Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / e2afc886d5e7fe1d55a467c9bc46fe40c1a2bbf6 / . / system / libraries / Session / drivers / Session_native.php
blob: a837b89f6aca00022dd40abba31fb0632806b7bc [file] [log] [blame]
vkeranov2b5b92e2012-10-27 18:01:47 +0300[diff] [blame]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
6 *
7 * NOTICE OF LICENSE
8 *
9 * Licensed under the Open Software License version 3.0
10 *
11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]18 *
19 * @package CodeIgniter
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]20 * @author EllisLab Dev Team
21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]23 * @link http://codeigniter.com
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]24 * @since Version 1.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]25 * @filesource
26 */
27
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]28/**
29 * Native PHP session management driver
30 *
31 * This is the driver that uses the native PHP $_SESSION array through the Session driver library.
32 *
33 * @package CodeIgniter
34 * @subpackage Libraries
35 * @category Sessions
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]36 * @author EllisLab Dev Team
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]37 */
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]38class CI_Session_native extends CI_Session_driver {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]39
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]40 /**
41 * Initialize session driver object
42 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]43 * @return void
44 */
45 protected function initialize()
46 {
47 // Get config parameters
48 $config = array();
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]49 $prefs = array(
50 'sess_cookie_name',
51 'sess_expire_on_close',
52 'sess_expiration',
53 'sess_match_ip',
54 'sess_match_useragent',
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]55 'sess_time_to_update',
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]56 'cookie_prefix',
57 'cookie_path',
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]58 'cookie_domain',
59 'cookie_secure',
60 'cookie_httponly'
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]61 );
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]62
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]63 foreach ($prefs as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]64 {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]65 $config[$key] = isset($this->_parent->params[$key])
66 ? $this->_parent->params[$key]
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]67 : $this->CI->config->item($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]68 }
69
70 // Set session name, if specified
71 if ($config['sess_cookie_name'])
72 {
dchill42aee92652012-08-26 21:45:35 -0400[diff] [blame]73 // Differentiate name from cookie driver with '_id' suffix
74 $name = $config['sess_cookie_name'].'_id';
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]75 if ($config['cookie_prefix'])
76 {
77 // Prepend cookie prefix
78 $name = $config['cookie_prefix'].$name;
79 }
80 session_name($name);
81 }
82
83 // Set expiration, path, and domain
84 $expire = 7200;
85 $path = '/';
86 $domain = '';
GDmacff5ffdf2012-10-16 19:22:12 +0200[diff] [blame]87 $secure = (bool) $config['cookie_secure'];
88 $http_only = (bool) $config['cookie_httponly'];
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]89
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]90 if ($config['sess_expiration'] !== FALSE)
91 {
92 // Default to 2 years if expiration is "0"
93 $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration'];
94 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]95
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]96 if ($config['cookie_path'])
97 {
98 // Use specified path
99 $path = $config['cookie_path'];
100 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]101
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]102 if ($config['cookie_domain'])
103 {
104 // Use specified domain
105 $domain = $config['cookie_domain'];
106 }
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]107
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]108 session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]109
110 // Start session
111 session_start();
112
113 // Check session expiration, ip, and agent
114 $now = time();
115 $destroy = FALSE;
Andrey Andreev02117682012-10-15 11:12:37 +0300[diff] [blame]116 if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]117 {
118 // Expired - destroy
119 $destroy = TRUE;
120 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]121 elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]122 && $_SESSION['ip_address'] !== $this->CI->input->ip_address())
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]123 {
124 // IP doesn't match - destroy
125 $destroy = TRUE;
126 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]127 elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]128 && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50)))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]129 {
130 // Agent doesn't match - destroy
131 $destroy = TRUE;
132 }
133
134 // Destroy expired or invalid session
135 if ($destroy)
136 {
137 // Clear old session and start new
138 $this->sess_destroy();
139 session_start();
140 }
141
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]142 // Check for update time
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]143 if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
144 && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]145 {
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]146 // Changing the session ID amidst a series of AJAX calls causes problems
147 if( ! $this->CI->input->is_ajax_request())
148 {
149 // Regenerate ID, but don't destroy session
150 $this->sess_regenerate(FALSE);
151 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]152 }
153
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]154 // Set activity time
155 $_SESSION['last_activity'] = $now;
156
157 // Set matching values as required
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]158 if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]159 {
160 // Store user IP address
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]161 $_SESSION['ip_address'] = $this->CI->input->ip_address();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]162 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]163
164 if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]165 {
166 // Store user agent string
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]167 $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50));
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]168 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]169
170 // Make session ID available
171 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]172 }
173
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]174 // ------------------------------------------------------------------------
175
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]176 /**
177 * Save the session data
178 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]179 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]180 */
181 public function sess_save()
182 {
183 // Nothing to do - changes to $_SESSION are automatically saved
184 }
185
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]186 // ------------------------------------------------------------------------
187
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]188 /**
189 * Destroy the current session
190 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]191 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]192 */
193 public function sess_destroy()
194 {
195 // Cleanup session
196 $_SESSION = array();
197 $name = session_name();
198 if (isset($_COOKIE[$name]))
199 {
200 // Clear session cookie
201 $params = session_get_cookie_params();
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]202 setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]203 unset($_COOKIE[$name]);
204 }
205 session_destroy();
206 }
207
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]208 // ------------------------------------------------------------------------
209
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]210 /**
211 * Regenerate the current session
212 *
213 * Regenerate the session id
214 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]215 * @param bool Destroy session data flag (default: FALSE)
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]216 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]217 */
dchill4277ee3fd2012-07-24 11:50:01 -0400[diff] [blame]218 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]219 {
220 // Just regenerate id, passing destroy flag
221 session_regenerate_id($destroy);
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]222 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]223 }
224
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]225 // ------------------------------------------------------------------------
226
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]227 /**
228 * Get a reference to user data array
229 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]230 * @return array Reference to userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]231 */
232 public function &get_userdata()
233 {
234 // Just return reference to $_SESSION
235 return $_SESSION;
236 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]237
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]238}
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]239
240/* End of file Session_native.php */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]241/* Location: ./system/libraries/Session/drivers/Session_native.php */