Home Explore Help
Register Sign In
zhangbj
/
web
Watch 1
Star 0
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
2 Commits
1 Branches
Tree: 97d25c38f3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97d25c38f3'
${ noResults }
web/vendor/symfony/http-foundation/Session/Storage/NativeSessionStorage.php

NativeSessionStorage.php 13KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442 
  1. <?php

  2. 

  3. /*

  4.  * This file is part of the Symfony package.

  5.  *

  6.  * (c) Fabien Potencier <fabien@symfony.com>

  7.  *

  8.  * For the full copyright and license information, please view the LICENSE

  9.  * file that was distributed with this source code.

  10.  */

  11. 

  12. namespace Symfony\Component\HttpFoundation\Session\Storage;

  13. 

  14. use Symfony\Component\HttpFoundation\Session\SessionBagInterface;

  15. use Symfony\Component\HttpFoundation\Session\Storage\Handler\StrictSessionHandler;

  16. use Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy;

  17. use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;

  18. 

  19. /**

  20.  * This provides a base class for session attribute storage.

  21.  *

  22.  * @author Drak <drak@zikula.org>

  23.  */

  24. class NativeSessionStorage implements SessionStorageInterface

  25. {

  26.     /**

  27.      * @var SessionBagInterface[]

  28.      */

  29.     protected $bags = array();

  30. 

  31.     /**

  32.      * @var bool

  33.      */

  34.     protected $started = false;

  35. 

  36.     /**

  37.      * @var bool

  38.      */

  39.     protected $closed = false;

  40. 

  41.     /**

  42.      * @var AbstractProxy|\SessionHandlerInterface

  43.      */

  44.     protected $saveHandler;

  45. 

  46.     /**

  47.      * @var MetadataBag

  48.      */

  49.     protected $metadataBag;

  50. 

  51.     /**

  52.      * Depending on how you want the storage driver to behave you probably

  53.      * want to override this constructor entirely.

  54.      *

  55.      * List of options for $options array with their defaults.

  56.      *

  57.      * @see http://php.net/session.configuration for options

  58.      * but we omit 'session.' from the beginning of the keys for convenience.

  59.      *

  60.      * ("auto_start", is not supported as it tells PHP to start a session before

  61.      * PHP starts to execute user-land code. Setting during runtime has no effect).

  62.      *

  63.      * cache_limiter, "" (use "0" to prevent headers from being sent entirely).

  64.      * cache_expire, "0"

  65.      * cookie_domain, ""

  66.      * cookie_httponly, ""

  67.      * cookie_lifetime, "0"

  68.      * cookie_path, "/"

  69.      * cookie_secure, ""

  70.      * gc_divisor, "100"

  71.      * gc_maxlifetime, "1440"

  72.      * gc_probability, "1"

  73.      * lazy_write, "1"

  74.      * name, "PHPSESSID"

  75.      * referer_check, ""

  76.      * serialize_handler, "php"

  77.      * use_strict_mode, "0"

  78.      * use_cookies, "1"

  79.      * use_only_cookies, "1"

  80.      * use_trans_sid, "0"

  81.      * upload_progress.enabled, "1"

  82.      * upload_progress.cleanup, "1"

  83.      * upload_progress.prefix, "upload_progress_"

  84.      * upload_progress.name, "PHP_SESSION_UPLOAD_PROGRESS"

  85.      * upload_progress.freq, "1%"

  86.      * upload_progress.min-freq, "1"

  87.      * url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset="

  88.      * sid_length, "32"

  89.      * sid_bits_per_character, "5"

  90.      * trans_sid_hosts, $_SERVER['HTTP_HOST']

  91.      * trans_sid_tags, "a=href,area=href,frame=src,form="

  92.      *

  93.      * @param array                         $options Session configuration options

  94.      * @param \SessionHandlerInterface|null $handler

  95.      * @param MetadataBag                   $metaBag MetadataBag

  96.      */

  97.     public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null)

  98.     {

  99.         $options += array(

  100.             'cache_limiter' => '',

  101.             'cache_expire' => 0,

  102.             'use_cookies' => 1,

  103.             'lazy_write' => 1,

  104.             'use_strict_mode' => 1,

  105.         );

  106. 

  107.         session_register_shutdown();

  108. 

  109.         $this->setMetadataBag($metaBag);

  110.         $this->setOptions($options);

  111.         $this->setSaveHandler($handler);

  112.     }

  113. 

  114.     /**

  115.      * Gets the save handler instance.

  116.      *

  117.      * @return AbstractProxy|\SessionHandlerInterface

  118.      */

  119.     public function getSaveHandler()

  120.     {

  121.         return $this->saveHandler;

  122.     }

  123. 

  124.     /**

  125.      * {@inheritdoc}

  126.      */

  127.     public function start()

  128.     {

  129.         if ($this->started) {

  130.             return true;

  131.         }

  132. 

  133.         if (\PHP_SESSION_ACTIVE === session_status()) {

  134.             throw new \RuntimeException('Failed to start the session: already started by PHP.');

  135.         }

  136. 

  137.         if (ini_get('session.use_cookies') && headers_sent($file, $line)) {

  138.             throw new \RuntimeException(sprintf('Failed to start the session because headers have already been sent by "%s" at line %d.', $file, $line));

  139.         }

  140. 

  141.         // ok to try and start the session

  142.         if (!session_start()) {

  143.             throw new \RuntimeException('Failed to start the session');

  144.         }

  145. 

  146.         $this->loadSession();

  147. 

  148.         return true;

  149.     }

  150. 

  151.     /**

  152.      * {@inheritdoc}

  153.      */

  154.     public function getId()

  155.     {

  156.         return $this->saveHandler->getId();

  157.     }

  158. 

  159.     /**

  160.      * {@inheritdoc}

  161.      */

  162.     public function setId($id)

  163.     {

  164.         $this->saveHandler->setId($id);

  165.     }

  166. 

  167.     /**

  168.      * {@inheritdoc}

  169.      */

  170.     public function getName()

  171.     {

  172.         return $this->saveHandler->getName();

  173.     }

  174. 

  175.     /**

  176.      * {@inheritdoc}

  177.      */

  178.     public function setName($name)

  179.     {

  180.         $this->saveHandler->setName($name);

  181.     }

  182. 

  183.     /**

  184.      * {@inheritdoc}

  185.      */

  186.     public function regenerate($destroy = false, $lifetime = null)

  187.     {

  188.         // Cannot regenerate the session ID for non-active sessions.

  189.         if (\PHP_SESSION_ACTIVE !== session_status()) {

  190.             return false;

  191.         }

  192. 

  193.         if (headers_sent()) {

  194.             return false;

  195.         }

  196. 

  197.         if (null !== $lifetime) {

  198.             ini_set('session.cookie_lifetime', $lifetime);

  199.         }

  200. 

  201.         if ($destroy) {

  202.             $this->metadataBag->stampNew();

  203.         }

  204. 

  205.         $isRegenerated = session_regenerate_id($destroy);

  206. 

  207.         // The reference to $_SESSION in session bags is lost in PHP7 and we need to re-create it.

  208.         // @see https://bugs.php.net/bug.php?id=70013

  209.         $this->loadSession();

  210. 

  211.         return $isRegenerated;

  212.     }

  213. 

  214.     /**

  215.      * {@inheritdoc}

  216.      */

  217.     public function save()

  218.     {

  219.         $session = $_SESSION;

  220. 

  221.         foreach ($this->bags as $bag) {

  222.             if (empty($_SESSION[$key = $bag->getStorageKey()])) {

  223.                 unset($_SESSION[$key]);

  224.             }

  225.         }

  226.         if (array($key = $this->metadataBag->getStorageKey()) === array_keys($_SESSION)) {

  227.             unset($_SESSION[$key]);

  228.         }

  229. 

  230.         // Register custom error handler to catch a possible failure warning during session write

  231.         set_error_handler(function ($errno, $errstr, $errfile, $errline) {

  232.             throw new \ErrorException($errstr, $errno, E_WARNING, $errfile, $errline);

  233.         }, E_WARNING);

  234. 

  235.         try {

  236.             $e = null;

  237.             session_write_close();

  238.         } catch (\ErrorException $e) {

  239.         } finally {

  240.             restore_error_handler();

  241.             $_SESSION = $session;

  242.         }

  243.         if (null !== $e) {

  244.             // The default PHP error message is not very helpful, as it does not give any information on the current save handler.

  245.             // Therefore, we catch this error and trigger a warning with a better error message

  246.             $handler = $this->getSaveHandler();

  247.             if ($handler instanceof SessionHandlerProxy) {

  248.                 $handler = $handler->getHandler();

  249.             }

  250. 

  251.             trigger_error(sprintf('session_write_close(): Failed to write session data with %s handler', get_class($handler)), E_USER_WARNING);

  252.         }

  253. 

  254.         $this->closed = true;

  255.         $this->started = false;

  256.     }

  257. 

  258.     /**

  259.      * {@inheritdoc}

  260.      */

  261.     public function clear()

  262.     {

  263.         // clear out the bags

  264.         foreach ($this->bags as $bag) {

  265.             $bag->clear();

  266.         }

  267. 

  268.         // clear out the session

  269.         $_SESSION = array();

  270. 

  271.         // reconnect the bags to the session

  272.         $this->loadSession();

  273.     }

  274. 

  275.     /**

  276.      * {@inheritdoc}

  277.      */

  278.     public function registerBag(SessionBagInterface $bag)

  279.     {

  280.         if ($this->started) {

  281.             throw new \LogicException('Cannot register a bag when the session is already started.');

  282.         }

  283. 

  284.         $this->bags[$bag->getName()] = $bag;

  285.     }

  286. 

  287.     /**

  288.      * {@inheritdoc}

  289.      */

  290.     public function getBag($name)

  291.     {

  292.         if (!isset($this->bags[$name])) {

  293.             throw new \InvalidArgumentException(sprintf('The SessionBagInterface %s is not registered.', $name));

  294.         }

  295. 

  296.         if (!$this->started && $this->saveHandler->isActive()) {

  297.             $this->loadSession();

  298.         } elseif (!$this->started) {

  299.             $this->start();

  300.         }

  301. 

  302.         return $this->bags[$name];

  303.     }

  304. 

  305.     public function setMetadataBag(MetadataBag $metaBag = null)

  306.     {

  307.         if (null === $metaBag) {

  308.             $metaBag = new MetadataBag();

  309.         }

  310. 

  311.         $this->metadataBag = $metaBag;

  312.     }

  313. 

  314.     /**

  315.      * Gets the MetadataBag.

  316.      *

  317.      * @return MetadataBag

  318.      */

  319.     public function getMetadataBag()

  320.     {

  321.         return $this->metadataBag;

  322.     }

  323. 

  324.     /**

  325.      * {@inheritdoc}

  326.      */

  327.     public function isStarted()

  328.     {

  329.         return $this->started;

  330.     }

  331. 

  332.     /**

  333.      * Sets session.* ini variables.

  334.      *

  335.      * For convenience we omit 'session.' from the beginning of the keys.

  336.      * Explicitly ignores other ini keys.

  337.      *

  338.      * @param array $options Session ini directives array(key => value)

  339.      *

  340.      * @see http://php.net/session.configuration

  341.      */

  342.     public function setOptions(array $options)

  343.     {

  344.         if (headers_sent() || \PHP_SESSION_ACTIVE === session_status()) {

  345.             return;

  346.         }

  347. 

  348.         $validOptions = array_flip(array(

  349.             'cache_expire', 'cache_limiter', 'cookie_domain', 'cookie_httponly',

  350.             'cookie_lifetime', 'cookie_path', 'cookie_secure',

  351.             'gc_divisor', 'gc_maxlifetime', 'gc_probability',

  352.             'lazy_write', 'name', 'referer_check',

  353.             'serialize_handler', 'use_strict_mode', 'use_cookies',

  354.             'use_only_cookies', 'use_trans_sid', 'upload_progress.enabled',

  355.             'upload_progress.cleanup', 'upload_progress.prefix', 'upload_progress.name',

  356.             'upload_progress.freq', 'upload_progress.min_freq', 'url_rewriter.tags',

  357.             'sid_length', 'sid_bits_per_character', 'trans_sid_hosts', 'trans_sid_tags',

  358.         ));

  359. 

  360.         foreach ($options as $key => $value) {

  361.             if (isset($validOptions[$key])) {

  362.                 ini_set('url_rewriter.tags' !== $key ? 'session.'.$key : $key, $value);

  363.             }

  364.         }

  365.     }

  366. 

  367.     /**

  368.      * Registers session save handler as a PHP session handler.

  369.      *

  370.      * To use internal PHP session save handlers, override this method using ini_set with

  371.      * session.save_handler and session.save_path e.g.

  372.      *

  373.      *     ini_set('session.save_handler', 'files');

  374.      *     ini_set('session.save_path', '/tmp');

  375.      *

  376.      * or pass in a \SessionHandler instance which configures session.save_handler in the

  377.      * constructor, for a template see NativeFileSessionHandler or use handlers in

  378.      * composer package drak/native-session

  379.      *

  380.      * @see http://php.net/session-set-save-handler

  381.      * @see http://php.net/sessionhandlerinterface

  382.      * @see http://php.net/sessionhandler

  383.      * @see http://github.com/drak/NativeSession

  384.      *

  385.      * @param \SessionHandlerInterface|null $saveHandler

  386.      *

  387.      * @throws \InvalidArgumentException

  388.      */

  389.     public function setSaveHandler($saveHandler = null)

  390.     {

  391.         if (!$saveHandler instanceof AbstractProxy &&

  392.             !$saveHandler instanceof \SessionHandlerInterface &&

  393.             null !== $saveHandler) {

  394.             throw new \InvalidArgumentException('Must be instance of AbstractProxy; implement \SessionHandlerInterface; or be null.');

  395.         }

  396. 

  397.         // Wrap $saveHandler in proxy and prevent double wrapping of proxy

  398.         if (!$saveHandler instanceof AbstractProxy && $saveHandler instanceof \SessionHandlerInterface) {

  399.             $saveHandler = new SessionHandlerProxy($saveHandler);

  400.         } elseif (!$saveHandler instanceof AbstractProxy) {

  401.             $saveHandler = new SessionHandlerProxy(new StrictSessionHandler(new \SessionHandler()));

  402.         }

  403.         $this->saveHandler = $saveHandler;

  404. 

  405.         if (headers_sent() || \PHP_SESSION_ACTIVE === session_status()) {

  406.             return;

  407.         }

  408. 

  409.         if ($this->saveHandler instanceof SessionHandlerProxy) {

  410.             session_set_save_handler($this->saveHandler->getHandler(), false);

  411.         } elseif ($this->saveHandler instanceof \SessionHandlerInterface) {

  412.             session_set_save_handler($this->saveHandler, false);

  413.         }

  414.     }

  415. 

  416.     /**

  417.      * Load the session with attributes.

  418.      *

  419.      * After starting the session, PHP retrieves the session from whatever handlers

  420.      * are set to (either PHP's internal, or a custom save handler set with session_set_save_handler()).

  421.      * PHP takes the return value from the read() handler, unserializes it

  422.      * and populates $_SESSION with the result automatically.

  423.      */

  424.     protected function loadSession(array &$session = null)

  425.     {

  426.         if (null === $session) {

  427.             $session = &$_SESSION;

  428.         }

  429. 

  430.         $bags = array_merge($this->bags, array($this->metadataBag));

  431. 

  432.         foreach ($bags as $bag) {

  433.             $key = $bag->getStorageKey();

  434.             $session[$key] = isset($session[$key]) ? $session[$key] : array();

  435.             $bag->initialize($session[$key]);

  436.         }

  437. 

  438.         $this->started = true;

  439.         $this->closed = false;

  440.     }

  441. }