.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]36 * @filesource
37 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]38defined('BASEPATH') OR exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]39
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]40/**
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]41 * CodeIgniter Session Class
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]42 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]43 * @package CodeIgniter
44 * @subpackage Libraries
45 * @category Sessions
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]46 * @author Andrey Andreev
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]47 * @link https://codeigniter.com/user_guide/libraries/sessions.html
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]48 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]49class CI_Session {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]50
Andrey Andreevb4b215e2015-01-19 11:59:11 +0200[diff] [blame]51 /**
52 * Userdata array
53 *
54 * Just a reference to $_SESSION, for BC purposes.
55 */
56 public $userdata;
57
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]58 protected $_driver = 'files';
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]59 protected $_config;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]60
Andrey Andreev0fa95bd2012-11-01 23:33:14 +0200[diff] [blame]61 // ------------------------------------------------------------------------
62
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]63 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]64 * Class constructor
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]65 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]66 * @param array $params Configuration parameters
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]67 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]68 */
69 public function __construct(array $params = array())
70 {
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]71 // No sessions under CLI
Andrey Andreevf964b162013-11-12 17:04:55 +0200[diff] [blame]72 if (is_cli())
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]73 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]74 log_message('debug', 'Session: Initialization under CLI aborted.');
75 return;
76 }
77 elseif ((bool) ini_get('session.auto_start'))
78 {
79 log_message('error', 'Session: session.auto_start is enabled in php.ini. Aborting.');
80 return;
81 }
82 elseif ( ! empty($params['driver']))
83 {
84 $this->_driver = $params['driver'];
85 unset($params['driver']);
86 }
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]87 elseif ($driver = config_item('sess_driver'))
Andrey Andreev34b1ef52014-05-31 21:23:41 +0300[diff] [blame]88 {
89 $this->_driver = $driver;
90 }
Andrey Andreevac4f4722014-06-02 11:16:32 +0300[diff] [blame]91 // Note: BC workaround
92 elseif (config_item('sess_use_database'))
93 {
Andrey Andreev85dfc2a2016-04-01 22:54:15 +0300[diff] [blame]94 log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".');
Andrey Andreevac4f4722014-06-02 11:16:32 +0300[diff] [blame]95 $this->_driver = 'database';
96 }
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]97
Andrey Andreev34b92c62015-03-12 12:42:00 +0200[diff] [blame]98 $class = $this->_ci_load_classes($this->_driver);
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]99
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]100 // Configuration ...
101 $this->_configure($params);
102
103 $class = new $class($this->_config);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]104 if ($class instanceof SessionHandlerInterface)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]105 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]106 if (is_php('5.4'))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]107 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]108 session_set_save_handler($class, TRUE);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]109 }
110 else
111 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]112 session_set_save_handler(
113 array($class, 'open'),
114 array($class, 'close'),
115 array($class, 'read'),
116 array($class, 'write'),
117 array($class, 'destroy'),
118 array($class, 'gc')
119 );
120
121 register_shutdown_function('session_write_close');
122 }
123 }
124 else
125 {
126 log_message('error', "Session: Driver '".$this->_driver."' doesn't implement SessionHandlerInterface. Aborting.");
127 return;
128 }
129
Andrey Andreev562e39b2014-11-12 15:38:58 +0200[diff] [blame]130 // Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
131 if (isset($_COOKIE[$this->_config['cookie_name']])
132 && (
133 ! is_string($_COOKIE[$this->_config['cookie_name']])
134 OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']])
135 )
136 )
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]137 {
Andrey Andreev562e39b2014-11-12 15:38:58 +0200[diff] [blame]138 unset($_COOKIE[$this->_config['cookie_name']]);
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]139 }
140
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]141 session_start();
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]142
Andrey Andreevff37ffe2014-11-04 12:28:57 +0200[diff] [blame]143 // Is session ID auto-regeneration configured? (ignoring ajax requests)
Andrey Andreev395f9282015-02-05 13:29:56 +0200[diff] [blame]144 if ((empty($_SERVER['HTTP_X_REQUESTED_WITH']) OR strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest')
Andrey Andreevde5c2462014-11-04 12:31:03 +0200[diff] [blame]145 && ($regenerate_time = config_item('sess_time_to_update')) > 0
Andrey Andreevff37ffe2014-11-04 12:28:57 +0200[diff] [blame]146 )
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]147 {
148 if ( ! isset($_SESSION['__ci_last_regenerate']))
149 {
150 $_SESSION['__ci_last_regenerate'] = time();
151 }
152 elseif ($_SESSION['__ci_last_regenerate'] < (time() - $regenerate_time))
153 {
Andrey Andreev789b1fe2015-02-07 19:30:30 +0200[diff] [blame]154 $this->sess_regenerate((bool) config_item('sess_regenerate_destroy'));
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]155 }
156 }
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]157 // Another work-around ... PHP doesn't seem to send the session cookie
158 // unless it is being currently created or regenerated
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]159 elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id())
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]160 {
161 setcookie(
162 $this->_config['cookie_name'],
163 session_id(),
164 (empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']),
165 $this->_config['cookie_path'],
166 $this->_config['cookie_domain'],
167 $this->_config['cookie_secure'],
168 TRUE
169 );
170 }
171
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]172 $this->_ci_init_vars();
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]173
Andrey Andreev90726b82015-01-20 12:39:22 +0200[diff] [blame]174 log_message('info', "Session: Class initialized using '".$this->_driver."' driver.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]175 }
176
177 // ------------------------------------------------------------------------
178
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]179 /**
180 * CI Load Classes
181 *
182 * An internal method to load all possible dependency and extension
183 * classes. It kind of emulates the CI_Driver library, but is
184 * self-sufficient.
185 *
186 * @param string $driver Driver name
187 * @return string Driver class name
188 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]189 protected function _ci_load_classes($driver)
190 {
191 // PHP 5.4 compatibility
192 interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php');
193
194 $prefix = config_item('subclass_prefix');
195
196 if ( ! class_exists('CI_Session_driver', FALSE))
197 {
Andrey Andreeve86603f2014-06-11 14:03:36 +0300[diff] [blame]198 require_once(
199 file_exists(APPPATH.'libraries/Session/Session_driver.php')
200 ? APPPATH.'libraries/Session/Session_driver.php'
201 : BASEPATH.'libraries/Session/Session_driver.php'
202 );
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]203
204 if (file_exists($file_path = APPPATH.'libraries/Session/'.$prefix.'Session_driver.php'))
205 {
206 require_once($file_path);
207 }
208 }
209
210 $class = 'Session_'.$driver.'_driver';
Andrey Andreevcd94dd72014-12-09 17:38:56 +0200[diff] [blame]211
212 // Allow custom drivers without the CI_ or MY_ prefix
213 if ( ! class_exists($class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php'))
214 {
215 require_once($file_path);
216 if (class_exists($class, FALSE))
217 {
218 return $class;
219 }
220 }
221
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]222 if ( ! class_exists('CI_'.$class, FALSE))
223 {
224 if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php'))
225 {
226 require_once($file_path);
227 }
228
Andrey Andreevcd94dd72014-12-09 17:38:56 +0200[diff] [blame]229 if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]230 {
Andrey Andreev1d195202015-03-13 11:25:29 +0200[diff] [blame]231 throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]232 }
233 }
234
Andrey Andreev738b9e32016-02-24 12:14:10 +0200[diff] [blame]235 if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php'))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]236 {
237 require_once($file_path);
238 if (class_exists($prefix.$class, FALSE))
239 {
240 return $prefix.$class;
241 }
242 else
243 {
244 log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.');
245 }
246 }
247
248 return 'CI_'.$class;
249 }
250
251 // ------------------------------------------------------------------------
252
253 /**
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]254 * Configuration
255 *
256 * Handle input parameters and configuration defaults
257 *
258 * @param array &$params Input parameters
259 * @return void
260 */
261 protected function _configure(&$params)
262 {
263 $expiration = config_item('sess_expiration');
264
265 if (isset($params['cookie_lifetime']))
266 {
267 $params['cookie_lifetime'] = (int) $params['cookie_lifetime'];
268 }
269 else
270 {
271 $params['cookie_lifetime'] = ( ! isset($expiration) && config_item('sess_expire_on_close'))
272 ? 0 : (int) $expiration;
273 }
274
275 isset($params['cookie_name']) OR $params['cookie_name'] = config_item('sess_cookie_name');
276 if (empty($params['cookie_name']))
277 {
278 $params['cookie_name'] = ini_get('session.name');
279 }
280 else
281 {
282 ini_set('session.name', $params['cookie_name']);
283 }
284
285 isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path');
Andrey Andreev41b546d2014-10-06 03:01:22 +0300[diff] [blame]286 isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain');
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]287 isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure');
288
289 session_set_cookie_params(
290 $params['cookie_lifetime'],
291 $params['cookie_path'],
292 $params['cookie_domain'],
293 $params['cookie_secure'],
294 TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons
295 );
296
297 if (empty($expiration))
298 {
299 $params['expiration'] = (int) ini_get('session.gc_maxlifetime');
300 }
301 else
302 {
303 $params['expiration'] = (int) $expiration;
304 ini_set('session.gc_maxlifetime', $expiration);
305 }
306
307 $params['match_ip'] = (bool) (isset($params['match_ip']) ? $params['match_ip'] : config_item('sess_match_ip'));
308
309 isset($params['save_path']) OR $params['save_path'] = config_item('sess_save_path');
310
311 $this->_config = $params;
312
313 // Security is king
Andrey Andreevc02952d2015-02-13 13:04:38 +0200[diff] [blame]314 ini_set('session.use_trans_sid', 0);
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]315 ini_set('session.use_strict_mode', 1);
316 ini_set('session.use_cookies', 1);
317 ini_set('session.use_only_cookies', 1);
318 ini_set('session.hash_function', 1);
319 ini_set('session.hash_bits_per_character', 4);
320 }
321
322 // ------------------------------------------------------------------------
323
324 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]325 * Handle temporary variables
326 *
327 * Clears old "flash" data, marks the new one for deletion and handles
328 * "temp" data deletion.
329 *
330 * @return void
331 */
332 protected function _ci_init_vars()
333 {
334 if ( ! empty($_SESSION['__ci_vars']))
335 {
336 $current_time = time();
337
338 foreach ($_SESSION['__ci_vars'] as $key => &$value)
339 {
340 if ($value === 'new')
341 {
342 $_SESSION['__ci_vars'][$key] = 'old';
343 }
344 // Hacky, but 'old' will (implicitly) always be less than time() ;)
345 // DO NOT move this above the 'new' check!
346 elseif ($value < $current_time)
347 {
348 unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]);
349 }
350 }
351
352 if (empty($_SESSION['__ci_vars']))
353 {
354 unset($_SESSION['__ci_vars']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]355 }
356 }
Andrey Andreevb4b215e2015-01-19 11:59:11 +0200[diff] [blame]357
358 $this->userdata =& $_SESSION;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]359 }
360
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]361 // ------------------------------------------------------------------------
362
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]363 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]364 * Mark as flash
365 *
366 * @param mixed $key Session data key(s)
367 * @return bool
368 */
369 public function mark_as_flash($key)
370 {
371 if (is_array($key))
372 {
373 for ($i = 0, $c = count($key); $i < $c; $i++)
374 {
375 if ( ! isset($_SESSION[$key[$i]]))
376 {
377 return FALSE;
378 }
379 }
380
381 $new = array_fill_keys($key, 'new');
382
383 $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
384 ? array_merge($_SESSION['__ci_vars'], $new)
385 : $new;
386
387 return TRUE;
388 }
389
390 if ( ! isset($_SESSION[$key]))
391 {
392 return FALSE;
393 }
394
395 $_SESSION['__ci_vars'][$key] = 'new';
396 return TRUE;
397 }
398
399 // ------------------------------------------------------------------------
400
401 /**
402 * Get flash keys
403 *
404 * @return array
405 */
406 public function get_flash_keys()
407 {
408 if ( ! isset($_SESSION['__ci_vars']))
409 {
410 return array();
411 }
412
413 $keys = array();
414 foreach (array_keys($_SESSION['__ci_vars']) as $key)
415 {
416 is_int($_SESSION['__ci_vars'][$key]) OR $keys[] = $key;
417 }
418
419 return $keys;
420 }
421
422 // ------------------------------------------------------------------------
423
424 /**
425 * Unmark flash
426 *
427 * @param mixed $key Session data key(s)
428 * @return void
429 */
430 public function unmark_flash($key)
431 {
432 if (empty($_SESSION['__ci_vars']))
433 {
434 return;
435 }
436
437 is_array($key) OR $key = array($key);
438
439 foreach ($key as $k)
440 {
441 if (isset($_SESSION['__ci_vars'][$k]) && ! is_int($_SESSION['__ci_vars'][$k]))
442 {
443 unset($_SESSION['__ci_vars'][$k]);
444 }
445 }
446
447 if (empty($_SESSION['__ci_vars']))
448 {
449 unset($_SESSION['__ci_vars']);
450 }
451 }
452
453 // ------------------------------------------------------------------------
454
455 /**
456 * Mark as temp
457 *
458 * @param mixed $key Session data key(s)
459 * @param int $ttl Time-to-live in seconds
460 * @return bool
461 */
462 public function mark_as_temp($key, $ttl = 300)
463 {
464 $ttl += time();
465
466 if (is_array($key))
467 {
468 $temp = array();
469
470 foreach ($key as $k => $v)
471 {
472 // Do we have a key => ttl pair, or just a key?
473 if (is_int($k))
474 {
475 $k = $v;
476 $v = $ttl;
477 }
478 else
479 {
480 $v += time();
481 }
482
483 if ( ! isset($_SESSION[$k]))
484 {
485 return FALSE;
486 }
487
Andrey Andreev43df7bd2015-02-02 23:22:29 +0200[diff] [blame]488 $temp[$k] = $v;
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]489 }
490
491 $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
492 ? array_merge($_SESSION['__ci_vars'], $temp)
493 : $temp;
494
495 return TRUE;
496 }
497
498 if ( ! isset($_SESSION[$key]))
499 {
500 return FALSE;
501 }
502
503 $_SESSION['__ci_vars'][$key] = $ttl;
504 return TRUE;
505 }
506
507 // ------------------------------------------------------------------------
508
509 /**
510 * Get temp keys
511 *
512 * @return array
513 */
514 public function get_temp_keys()
515 {
516 if ( ! isset($_SESSION['__ci_vars']))
517 {
518 return array();
519 }
520
521 $keys = array();
522 foreach (array_keys($_SESSION['__ci_vars']) as $key)
523 {
524 is_int($_SESSION['__ci_vars'][$key]) && $keys[] = $key;
525 }
526
527 return $keys;
528 }
529
530 // ------------------------------------------------------------------------
531
532 /**
533 * Unmark flash
534 *
535 * @param mixed $key Session data key(s)
536 * @return void
537 */
538 public function unmark_temp($key)
539 {
540 if (empty($_SESSION['__ci_vars']))
541 {
542 return;
543 }
544
545 is_array($key) OR $key = array($key);
546
547 foreach ($key as $k)
548 {
549 if (isset($_SESSION['__ci_vars'][$k]) && is_int($_SESSION['__ci_vars'][$k]))
550 {
551 unset($_SESSION['__ci_vars'][$k]);
552 }
553 }
554
555 if (empty($_SESSION['__ci_vars']))
556 {
557 unset($_SESSION['__ci_vars']);
558 }
559 }
560
561 // ------------------------------------------------------------------------
562
563 /**
564 * __get()
565 *
566 * @param string $key 'session_id' or a session data key
567 * @return mixed
568 */
569 public function __get($key)
570 {
571 // Note: Keep this order the same, just in case somebody wants to
572 // use 'session_id' as a session data key, for whatever reason
573 if (isset($_SESSION[$key]))
574 {
575 return $_SESSION[$key];
576 }
577 elseif ($key === 'session_id')
578 {
579 return session_id();
580 }
581
582 return NULL;
583 }
584
585 // ------------------------------------------------------------------------
586
587 /**
Andrey Andreev2c10f602016-03-15 14:39:02 +0200[diff] [blame]588 * __isset()
589 *
590 * @param string $key 'session_id' or a session data key
591 * @return bool
592 */
593 public function __isset($key)
594 {
595 if ($key === 'session_id')
596 {
597 return (session_status() === PHP_SESSION_ACTIVE);
598 }
599
600 return isset($_SESSION[$key]);
601 }
602
603 // ------------------------------------------------------------------------
604
605 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]606 * __set()
607 *
608 * @param string $key Session data key
609 * @param mixed $value Session data value
610 * @return void
611 */
612 public function __set($key, $value)
613 {
614 $_SESSION[$key] = $value;
615 }
616
617 // ------------------------------------------------------------------------
618
619 /**
620 * Session destroy
621 *
622 * Legacy CI_Session compatibility method
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]623 *
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]624 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]625 */
626 public function sess_destroy()
627 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]628 session_destroy();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]629 }
630
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]631 // ------------------------------------------------------------------------
632
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]633 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]634 * Session regenerate
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]635 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]636 * Legacy CI_Session compatibility method
637 *
638 * @param bool $destroy Destroy old session data flag
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]639 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]640 */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]641 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]642 {
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]643 $_SESSION['__ci_last_regenerate'] = time();
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]644 session_regenerate_id($destroy);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]645 }
646
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]647 // ------------------------------------------------------------------------
648
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]649 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]650 * Get userdata reference
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]651 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]652 * Legacy CI_Session compatibility method
653 *
654 * @returns array
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]655 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]656 public function &get_userdata()
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]657 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]658 return $_SESSION;
659 }
660
661 // ------------------------------------------------------------------------
662
663 /**
664 * Userdata (fetch)
665 *
666 * Legacy CI_Session compatibility method
667 *
668 * @param string $key Session data key
669 * @return mixed Session data value or NULL if not found
670 */
671 public function userdata($key = NULL)
672 {
673 if (isset($key))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]674 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]675 return isset($_SESSION[$key]) ? $_SESSION[$key] : NULL;
676 }
677 elseif (empty($_SESSION))
678 {
679 return array();
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]680 }
681
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]682 $userdata = array();
683 $_exclude = array_merge(
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]684 array('__ci_vars'),
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]685 $this->get_flash_keys(),
686 $this->get_temp_keys()
687 );
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]688
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]689 foreach (array_keys($_SESSION) as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]690 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]691 if ( ! in_array($key, $_exclude, TRUE))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]692 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]693 $userdata[$key] = $_SESSION[$key];
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]694 }
695 }
696
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]697 return $userdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]698 }
699
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]700 // ------------------------------------------------------------------------
701
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]702 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]703 * Set userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]704 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]705 * Legacy CI_Session compatibility method
706 *
707 * @param mixed $data Session data key or an associative array
708 * @param mixed $value Value to store
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]709 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]710 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]711 public function set_userdata($data, $value = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]712 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]713 if (is_array($data))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]714 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]715 foreach ($data as $key => &$value)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]716 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]717 $_SESSION[$key] = $value;
Johnathan Croom8d8543d2012-11-25 10:36:57 -0700[diff] [blame]718 }
719
720 return;
Johnathan Croom4beca5c2012-11-23 18:32:46 -0700[diff] [blame]721 }
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]722
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]723 $_SESSION[$data] = $value;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]724 }
725
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]726 // ------------------------------------------------------------------------
727
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]728 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]729 * Unset userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]730 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]731 * Legacy CI_Session compatibility method
732 *
Andrey Andreeve13fa9f2016-05-20 17:30:07 +0300[diff] [blame]733 * @param mixed $key Session data key(s)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]734 * @return void
735 */
736 public function unset_userdata($key)
737 {
738 if (is_array($key))
739 {
740 foreach ($key as $k)
741 {
Andrey Andreevd069b9b2014-09-16 10:18:16 +0300[diff] [blame]742 unset($_SESSION[$k]);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]743 }
744
745 return;
746 }
747
748 unset($_SESSION[$key]);
749 }
750
751 // ------------------------------------------------------------------------
752
753 /**
754 * All userdata (fetch)
755 *
756 * Legacy CI_Session compatibility method
757 *
758 * @return array $_SESSION, excluding flash data items
759 */
760 public function all_userdata()
761 {
762 return $this->userdata();
763 }
764
765 // ------------------------------------------------------------------------
766
767 /**
768 * Has userdata
769 *
770 * Legacy CI_Session compatibility method
771 *
772 * @param string $key Session data key
773 * @return bool
774 */
775 public function has_userdata($key)
776 {
777 return isset($_SESSION[$key]);
778 }
779
780 // ------------------------------------------------------------------------
781
782 /**
783 * Flashdata (fetch)
784 *
785 * Legacy CI_Session compatibility method
786 *
787 * @param string $key Session data key
788 * @return mixed Session data value or NULL if not found
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]789 */
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]790 public function flashdata($key = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]791 {
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]792 if (isset($key))
793 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]794 return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && ! is_int($_SESSION['__ci_vars'][$key]))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]795 ? $_SESSION[$key]
796 : NULL;
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]797 }
798
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]799 $flashdata = array();
800
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]801 if ( ! empty($_SESSION['__ci_vars']))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]802 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]803 foreach ($_SESSION['__ci_vars'] as $key => &$value)
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]804 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]805 is_int($value) OR $flashdata[$key] = $_SESSION[$key];
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]806 }
807 }
808
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]809 return $flashdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]810 }
811
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]812 // ------------------------------------------------------------------------
813
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]814 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]815 * Set flashdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]816 *
Calvin Tam55bc5052015-07-24 02:27:24 -0700[diff] [blame]817 * Legacy CI_Session compatibility method
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]818 *
819 * @param mixed $data Session data key or an associative array
820 * @param mixed $value Value to store
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]821 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]822 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]823 public function set_flashdata($data, $value = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]824 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]825 $this->set_userdata($data, $value);
Andrey Andreevc6e50982014-10-26 21:27:28 +0200[diff] [blame]826 $this->mark_as_flash(is_array($data) ? array_keys($data) : $data);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]827 }
828
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]829 // ------------------------------------------------------------------------
830
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]831 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]832 * Keep flashdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]833 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]834 * Legacy CI_Session compatibility method
835 *
836 * @param mixed $key Session data key(s)
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]837 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]838 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]839 public function keep_flashdata($key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]840 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]841 $this->mark_as_flash($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]842 }
843
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]844 // ------------------------------------------------------------------------
845
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]846 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]847 * Temp data (fetch)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]848 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]849 * Legacy CI_Session compatibility method
850 *
851 * @param string $key Session data key
852 * @return mixed Session data value or NULL if not found
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]853 */
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]854 public function tempdata($key = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]855 {
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]856 if (isset($key))
857 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]858 return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && is_int($_SESSION['__ci_vars'][$key]))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]859 ? $_SESSION[$key]
860 : NULL;
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]861 }
862
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]863 $tempdata = array();
864
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]865 if ( ! empty($_SESSION['__ci_vars']))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]866 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]867 foreach ($_SESSION['__ci_vars'] as $key => &$value)
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]868 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]869 is_int($value) && $tempdata[$key] = $_SESSION[$key];
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]870 }
871 }
872
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]873 return $tempdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]874 }
875
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]876 // ------------------------------------------------------------------------
877
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]878 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]879 * Set tempdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]880 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]881 * Legacy CI_Session compatibility method
882 *
883 * @param mixed $data Session data key or an associative array of items
884 * @param mixed $value Value to store
885 * @param int $ttl Time-to-live in seconds
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]886 * @return void
887 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]888 public function set_tempdata($data, $value = NULL, $ttl = 300)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]889 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]890 $this->set_userdata($data, $value);
Andrey Andreevfd310572015-03-30 17:19:26 +0300[diff] [blame]891 $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]892 }
893
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]894 // ------------------------------------------------------------------------
895
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]896 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]897 * Unset tempdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]898 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]899 * Legacy CI_Session compatibility method
900 *
901 * @param mixed $data Session data key(s)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]902 * @return void
903 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]904 public function unset_tempdata($key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]905 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]906 $this->unmark_temp($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]907 }
908
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]909}