Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 1fb500077784638399be79b32fe354aec257413c / . / system / libraries / Session / drivers / Session_files_driver.php
blob: d3ef34acd2ac2f55ac8ab87c94e230845ce0dcbe [file] [log] [blame]
Andrey Andreev05afe3e2015-02-02 19:04:37 +0200[diff] [blame]1<?php
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreevbf6b11d2015-01-12 17:27:12 +0200[diff] [blame]5 * An open source application development framework for PHP
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]6 *
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]7 * This content is released under the MIT License (MIT)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]8 *
Andrey Andreevbf6b11d2015-01-12 17:27:12 +0200[diff] [blame]9 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]10 *
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]11 * Permission is hereby granted, free of charge, to any person obtaining a copy
12 * of this software and associated documentation files (the "Software"), to deal
13 * in the Software without restriction, including without limitation the rights
14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 * copies of the Software, and to permit persons to whom the Software is
16 * furnished to do so, subject to the following conditions:
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]17 *
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 *
29 * @package CodeIgniter
30 * @author EllisLab Dev Team
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]31 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
Andrey Andreevbf6b11d2015-01-12 17:27:12 +0200[diff] [blame]32 * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]33 * @license http://opensource.org/licenses/MIT MIT License
34 * @link http://codeigniter.com
35 * @since Version 3.0.0
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]36 * @filesource
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]37*/
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]38defined('BASEPATH') OR exit('No direct script access allowed');
39
40/**
41 * CodeIgniter Session Files Driver
42 *
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]43 * @package CodeIgniter
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]44 * @subpackage Libraries
45 * @category Sessions
Andrey Andreev46f2f262014-11-11 14:37:51 +0200[diff] [blame]46 * @author Andrey Andreev
47 * @link http://codeigniter.com/user_guide/libraries/sessions.html
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]48 */
49class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface {
50
51 /**
52 * Save path
53 *
54 * @var string
55 */
56 protected $_save_path;
57
58 /**
59 * File handle
60 *
61 * @var resource
62 */
63 protected $_file_handle;
64
65 /**
66 * File name
67 *
68 * @var resource
69 */
70 protected $_file_path;
71
72 /**
73 * File new flag
74 *
75 * @var bool
76 */
77 protected $_file_new;
78
79 // ------------------------------------------------------------------------
80
81 /**
82 * Class constructor
83 *
84 * @param array $params Configuration parameters
85 * @return void
86 */
87 public function __construct(&$params)
88 {
89 parent::__construct($params);
90
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]91 if (isset($this->_config['save_path']))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]92 {
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]93 $this->_config['save_path'] = rtrim($this->_config['save_path'], '/\\');
94 ini_set('session.save_path', $this->_config['save_path']);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]95 }
96 else
97 {
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]98 $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\');
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]99 }
100 }
101
102 // ------------------------------------------------------------------------
103
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]104 /**
105 * Open
106 *
107 * Sanitizes the save_path directory.
108 *
109 * @param string $save_path Path to session files' directory
110 * @param string $name Session cookie name, unused
111 * @return bool
112 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]113 public function open($save_path, $name)
114 {
Andrey Andreev5f4d01a2015-02-02 18:38:00 +0200[diff] [blame]115 if ( ! is_dir($save_path))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]116 {
Andrey Andreev5f4d01a2015-02-02 18:38:00 +0200[diff] [blame]117 if ( ! mkdir($save_path, 0700, TRUE))
118 {
119 throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created.");
120 }
121 }
122 elseif ( ! is_writable($save_path))
123 {
124 throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]125 }
126
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]127 $this->_config['save_path'] = $save_path;
128 $this->_file_path = $this->_config['save_path'].DIRECTORY_SEPARATOR
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]129 .$name // we'll use the session cookie name as a prefix to avoid collisions
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]130 .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : '');
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]131
132 return TRUE;
133 }
134
135 // ------------------------------------------------------------------------
136
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]137 /**
138 * Read
139 *
140 * Reads session data and acquires a lock
141 *
142 * @param string $session_id Session ID
143 * @return string Serialized session data
144 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]145 public function read($session_id)
146 {
147 // This might seem weird, but PHP 5.6 introduces session_reset(),
148 // which re-reads session data
149 if ($this->_file_handle === NULL)
150 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]151 // Just using fopen() with 'c+b' mode would be perfect, but it is only
152 // available since PHP 5.2.6 and we have to set permissions for new files,
153 // so we'd have to hack around this ...
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]154 if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]155 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]156 if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]157 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]158 log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]159 return FALSE;
160 }
161 }
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]162 elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]163 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]164 log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]165 return FALSE;
166 }
167
168 if (flock($this->_file_handle, LOCK_EX) === FALSE)
169 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]170 log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]171 fclose($this->_file_handle);
172 $this->_file_handle = NULL;
173 return FALSE;
174 }
175
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]176 // Needed by write() to detect session_regenerate_id() calls
177 $this->_session_id = $session_id;
178
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]179 if ($this->_file_new)
180 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]181 chmod($this->_file_path.$session_id, 0600);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]182 $this->_fingerprint = md5('');
183 return '';
184 }
185 }
186 else
187 {
188 rewind($this->_file_handle);
189 }
190
191 $session_data = '';
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]192 for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]193 {
194 if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE)
195 {
196 break;
197 }
198
199 $session_data .= $buffer;
200 }
201
202 $this->_fingerprint = md5($session_data);
203 return $session_data;
204 }
205
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]206 // ------------------------------------------------------------------------
207
208 /**
209 * Write
210 *
211 * Writes (create / update) session data
212 *
213 * @param string $session_id Session ID
214 * @param string $session_data Serialized session data
215 * @return bool
216 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]217 public function write($session_id, $session_data)
218 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]219 // If the two IDs don't match, we have a session_regenerate_id() call
220 // and we need to close the old handle and open a new one
221 if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE))
222 {
223 return FALSE;
224 }
225
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]226 if ( ! is_resource($this->_file_handle))
227 {
228 return FALSE;
229 }
230 elseif ($this->_fingerprint === md5($session_data))
231 {
232 return ($this->_file_new)
233 ? TRUE
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]234 : touch($this->_file_path.$session_id);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]235 }
236
237 if ( ! $this->_file_new)
238 {
239 ftruncate($this->_file_handle, 0);
240 rewind($this->_file_handle);
241 }
242
Andrey Andreev5995e082014-06-03 15:33:51 +0300[diff] [blame]243 if (($length = strlen($session_data)) > 0)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]244 {
Andrey Andreev5995e082014-06-03 15:33:51 +0300[diff] [blame]245 for ($written = 0; $written < $length; $written += $result)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]246 {
Andrey Andreev5995e082014-06-03 15:33:51 +0300[diff] [blame]247 if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE)
248 {
249 break;
250 }
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]251 }
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]252
Andrey Andreev5995e082014-06-03 15:33:51 +0300[diff] [blame]253 if ( ! is_int($result))
254 {
255 $this->_fingerprint = md5(substr($session_data, 0, $written));
256 log_message('error', 'Session: Unable to write data.');
257 return FALSE;
258 }
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]259 }
260
261 $this->_fingerprint = md5($session_data);
262 return TRUE;
263 }
264
265 // ------------------------------------------------------------------------
266
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]267 /**
268 * Close
269 *
270 * Releases locks and closes file descriptor.
271 *
Gabriel Potkány1fb50002015-02-04 01:45:59 +0100[diff] [blame^]272 * @return bool
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]273 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]274 public function close()
275 {
276 if (is_resource($this->_file_handle))
277 {
278 flock($this->_file_handle, LOCK_UN);
279 fclose($this->_file_handle);
280
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]281 $this->_file_handle = $this->_file_new = $this->_session_id = NULL;
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]282 return TRUE;
283 }
284
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]285 return TRUE;
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]286 }
287
288 // ------------------------------------------------------------------------
289
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]290 /**
291 * Destroy
292 *
293 * Destroys the current session.
294 *
295 * @param string $session_id Session ID
296 * @return bool
297 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]298 public function destroy($session_id)
299 {
300 if ($this->close())
301 {
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]302 return unlink($this->_file_path.$session_id) && $this->_cookie_destroy();
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]303 }
304 elseif ($this->_file_path !== NULL)
305 {
306 clearstatcache();
Andrey Andreev7474a672014-10-31 23:35:32 +0200[diff] [blame]307 return file_exists($this->_file_path.$session_id)
308 ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy())
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]309 : TRUE;
310 }
311
312 return FALSE;
313 }
314
315 // ------------------------------------------------------------------------
316
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]317 /**
318 * Garbage Collector
319 *
320 * Deletes expired sessions
321 *
322 * @param int $maxlifetime Maximum lifetime of sessions
323 * @return bool
324 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]325 public function gc($maxlifetime)
326 {
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]327 if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]328 {
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]329 log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]330 return FALSE;
331 }
332
333 $ts = time() - $maxlifetime;
334
335 foreach ($files as $file)
336 {
337 // If the filename doesn't match this pattern, it's either not a session file or is not ours
338 if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file)
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]339 OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)
Andrey Andreevcd489612014-10-27 16:09:01 +0200[diff] [blame]340 OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]341 OR $mtime > $ts)
342 {
343 continue;
344 }
345
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]346 unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]347 }
348
349 return TRUE;
350 }
351
352}