Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / ff6d1a80b75eb4303551be1f2708509757a85e50 / . / system / libraries / Session / drivers / Session_native.php
blob: c237ad05938a9f740ad8224d717a3d1ae6677680 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
6 *
7 * NOTICE OF LICENSE
8 *
9 * Licensed under the Open Software License version 3.0
10 *
11 * This source file is subject to the Open Software License (OSL 3.0) that is
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]12 * bundled with this package in the files license.txt / license.rst. It is
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]18 *
19 * @package CodeIgniter
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]20 * @author EllisLab Dev Team
Andrey Andreev80500af2013-01-01 08:16:53 +0200[diff] [blame]21 * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/)
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]23 * @link http://codeigniter.com
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]24 * @since Version 1.0
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]25 * @filesource
26 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]27defined('BASEPATH') OR exit('No direct script access allowed');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]28
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]29/**
30 * Native PHP session management driver
31 *
32 * This is the driver that uses the native PHP $_SESSION array through the Session driver library.
33 *
34 * @package CodeIgniter
35 * @subpackage Libraries
36 * @category Sessions
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]37 * @author EllisLab Dev Team
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]38 */
Darren Hill5073a372011-08-31 13:54:19 -0400[diff] [blame]39class CI_Session_native extends CI_Session_driver {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]40
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]41 /**
42 * Initialize session driver object
43 *
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]44 * @return void
45 */
46 protected function initialize()
47 {
48 // Get config parameters
49 $config = array();
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]50 $prefs = array(
51 'sess_cookie_name',
52 'sess_expire_on_close',
53 'sess_expiration',
54 'sess_match_ip',
55 'sess_match_useragent',
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]56 'sess_time_to_update',
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]57 'cookie_prefix',
58 'cookie_path',
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]59 'cookie_domain',
60 'cookie_secure',
61 'cookie_httponly'
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]62 );
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]63
dchill4226429202012-07-31 10:55:07 -0400[diff] [blame]64 foreach ($prefs as $key)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]65 {
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]66 $config[$key] = isset($this->_parent->params[$key])
67 ? $this->_parent->params[$key]
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]68 : $this->CI->config->item($key);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]69 }
70
71 // Set session name, if specified
72 if ($config['sess_cookie_name'])
73 {
dchill42aee92652012-08-26 21:45:35 -0400[diff] [blame]74 // Differentiate name from cookie driver with '_id' suffix
75 $name = $config['sess_cookie_name'].'_id';
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]76 if ($config['cookie_prefix'])
77 {
78 // Prepend cookie prefix
79 $name = $config['cookie_prefix'].$name;
80 }
81 session_name($name);
82 }
83
84 // Set expiration, path, and domain
85 $expire = 7200;
86 $path = '/';
87 $domain = '';
GDmacff5ffdf2012-10-16 19:22:12 +0200[diff] [blame]88 $secure = (bool) $config['cookie_secure'];
89 $http_only = (bool) $config['cookie_httponly'];
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]90
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]91 if ($config['sess_expiration'] !== FALSE)
92 {
93 // Default to 2 years if expiration is "0"
94 $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration'];
95 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]96
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]97 if ($config['cookie_path'])
98 {
99 // Use specified path
100 $path = $config['cookie_path'];
101 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]102
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]103 if ($config['cookie_domain'])
104 {
105 // Use specified domain
106 $domain = $config['cookie_domain'];
107 }
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]108
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]109 session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]110
111 // Start session
112 session_start();
113
114 // Check session expiration, ip, and agent
115 $now = time();
116 $destroy = FALSE;
Andrey Andreev02117682012-10-15 11:12:37 +0300[diff] [blame]117 if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]118 {
119 // Expired - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]120 log_message('debug', 'Session: Expired');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]121 $destroy = TRUE;
122 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]123 elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]124 && $_SESSION['ip_address'] !== $this->CI->input->ip_address())
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]125 {
126 // IP doesn't match - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]127 log_message('debug', 'Session: IP address mismatch');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]128 $destroy = TRUE;
129 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]130 elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent'])
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]131 && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50)))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]132 {
133 // Agent doesn't match - destroy
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]134 log_message('debug', 'Session: User Agent string mismatch');
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]135 $destroy = TRUE;
136 }
137
138 // Destroy expired or invalid session
139 if ($destroy)
140 {
141 // Clear old session and start new
142 $this->sess_destroy();
143 session_start();
144 }
145
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]146 // Check for update time
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]147 if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
148 && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]149 {
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]150 // Changing the session ID amidst a series of AJAX calls causes problems
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]151 if ( ! $this->CI->input->is_ajax_request())
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]152 {
153 // Regenerate ID, but don't destroy session
Andrey Andreeve18de502013-07-17 19:59:20 +0300[diff] [blame]154 log_message('debug', 'Session: Regenerate ID');
GDmac28616da2012-10-16 15:01:14 +0200[diff] [blame]155 $this->sess_regenerate(FALSE);
156 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]157 }
158
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]159 // Set activity time
160 $_SESSION['last_activity'] = $now;
161
162 // Set matching values as required
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]163 if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]164 {
165 // Store user IP address
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]166 $_SESSION['ip_address'] = $this->CI->input->ip_address();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]167 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]168
169 if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent']))
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]170 {
171 // Store user agent string
Andrey Andreev2e3e2302012-10-09 15:52:34 +0300[diff] [blame]172 $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50));
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]173 }
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]174
175 // Make session ID available
176 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]177 }
178
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]179 // ------------------------------------------------------------------------
180
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]181 /**
182 * Save the session data
183 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]184 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]185 */
186 public function sess_save()
187 {
188 // Nothing to do - changes to $_SESSION are automatically saved
189 }
190
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]191 // ------------------------------------------------------------------------
192
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]193 /**
194 * Destroy the current session
195 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]196 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]197 */
198 public function sess_destroy()
199 {
200 // Cleanup session
201 $_SESSION = array();
202 $name = session_name();
203 if (isset($_COOKIE[$name]))
204 {
205 // Clear session cookie
206 $params = session_get_cookie_params();
GDmac19cd8872012-10-16 14:19:57 +0200[diff] [blame]207 setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]208 unset($_COOKIE[$name]);
209 }
210 session_destroy();
211 }
212
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]213 // ------------------------------------------------------------------------
214
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]215 /**
216 * Regenerate the current session
217 *
218 * Regenerate the session id
219 *
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]220 * @param bool Destroy session data flag (default: FALSE)
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]221 * @return void
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]222 */
dchill4277ee3fd2012-07-24 11:50:01 -0400[diff] [blame]223 public function sess_regenerate($destroy = FALSE)
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]224 {
225 // Just regenerate id, passing destroy flag
226 session_regenerate_id($destroy);
dchill42f79afb52012-08-08 12:03:46 -0400[diff] [blame]227 $_SESSION['session_id'] = session_id();
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]228 }
229
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]230 // ------------------------------------------------------------------------
231
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]232 /**
233 * Get a reference to user data array
234 *
Darren Hilla2ae6572011-09-01 07:36:26 -0400[diff] [blame]235 * @return array Reference to userdata
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]236 */
237 public function &get_userdata()
238 {
239 // Just return reference to $_SESSION
240 return $_SESSION;
241 }
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]242
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]243}
Darren Hillc4e266b2011-08-30 15:40:27 -0400[diff] [blame]244
245/* End of file Session_native.php */
Andrey Andreev9ffcee62012-09-05 16:25:16 +0300[diff] [blame]246/* Location: ./system/libraries/Session/drivers/Session_native.php */