Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 8d8543da992985ae61a6903a138d949f189721e9 / . / system / libraries / Session / drivers / Session_native.php
blob: 3e700ad5db7251336f209e05c42ae775ab306234 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
6 *
7 * NOTICE OF LICENSE
8 *
9 * Licensed under the Open Software License version 3.0
10 *
11 * This source file is subject to the Open Software License (OSL 3.0) that is
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]12 * bundled with this package in the files license.txt / license.rst. It is
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]18 *
19 * @package CodeIgniter
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]20 * @author EllisLab Dev Team
21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]23 * @link http://codeigniter.com
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]24 * @since Version 1.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]25 * @filesource
26 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]27defined('BASEPATH') OR exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]28
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]29/**
30 * Native PHP session management driver
31 *
32 * This is the driver that uses the native PHP $_SESSION array through the Session driver library.
33 *
34 * @package CodeIgniter
35 * @subpackage Libraries
36 * @category Sessions
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]37 * @author EllisLab Dev Team
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]38 */
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]39class CI_Session_native extends CI_Session_driver {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]40
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]41 /**
42 * Initialize session driver object
43 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]44 * @return void
45 */
46 protected function initialize()
47 {
48 // Get config parameters
49 $config = array();
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]50 $prefs = array(
51 'sess_cookie_name',
52 'sess_expire_on_close',
53 'sess_expiration',
54 'sess_match_ip',
55 'sess_match_useragent',
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]56 'sess_time_to_update',
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]57 'cookie_prefix',
58 'cookie_path',
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]59 'cookie_domain',
60 'cookie_secure',
61 'cookie_httponly'
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]62 );
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]63
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]64 foreach ($prefs as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]65 {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]66 $config[$key] = isset($this->_parent->params[$key])
67 ? $this->_parent->params[$key]
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]68 : $this->CI->config->item($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]69 }
70
71 // Set session name, if specified
72 if ($config['sess_cookie_name'])
73 {
dchill42aee92652012-08-26 21:45:35 -0400[diff] [blame]74 // Differentiate name from cookie driver with '_id' suffix
75 $name = $config['sess_cookie_name'].'_id';
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]76 if ($config['cookie_prefix'])
77 {
78 // Prepend cookie prefix
79 $name = $config['cookie_prefix'].$name;
80 }
81 session_name($name);
82 }
83
84 // Set expiration, path, and domain
85 $expire = 7200;
86 $path = '/';
87 $domain = '';
GDmacff5ffdf2012-10-16 19:22:12 +0200[diff] [blame]88 $secure = (bool) $config['cookie_secure'];
89 $http_only = (bool) $config['cookie_httponly'];
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]90
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]91 if ($config['sess_expiration'] !== FALSE)
92 {
93 // Default to 2 years if expiration is "0"
94 $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration'];
95 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]96
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]97 if ($config['cookie_path'])
98 {
99 // Use specified path
100 $path = $config['cookie_path'];
101 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]102
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]103 if ($config['cookie_domain'])
104 {
105 // Use specified domain
106 $domain = $config['cookie_domain'];
107 }
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]108
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]109 session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]110
111 // Start session
112 session_start();
113
114 // Check session expiration, ip, and agent
115 $now = time();
116 $destroy = FALSE;
Andrey Andreev02117682012-10-15 11:12:37 +0300[diff] [blame]117 if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]118 {
119 // Expired - destroy
120 $destroy = TRUE;
121 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]122 elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]123 && $_SESSION['ip_address'] !== $this->CI->input->ip_address())
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]124 {
125 // IP doesn't match - destroy
126 $destroy = TRUE;
127 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]128 elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]129 && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50)))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]130 {
131 // Agent doesn't match - destroy
132 $destroy = TRUE;
133 }
134
135 // Destroy expired or invalid session
136 if ($destroy)
137 {
138 // Clear old session and start new
139 $this->sess_destroy();
140 session_start();
141 }
142
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]143 // Check for update time
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]144 if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
145 && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]146 {
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]147 // Changing the session ID amidst a series of AJAX calls causes problems
148 if( ! $this->CI->input->is_ajax_request())
149 {
150 // Regenerate ID, but don't destroy session
151 $this->sess_regenerate(FALSE);
152 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]153 }
154
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]155 // Set activity time
156 $_SESSION['last_activity'] = $now;
157
158 // Set matching values as required
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]159 if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]160 {
161 // Store user IP address
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]162 $_SESSION['ip_address'] = $this->CI->input->ip_address();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]163 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]164
165 if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]166 {
167 // Store user agent string
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]168 $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50));
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]169 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]170
171 // Make session ID available
172 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]173 }
174
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]175 // ------------------------------------------------------------------------
176
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]177 /**
178 * Save the session data
179 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]180 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]181 */
182 public function sess_save()
183 {
184 // Nothing to do - changes to $_SESSION are automatically saved
185 }
186
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]187 // ------------------------------------------------------------------------
188
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]189 /**
190 * Destroy the current session
191 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]192 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]193 */
194 public function sess_destroy()
195 {
196 // Cleanup session
197 $_SESSION = array();
198 $name = session_name();
199 if (isset($_COOKIE[$name]))
200 {
201 // Clear session cookie
202 $params = session_get_cookie_params();
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]203 setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]204 unset($_COOKIE[$name]);
205 }
206 session_destroy();
207 }
208
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]209 // ------------------------------------------------------------------------
210
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]211 /**
212 * Regenerate the current session
213 *
214 * Regenerate the session id
215 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]216 * @param bool Destroy session data flag (default: FALSE)
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]217 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]218 */
dchill4277ee3fd2012-07-24 11:50:01 -0400[diff] [blame]219 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]220 {
221 // Just regenerate id, passing destroy flag
222 session_regenerate_id($destroy);
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]223 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]224 }
225
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]226 // ------------------------------------------------------------------------
227
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]228 /**
229 * Get a reference to user data array
230 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]231 * @return array Reference to userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]232 */
233 public function &get_userdata()
234 {
235 // Just return reference to $_SESSION
236 return $_SESSION;
237 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]238
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]239}
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]240
241/* End of file Session_native.php */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]242/* Location: ./system/libraries/Session/drivers/Session_native.php */