Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / fe9309d22c1b088f5363954d6dac013c8c955894 / . / system / libraries / Session / drivers / Session_native.php
blob: c95e7f23ffac39e52478b5f6ceac8f729c7504e7 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame^]5 * An open source application development framework for PHP
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]6 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]7 * This content is released under the MIT License (MIT)
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]8 *
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame^]9 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]10 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]11 * Permission is hereby granted, free of charge, to any person obtaining a copy
12 * of this software and associated documentation files (the "Software"), to deal
13 * in the Software without restriction, including without limitation the rights
14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 * copies of the Software, and to permit persons to whom the Software is
16 * furnished to do so, subject to the following conditions:
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]17 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 *
29 * @package CodeIgniter
30 * @author EllisLab Dev Team
darwinel871754a2014-02-11 17:34:57 +0100[diff] [blame]31 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame^]32 * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]33 * @license http://opensource.org/licenses/MIT MIT License
34 * @link http://codeigniter.com
35 * @since Version 1.0.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]36 * @filesource
37 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]38defined('BASEPATH') OR exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]39
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]40/**
41 * Native PHP session management driver
42 *
43 * This is the driver that uses the native PHP $_SESSION array through the Session driver library.
44 *
45 * @package CodeIgniter
46 * @subpackage Libraries
47 * @category Sessions
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]48 * @author EllisLab Dev Team
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]49 */
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]50class CI_Session_native extends CI_Session_driver {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]51
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]52 /**
53 * Initialize session driver object
54 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]55 * @return void
56 */
57 protected function initialize()
58 {
59 // Get config parameters
60 $config = array();
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]61 $prefs = array(
62 'sess_cookie_name',
63 'sess_expire_on_close',
64 'sess_expiration',
65 'sess_match_ip',
66 'sess_match_useragent',
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]67 'sess_time_to_update',
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]68 'cookie_prefix',
69 'cookie_path',
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]70 'cookie_domain',
71 'cookie_secure',
72 'cookie_httponly'
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]73 );
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]74
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]75 foreach ($prefs as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]76 {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]77 $config[$key] = isset($this->_parent->params[$key])
78 ? $this->_parent->params[$key]
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]79 : $this->CI->config->item($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]80 }
81
82 // Set session name, if specified
83 if ($config['sess_cookie_name'])
84 {
dchill42aee92652012-08-26 21:45:35 -0400[diff] [blame]85 // Differentiate name from cookie driver with '_id' suffix
86 $name = $config['sess_cookie_name'].'_id';
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]87 if ($config['cookie_prefix'])
88 {
89 // Prepend cookie prefix
90 $name = $config['cookie_prefix'].$name;
91 }
92 session_name($name);
93 }
94
95 // Set expiration, path, and domain
96 $expire = 7200;
97 $path = '/';
98 $domain = '';
GDmacff5ffdf2012-10-16 19:22:12 +0200[diff] [blame]99 $secure = (bool) $config['cookie_secure'];
100 $http_only = (bool) $config['cookie_httponly'];
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]101
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]102 if ($config['sess_expiration'] !== FALSE)
103 {
104 // Default to 2 years if expiration is "0"
105 $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration'];
106 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]107
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]108 if ($config['cookie_path'])
109 {
110 // Use specified path
111 $path = $config['cookie_path'];
112 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]113
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]114 if ($config['cookie_domain'])
115 {
116 // Use specified domain
117 $domain = $config['cookie_domain'];
118 }
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]119
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]120 session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]121
122 // Start session
123 session_start();
124
125 // Check session expiration, ip, and agent
126 $now = time();
127 $destroy = FALSE;
Andrey Andreev02117682012-10-15 11:12:37 +0300[diff] [blame]128 if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]129 {
130 // Expired - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]131 log_message('debug', 'Session: Expired');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]132 $destroy = TRUE;
133 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]134 elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]135 && $_SESSION['ip_address'] !== $this->CI->input->ip_address())
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]136 {
137 // IP doesn't match - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]138 log_message('debug', 'Session: IP address mismatch');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]139 $destroy = TRUE;
140 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]141 elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]142 && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50)))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]143 {
144 // Agent doesn't match - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]145 log_message('debug', 'Session: User Agent string mismatch');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]146 $destroy = TRUE;
147 }
148
149 // Destroy expired or invalid session
150 if ($destroy)
151 {
152 // Clear old session and start new
153 $this->sess_destroy();
154 session_start();
155 }
156
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]157 // Check for update time
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]158 if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
159 && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]160 {
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]161 // Changing the session ID amidst a series of AJAX calls causes problems
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]162 if ( ! $this->CI->input->is_ajax_request())
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]163 {
164 // Regenerate ID, but don't destroy session
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]165 log_message('debug', 'Session: Regenerate ID');
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]166 $this->sess_regenerate(FALSE);
167 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]168 }
169
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]170 // Set activity time
171 $_SESSION['last_activity'] = $now;
172
173 // Set matching values as required
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]174 if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]175 {
176 // Store user IP address
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]177 $_SESSION['ip_address'] = $this->CI->input->ip_address();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]178 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]179
180 if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]181 {
182 // Store user agent string
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]183 $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50));
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]184 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]185
186 // Make session ID available
187 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]188 }
189
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]190 // ------------------------------------------------------------------------
191
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]192 /**
193 * Save the session data
194 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]195 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]196 */
197 public function sess_save()
198 {
199 // Nothing to do - changes to $_SESSION are automatically saved
200 }
201
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]202 // ------------------------------------------------------------------------
203
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]204 /**
205 * Destroy the current session
206 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]207 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]208 */
209 public function sess_destroy()
210 {
211 // Cleanup session
212 $_SESSION = array();
213 $name = session_name();
214 if (isset($_COOKIE[$name]))
215 {
216 // Clear session cookie
217 $params = session_get_cookie_params();
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]218 setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]219 unset($_COOKIE[$name]);
220 }
221 session_destroy();
222 }
223
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]224 // ------------------------------------------------------------------------
225
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]226 /**
227 * Regenerate the current session
228 *
229 * Regenerate the session id
230 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]231 * @param bool Destroy session data flag (default: FALSE)
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]232 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]233 */
dchill4277ee3fd2012-07-24 11:50:01 -0400[diff] [blame]234 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]235 {
236 // Just regenerate id, passing destroy flag
237 session_regenerate_id($destroy);
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]238 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]239 }
240
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]241 // ------------------------------------------------------------------------
242
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]243 /**
244 * Get a reference to user data array
245 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]246 * @return array Reference to userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]247 */
248 public function &get_userdata()
249 {
250 // Just return reference to $_SESSION
251 return $_SESSION;
252 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]253
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]254}
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]255
256/* End of file Session_native.php */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]257/* Location: ./system/libraries/Session/drivers/Session_native.php */