Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 6c6ee1a1e73b3f8a93ca031107bec35e56272a0a / . / system / libraries / Session / Session.php
blob: 5aac12f36e9a35a7f5093cf0e7ad4ab1f297c395 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame]5 * An open source application development framework for PHP
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]6 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]7 * This content is released under the MIT License (MIT)
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]8 *
Andrey Andreev125ef472016-01-11 12:33:00 +0200[diff] [blame]9 * Copyright (c) 2014 - 2016, British Columbia Institute of Technology
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]10 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]11 * Permission is hereby granted, free of charge, to any person obtaining a copy
12 * of this software and associated documentation files (the "Software"), to deal
13 * in the Software without restriction, including without limitation the rights
14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 * copies of the Software, and to permit persons to whom the Software is
16 * furnished to do so, subject to the following conditions:
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]17 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 *
29 * @package CodeIgniter
30 * @author EllisLab Dev Team
Andrey Andreev1924e872016-01-11 12:55:34 +0200[diff] [blame]31 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
Andrey Andreev125ef472016-01-11 12:33:00 +0200[diff] [blame]32 * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]33 * @license http://opensource.org/licenses/MIT MIT License
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]34 * @link https://codeigniter.com
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]35 * @since Version 2.0.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]36 * @filesource
37 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]38defined('BASEPATH') OR exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]39
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]40/**
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]41 * CodeIgniter Session Class
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]42 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]43 * @package CodeIgniter
44 * @subpackage Libraries
45 * @category Sessions
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]46 * @author Andrey Andreev
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]47 * @link https://codeigniter.com/user_guide/libraries/sessions.html
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]48 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]49class CI_Session {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]50
Andrey Andreevb4b215e2015-01-19 11:59:11 +0200[diff] [blame]51 /**
52 * Userdata array
53 *
54 * Just a reference to $_SESSION, for BC purposes.
55 */
56 public $userdata;
57
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]58 protected $_driver = 'files';
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]59 protected $_config;
Andrey Andreev6c6ee1a2016-10-22 16:33:06 +0300[diff] [blame^]60 protected $_sid_regexp;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]61
Andrey Andreev0fa95bd2012-11-01 23:33:14 +0200[diff] [blame]62 // ------------------------------------------------------------------------
63
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]64 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]65 * Class constructor
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]66 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]67 * @param array $params Configuration parameters
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]68 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]69 */
70 public function __construct(array $params = array())
71 {
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]72 // No sessions under CLI
Andrey Andreevf964b162013-11-12 17:04:55 +0200[diff] [blame]73 if (is_cli())
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]74 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]75 log_message('debug', 'Session: Initialization under CLI aborted.');
76 return;
77 }
78 elseif ((bool) ini_get('session.auto_start'))
79 {
80 log_message('error', 'Session: session.auto_start is enabled in php.ini. Aborting.');
81 return;
82 }
83 elseif ( ! empty($params['driver']))
84 {
85 $this->_driver = $params['driver'];
86 unset($params['driver']);
87 }
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]88 elseif ($driver = config_item('sess_driver'))
Andrey Andreev34b1ef52014-05-31 21:23:41 +0300[diff] [blame]89 {
90 $this->_driver = $driver;
91 }
Andrey Andreevac4f4722014-06-02 11:16:32 +0300[diff] [blame]92 // Note: BC workaround
93 elseif (config_item('sess_use_database'))
94 {
Andrey Andreev85dfc2a2016-04-01 22:54:15 +0300[diff] [blame]95 log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".');
Andrey Andreevac4f4722014-06-02 11:16:32 +0300[diff] [blame]96 $this->_driver = 'database';
97 }
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]98
Andrey Andreev34b92c62015-03-12 12:42:00 +0200[diff] [blame]99 $class = $this->_ci_load_classes($this->_driver);
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]100
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]101 // Configuration ...
102 $this->_configure($params);
Andrey Andreev6c6ee1a2016-10-22 16:33:06 +0300[diff] [blame^]103 $this->_config['_sid_regexp'] = $this->_sid_regexp;
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]104
105 $class = new $class($this->_config);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]106 if ($class instanceof SessionHandlerInterface)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]107 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]108 if (is_php('5.4'))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]109 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]110 session_set_save_handler($class, TRUE);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]111 }
112 else
113 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]114 session_set_save_handler(
115 array($class, 'open'),
116 array($class, 'close'),
117 array($class, 'read'),
118 array($class, 'write'),
119 array($class, 'destroy'),
120 array($class, 'gc')
121 );
122
123 register_shutdown_function('session_write_close');
124 }
125 }
126 else
127 {
128 log_message('error', "Session: Driver '".$this->_driver."' doesn't implement SessionHandlerInterface. Aborting.");
129 return;
130 }
131
Andrey Andreev562e39b2014-11-12 15:38:58 +0200[diff] [blame]132 // Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
133 if (isset($_COOKIE[$this->_config['cookie_name']])
134 && (
135 ! is_string($_COOKIE[$this->_config['cookie_name']])
Andrey Andreev6c6ee1a2016-10-22 16:33:06 +0300[diff] [blame^]136 OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']])
Andrey Andreev562e39b2014-11-12 15:38:58 +0200[diff] [blame]137 )
138 )
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]139 {
Andrey Andreev562e39b2014-11-12 15:38:58 +0200[diff] [blame]140 unset($_COOKIE[$this->_config['cookie_name']]);
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]141 }
142
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]143 session_start();
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]144
Andrey Andreevff37ffe2014-11-04 12:28:57 +0200[diff] [blame]145 // Is session ID auto-regeneration configured? (ignoring ajax requests)
Andrey Andreev395f9282015-02-05 13:29:56 +0200[diff] [blame]146 if ((empty($_SERVER['HTTP_X_REQUESTED_WITH']) OR strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest')
Andrey Andreevde5c2462014-11-04 12:31:03 +0200[diff] [blame]147 && ($regenerate_time = config_item('sess_time_to_update')) > 0
Andrey Andreevff37ffe2014-11-04 12:28:57 +0200[diff] [blame]148 )
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]149 {
150 if ( ! isset($_SESSION['__ci_last_regenerate']))
151 {
152 $_SESSION['__ci_last_regenerate'] = time();
153 }
154 elseif ($_SESSION['__ci_last_regenerate'] < (time() - $regenerate_time))
155 {
Andrey Andreev789b1fe2015-02-07 19:30:30 +0200[diff] [blame]156 $this->sess_regenerate((bool) config_item('sess_regenerate_destroy'));
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]157 }
158 }
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]159 // Another work-around ... PHP doesn't seem to send the session cookie
160 // unless it is being currently created or regenerated
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]161 elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id())
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]162 {
163 setcookie(
164 $this->_config['cookie_name'],
165 session_id(),
166 (empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']),
167 $this->_config['cookie_path'],
168 $this->_config['cookie_domain'],
169 $this->_config['cookie_secure'],
170 TRUE
171 );
172 }
173
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]174 $this->_ci_init_vars();
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]175
Andrey Andreev90726b82015-01-20 12:39:22 +0200[diff] [blame]176 log_message('info', "Session: Class initialized using '".$this->_driver."' driver.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]177 }
178
179 // ------------------------------------------------------------------------
180
Andrey Andreev10411fc2015-01-19 13:54:53 +0200[diff] [blame]181 /**
182 * CI Load Classes
183 *
184 * An internal method to load all possible dependency and extension
185 * classes. It kind of emulates the CI_Driver library, but is
186 * self-sufficient.
187 *
188 * @param string $driver Driver name
189 * @return string Driver class name
190 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]191 protected function _ci_load_classes($driver)
192 {
193 // PHP 5.4 compatibility
194 interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php');
195
196 $prefix = config_item('subclass_prefix');
197
198 if ( ! class_exists('CI_Session_driver', FALSE))
199 {
Andrey Andreeve86603f2014-06-11 14:03:36 +0300[diff] [blame]200 require_once(
201 file_exists(APPPATH.'libraries/Session/Session_driver.php')
202 ? APPPATH.'libraries/Session/Session_driver.php'
203 : BASEPATH.'libraries/Session/Session_driver.php'
204 );
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]205
206 if (file_exists($file_path = APPPATH.'libraries/Session/'.$prefix.'Session_driver.php'))
207 {
208 require_once($file_path);
209 }
210 }
211
212 $class = 'Session_'.$driver.'_driver';
Andrey Andreevcd94dd72014-12-09 17:38:56 +0200[diff] [blame]213
214 // Allow custom drivers without the CI_ or MY_ prefix
215 if ( ! class_exists($class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php'))
216 {
217 require_once($file_path);
218 if (class_exists($class, FALSE))
219 {
220 return $class;
221 }
222 }
223
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]224 if ( ! class_exists('CI_'.$class, FALSE))
225 {
226 if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php'))
227 {
228 require_once($file_path);
229 }
230
Andrey Andreevcd94dd72014-12-09 17:38:56 +0200[diff] [blame]231 if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]232 {
Andrey Andreev1d195202015-03-13 11:25:29 +0200[diff] [blame]233 throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting.");
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]234 }
235 }
236
Andrey Andreev738b9e32016-02-24 12:14:10 +0200[diff] [blame]237 if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php'))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]238 {
239 require_once($file_path);
240 if (class_exists($prefix.$class, FALSE))
241 {
242 return $prefix.$class;
243 }
244 else
245 {
246 log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.');
247 }
248 }
249
250 return 'CI_'.$class;
251 }
252
253 // ------------------------------------------------------------------------
254
255 /**
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]256 * Configuration
257 *
258 * Handle input parameters and configuration defaults
259 *
260 * @param array &$params Input parameters
261 * @return void
262 */
263 protected function _configure(&$params)
264 {
265 $expiration = config_item('sess_expiration');
266
267 if (isset($params['cookie_lifetime']))
268 {
269 $params['cookie_lifetime'] = (int) $params['cookie_lifetime'];
270 }
271 else
272 {
273 $params['cookie_lifetime'] = ( ! isset($expiration) && config_item('sess_expire_on_close'))
274 ? 0 : (int) $expiration;
275 }
276
277 isset($params['cookie_name']) OR $params['cookie_name'] = config_item('sess_cookie_name');
278 if (empty($params['cookie_name']))
279 {
280 $params['cookie_name'] = ini_get('session.name');
281 }
282 else
283 {
284 ini_set('session.name', $params['cookie_name']);
285 }
286
287 isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path');
Andrey Andreev41b546d2014-10-06 03:01:22 +0300[diff] [blame]288 isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain');
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]289 isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure');
290
291 session_set_cookie_params(
292 $params['cookie_lifetime'],
293 $params['cookie_path'],
294 $params['cookie_domain'],
295 $params['cookie_secure'],
296 TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons
297 );
298
299 if (empty($expiration))
300 {
301 $params['expiration'] = (int) ini_get('session.gc_maxlifetime');
302 }
303 else
304 {
305 $params['expiration'] = (int) $expiration;
306 ini_set('session.gc_maxlifetime', $expiration);
307 }
308
309 $params['match_ip'] = (bool) (isset($params['match_ip']) ? $params['match_ip'] : config_item('sess_match_ip'));
310
311 isset($params['save_path']) OR $params['save_path'] = config_item('sess_save_path');
312
313 $this->_config = $params;
314
315 // Security is king
Andrey Andreevc02952d2015-02-13 13:04:38 +0200[diff] [blame]316 ini_set('session.use_trans_sid', 0);
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]317 ini_set('session.use_strict_mode', 1);
318 ini_set('session.use_cookies', 1);
319 ini_set('session.use_only_cookies', 1);
Andrey Andreev6c6ee1a2016-10-22 16:33:06 +0300[diff] [blame^]320
321 if (PHP_VERSION_ID < 70100)
322 {
323 if ((int) ini_get('session.hash_function') === 0)
324 {
325 ini_set('session.hash_function', 1);
326 ini_set('session.hash_bits_per_character', $bits_per_character = 4);
327 }
328 else
329 {
330 $bits_per_character = (int) ini_get('session.hash_bits_per_character');
331 }
332 }
333 elseif ((int) ini_get('session.sid_length') < 40 && ($bits_per_character = (int) ini_get('session.sid_bits_per_character')) === 4)
334 {
335 ini_set('session.sid_length', 40);
336 }
337
338 switch ($bits_per_character)
339 {
340 case 4:
341 $this->_sid_regexp = '[0-9a-f]{40,}';
342 break;
343 case 5:
344 $this->_sid_regexp = '[0-9a-v]{40,}';
345 break;
346 case 6:
347 $this->_sid_regexp = '[0-9a-zA-Z,-]{40,}';
348 break;
349 }
Andrey Andreevdfb39be2014-10-06 01:50:14 +0300[diff] [blame]350 }
351
352 // ------------------------------------------------------------------------
353
354 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]355 * Handle temporary variables
356 *
357 * Clears old "flash" data, marks the new one for deletion and handles
358 * "temp" data deletion.
359 *
360 * @return void
361 */
362 protected function _ci_init_vars()
363 {
364 if ( ! empty($_SESSION['__ci_vars']))
365 {
366 $current_time = time();
367
368 foreach ($_SESSION['__ci_vars'] as $key => &$value)
369 {
370 if ($value === 'new')
371 {
372 $_SESSION['__ci_vars'][$key] = 'old';
373 }
374 // Hacky, but 'old' will (implicitly) always be less than time() ;)
375 // DO NOT move this above the 'new' check!
376 elseif ($value < $current_time)
377 {
378 unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]);
379 }
380 }
381
382 if (empty($_SESSION['__ci_vars']))
383 {
384 unset($_SESSION['__ci_vars']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]385 }
386 }
Andrey Andreevb4b215e2015-01-19 11:59:11 +0200[diff] [blame]387
388 $this->userdata =& $_SESSION;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]389 }
390
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]391 // ------------------------------------------------------------------------
392
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]393 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]394 * Mark as flash
395 *
396 * @param mixed $key Session data key(s)
397 * @return bool
398 */
399 public function mark_as_flash($key)
400 {
401 if (is_array($key))
402 {
403 for ($i = 0, $c = count($key); $i < $c; $i++)
404 {
405 if ( ! isset($_SESSION[$key[$i]]))
406 {
407 return FALSE;
408 }
409 }
410
411 $new = array_fill_keys($key, 'new');
412
413 $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
414 ? array_merge($_SESSION['__ci_vars'], $new)
415 : $new;
416
417 return TRUE;
418 }
419
420 if ( ! isset($_SESSION[$key]))
421 {
422 return FALSE;
423 }
424
425 $_SESSION['__ci_vars'][$key] = 'new';
426 return TRUE;
427 }
428
429 // ------------------------------------------------------------------------
430
431 /**
432 * Get flash keys
433 *
434 * @return array
435 */
436 public function get_flash_keys()
437 {
438 if ( ! isset($_SESSION['__ci_vars']))
439 {
440 return array();
441 }
442
443 $keys = array();
444 foreach (array_keys($_SESSION['__ci_vars']) as $key)
445 {
446 is_int($_SESSION['__ci_vars'][$key]) OR $keys[] = $key;
447 }
448
449 return $keys;
450 }
451
452 // ------------------------------------------------------------------------
453
454 /**
455 * Unmark flash
456 *
457 * @param mixed $key Session data key(s)
458 * @return void
459 */
460 public function unmark_flash($key)
461 {
462 if (empty($_SESSION['__ci_vars']))
463 {
464 return;
465 }
466
467 is_array($key) OR $key = array($key);
468
469 foreach ($key as $k)
470 {
471 if (isset($_SESSION['__ci_vars'][$k]) && ! is_int($_SESSION['__ci_vars'][$k]))
472 {
473 unset($_SESSION['__ci_vars'][$k]);
474 }
475 }
476
477 if (empty($_SESSION['__ci_vars']))
478 {
479 unset($_SESSION['__ci_vars']);
480 }
481 }
482
483 // ------------------------------------------------------------------------
484
485 /**
486 * Mark as temp
487 *
488 * @param mixed $key Session data key(s)
489 * @param int $ttl Time-to-live in seconds
490 * @return bool
491 */
492 public function mark_as_temp($key, $ttl = 300)
493 {
494 $ttl += time();
495
496 if (is_array($key))
497 {
498 $temp = array();
499
500 foreach ($key as $k => $v)
501 {
502 // Do we have a key => ttl pair, or just a key?
503 if (is_int($k))
504 {
505 $k = $v;
506 $v = $ttl;
507 }
508 else
509 {
510 $v += time();
511 }
512
513 if ( ! isset($_SESSION[$k]))
514 {
515 return FALSE;
516 }
517
Andrey Andreev43df7bd2015-02-02 23:22:29 +0200[diff] [blame]518 $temp[$k] = $v;
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]519 }
520
521 $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars'])
522 ? array_merge($_SESSION['__ci_vars'], $temp)
523 : $temp;
524
525 return TRUE;
526 }
527
528 if ( ! isset($_SESSION[$key]))
529 {
530 return FALSE;
531 }
532
533 $_SESSION['__ci_vars'][$key] = $ttl;
534 return TRUE;
535 }
536
537 // ------------------------------------------------------------------------
538
539 /**
540 * Get temp keys
541 *
542 * @return array
543 */
544 public function get_temp_keys()
545 {
546 if ( ! isset($_SESSION['__ci_vars']))
547 {
548 return array();
549 }
550
551 $keys = array();
552 foreach (array_keys($_SESSION['__ci_vars']) as $key)
553 {
554 is_int($_SESSION['__ci_vars'][$key]) && $keys[] = $key;
555 }
556
557 return $keys;
558 }
559
560 // ------------------------------------------------------------------------
561
562 /**
563 * Unmark flash
564 *
565 * @param mixed $key Session data key(s)
566 * @return void
567 */
568 public function unmark_temp($key)
569 {
570 if (empty($_SESSION['__ci_vars']))
571 {
572 return;
573 }
574
575 is_array($key) OR $key = array($key);
576
577 foreach ($key as $k)
578 {
579 if (isset($_SESSION['__ci_vars'][$k]) && is_int($_SESSION['__ci_vars'][$k]))
580 {
581 unset($_SESSION['__ci_vars'][$k]);
582 }
583 }
584
585 if (empty($_SESSION['__ci_vars']))
586 {
587 unset($_SESSION['__ci_vars']);
588 }
589 }
590
591 // ------------------------------------------------------------------------
592
593 /**
594 * __get()
595 *
596 * @param string $key 'session_id' or a session data key
597 * @return mixed
598 */
599 public function __get($key)
600 {
601 // Note: Keep this order the same, just in case somebody wants to
602 // use 'session_id' as a session data key, for whatever reason
603 if (isset($_SESSION[$key]))
604 {
605 return $_SESSION[$key];
606 }
607 elseif ($key === 'session_id')
608 {
609 return session_id();
610 }
611
612 return NULL;
613 }
614
615 // ------------------------------------------------------------------------
616
617 /**
Andrey Andreev2c10f602016-03-15 14:39:02 +0200[diff] [blame]618 * __isset()
619 *
620 * @param string $key 'session_id' or a session data key
621 * @return bool
622 */
623 public function __isset($key)
624 {
625 if ($key === 'session_id')
626 {
627 return (session_status() === PHP_SESSION_ACTIVE);
628 }
629
630 return isset($_SESSION[$key]);
631 }
632
633 // ------------------------------------------------------------------------
634
635 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]636 * __set()
637 *
638 * @param string $key Session data key
639 * @param mixed $value Session data value
640 * @return void
641 */
642 public function __set($key, $value)
643 {
644 $_SESSION[$key] = $value;
645 }
646
647 // ------------------------------------------------------------------------
648
649 /**
650 * Session destroy
651 *
652 * Legacy CI_Session compatibility method
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]653 *
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]654 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]655 */
656 public function sess_destroy()
657 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]658 session_destroy();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]659 }
660
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]661 // ------------------------------------------------------------------------
662
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]663 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]664 * Session regenerate
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]665 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]666 * Legacy CI_Session compatibility method
667 *
668 * @param bool $destroy Destroy old session data flag
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]669 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]670 */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]671 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]672 {
Andrey Andreev8e60b9a2014-11-04 11:08:06 +0200[diff] [blame]673 $_SESSION['__ci_last_regenerate'] = time();
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]674 session_regenerate_id($destroy);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]675 }
676
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]677 // ------------------------------------------------------------------------
678
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]679 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]680 * Get userdata reference
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]681 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]682 * Legacy CI_Session compatibility method
683 *
684 * @returns array
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]685 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]686 public function &get_userdata()
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]687 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]688 return $_SESSION;
689 }
690
691 // ------------------------------------------------------------------------
692
693 /**
694 * Userdata (fetch)
695 *
696 * Legacy CI_Session compatibility method
697 *
698 * @param string $key Session data key
699 * @return mixed Session data value or NULL if not found
700 */
701 public function userdata($key = NULL)
702 {
703 if (isset($key))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]704 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]705 return isset($_SESSION[$key]) ? $_SESSION[$key] : NULL;
706 }
707 elseif (empty($_SESSION))
708 {
709 return array();
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]710 }
711
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]712 $userdata = array();
713 $_exclude = array_merge(
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]714 array('__ci_vars'),
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]715 $this->get_flash_keys(),
716 $this->get_temp_keys()
717 );
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]718
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]719 foreach (array_keys($_SESSION) as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]720 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]721 if ( ! in_array($key, $_exclude, TRUE))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]722 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]723 $userdata[$key] = $_SESSION[$key];
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]724 }
725 }
726
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]727 return $userdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]728 }
729
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]730 // ------------------------------------------------------------------------
731
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]732 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]733 * Set userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]734 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]735 * Legacy CI_Session compatibility method
736 *
737 * @param mixed $data Session data key or an associative array
738 * @param mixed $value Value to store
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]739 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]740 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]741 public function set_userdata($data, $value = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]742 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]743 if (is_array($data))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]744 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]745 foreach ($data as $key => &$value)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]746 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]747 $_SESSION[$key] = $value;
Johnathan Croom8d8543d2012-11-25 10:36:57 -0700[diff] [blame]748 }
749
750 return;
Johnathan Croom4beca5c2012-11-23 18:32:46 -0700[diff] [blame]751 }
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]752
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]753 $_SESSION[$data] = $value;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]754 }
755
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]756 // ------------------------------------------------------------------------
757
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]758 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]759 * Unset userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]760 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]761 * Legacy CI_Session compatibility method
762 *
Andrey Andreeve13fa9f2016-05-20 17:30:07 +0300[diff] [blame]763 * @param mixed $key Session data key(s)
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]764 * @return void
765 */
766 public function unset_userdata($key)
767 {
768 if (is_array($key))
769 {
770 foreach ($key as $k)
771 {
Andrey Andreevd069b9b2014-09-16 10:18:16 +0300[diff] [blame]772 unset($_SESSION[$k]);
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]773 }
774
775 return;
776 }
777
778 unset($_SESSION[$key]);
779 }
780
781 // ------------------------------------------------------------------------
782
783 /**
784 * All userdata (fetch)
785 *
786 * Legacy CI_Session compatibility method
787 *
788 * @return array $_SESSION, excluding flash data items
789 */
790 public function all_userdata()
791 {
792 return $this->userdata();
793 }
794
795 // ------------------------------------------------------------------------
796
797 /**
798 * Has userdata
799 *
800 * Legacy CI_Session compatibility method
801 *
802 * @param string $key Session data key
803 * @return bool
804 */
805 public function has_userdata($key)
806 {
807 return isset($_SESSION[$key]);
808 }
809
810 // ------------------------------------------------------------------------
811
812 /**
813 * Flashdata (fetch)
814 *
815 * Legacy CI_Session compatibility method
816 *
817 * @param string $key Session data key
818 * @return mixed Session data value or NULL if not found
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]819 */
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]820 public function flashdata($key = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]821 {
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]822 if (isset($key))
823 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]824 return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && ! is_int($_SESSION['__ci_vars'][$key]))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]825 ? $_SESSION[$key]
826 : NULL;
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]827 }
828
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]829 $flashdata = array();
830
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]831 if ( ! empty($_SESSION['__ci_vars']))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]832 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]833 foreach ($_SESSION['__ci_vars'] as $key => &$value)
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]834 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]835 is_int($value) OR $flashdata[$key] = $_SESSION[$key];
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]836 }
837 }
838
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]839 return $flashdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]840 }
841
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]842 // ------------------------------------------------------------------------
843
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]844 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]845 * Set flashdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]846 *
Calvin Tam55bc5052015-07-24 02:27:24 -0700[diff] [blame]847 * Legacy CI_Session compatibility method
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]848 *
849 * @param mixed $data Session data key or an associative array
850 * @param mixed $value Value to store
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]851 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]852 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]853 public function set_flashdata($data, $value = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]854 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]855 $this->set_userdata($data, $value);
Andrey Andreevc6e50982014-10-26 21:27:28 +0200[diff] [blame]856 $this->mark_as_flash(is_array($data) ? array_keys($data) : $data);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]857 }
858
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]859 // ------------------------------------------------------------------------
860
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]861 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]862 * Keep flashdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]863 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]864 * Legacy CI_Session compatibility method
865 *
866 * @param mixed $key Session data key(s)
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]867 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]868 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]869 public function keep_flashdata($key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]870 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]871 $this->mark_as_flash($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]872 }
873
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]874 // ------------------------------------------------------------------------
875
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]876 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]877 * Temp data (fetch)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]878 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]879 * Legacy CI_Session compatibility method
880 *
881 * @param string $key Session data key
882 * @return mixed Session data value or NULL if not found
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]883 */
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]884 public function tempdata($key = NULL)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]885 {
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]886 if (isset($key))
887 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]888 return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && is_int($_SESSION['__ci_vars'][$key]))
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]889 ? $_SESSION[$key]
890 : NULL;
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]891 }
892
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]893 $tempdata = array();
894
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]895 if ( ! empty($_SESSION['__ci_vars']))
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]896 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]897 foreach ($_SESSION['__ci_vars'] as $key => &$value)
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]898 {
Andrey Andreevef417862014-06-04 21:28:13 +0300[diff] [blame]899 is_int($value) && $tempdata[$key] = $_SESSION[$key];
Andrey Andreevecc260e2014-01-24 14:20:13 +0200[diff] [blame]900 }
901 }
902
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]903 return $tempdata;
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]904 }
905
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]906 // ------------------------------------------------------------------------
907
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]908 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]909 * Set tempdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]910 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]911 * Legacy CI_Session compatibility method
912 *
913 * @param mixed $data Session data key or an associative array of items
914 * @param mixed $value Value to store
915 * @param int $ttl Time-to-live in seconds
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]916 * @return void
917 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]918 public function set_tempdata($data, $value = NULL, $ttl = 300)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]919 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]920 $this->set_userdata($data, $value);
Andrey Andreevfd310572015-03-30 17:19:26 +0300[diff] [blame]921 $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]922 }
923
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]924 // ------------------------------------------------------------------------
925
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]926 /**
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]927 * Unset tempdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]928 *
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]929 * Legacy CI_Session compatibility method
930 *
931 * @param mixed $data Session data key(s)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]932 * @return void
933 */
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]934 public function unset_tempdata($key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]935 {
Andrey Andreev47a47fb2014-05-31 16:08:30 +0300[diff] [blame]936 $this->unmark_temp($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]937 }
938
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]939}