[ Index ]

PHP Cross Reference of phpBB-3.3.2-deutsch

title

Body

[close]

/vendor/symfony/http-foundation/Session/Storage/Handler/ -> AbstractSessionHandler.php (source)

   1  <?php
   2  
   3  /*
   4   * This file is part of the Symfony package.
   5   *
   6   * (c) Fabien Potencier <fabien@symfony.com>
   7   *
   8   * For the full copyright and license information, please view the LICENSE
   9   * file that was distributed with this source code.
  10   */
  11  
  12  namespace Symfony\Component\HttpFoundation\Session\Storage\Handler;
  13  
  14  use Symfony\Component\HttpFoundation\Session\SessionUtils;
  15  
  16  /**
  17   * This abstract session handler provides a generic implementation
  18   * of the PHP 7.0 SessionUpdateTimestampHandlerInterface,
  19   * enabling strict and lazy session handling.
  20   *
  21   * @author Nicolas Grekas <p@tchwork.com>
  22   */
  23  abstract class AbstractSessionHandler implements \SessionHandlerInterface, \SessionUpdateTimestampHandlerInterface
  24  {
  25      private $sessionName;
  26      private $prefetchId;
  27      private $prefetchData;
  28      private $newSessionId;
  29      private $igbinaryEmptyData;
  30  
  31      /**
  32       * @return bool
  33       */
  34      public function open($savePath, $sessionName)
  35      {
  36          $this->sessionName = $sessionName;
  37          if (!headers_sent() && !ini_get('session.cache_limiter') && '0' !== ini_get('session.cache_limiter')) {
  38              header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
  39          }
  40  
  41          return true;
  42      }
  43  
  44      /**
  45       * @param string $sessionId
  46       *
  47       * @return string
  48       */
  49      abstract protected function doRead($sessionId);
  50  
  51      /**
  52       * @param string $sessionId
  53       * @param string $data
  54       *
  55       * @return bool
  56       */
  57      abstract protected function doWrite($sessionId, $data);
  58  
  59      /**
  60       * @param string $sessionId
  61       *
  62       * @return bool
  63       */
  64      abstract protected function doDestroy($sessionId);
  65  
  66      /**
  67       * @return bool
  68       */
  69      public function validateId($sessionId)
  70      {
  71          $this->prefetchData = $this->read($sessionId);
  72          $this->prefetchId = $sessionId;
  73  
  74          if (\PHP_VERSION_ID < 70317 || (70400 <= \PHP_VERSION_ID && \PHP_VERSION_ID < 70405)) {
  75              // work around https://bugs.php.net/79413
  76              foreach (debug_backtrace(\DEBUG_BACKTRACE_IGNORE_ARGS) as $frame) {
  77                  if (!isset($frame['class']) && isset($frame['function']) && \in_array($frame['function'], ['session_regenerate_id', 'session_create_id'], true)) {
  78                      return '' === $this->prefetchData;
  79                  }
  80              }
  81          }
  82  
  83          return '' !== $this->prefetchData;
  84      }
  85  
  86      /**
  87       * @return string
  88       */
  89      public function read($sessionId)
  90      {
  91          if (null !== $this->prefetchId) {
  92              $prefetchId = $this->prefetchId;
  93              $prefetchData = $this->prefetchData;
  94              $this->prefetchId = $this->prefetchData = null;
  95  
  96              if ($prefetchId === $sessionId || '' === $prefetchData) {
  97                  $this->newSessionId = '' === $prefetchData ? $sessionId : null;
  98  
  99                  return $prefetchData;
 100              }
 101          }
 102  
 103          $data = $this->doRead($sessionId);
 104          $this->newSessionId = '' === $data ? $sessionId : null;
 105          if (\PHP_VERSION_ID < 70000) {
 106              $this->prefetchData = $data;
 107          }
 108  
 109          return $data;
 110      }
 111  
 112      /**
 113       * @return bool
 114       */
 115      public function write($sessionId, $data)
 116      {
 117          if (\PHP_VERSION_ID < 70000 && $this->prefetchData) {
 118              $readData = $this->prefetchData;
 119              $this->prefetchData = null;
 120  
 121              if ($readData === $data) {
 122                  return $this->updateTimestamp($sessionId, $data);
 123              }
 124          }
 125          if (null === $this->igbinaryEmptyData) {
 126              // see https://github.com/igbinary/igbinary/issues/146
 127              $this->igbinaryEmptyData = \function_exists('igbinary_serialize') ? igbinary_serialize([]) : '';
 128          }
 129          if ('' === $data || $this->igbinaryEmptyData === $data) {
 130              return $this->destroy($sessionId);
 131          }
 132          $this->newSessionId = null;
 133  
 134          return $this->doWrite($sessionId, $data);
 135      }
 136  
 137      /**
 138       * @return bool
 139       */
 140      public function destroy($sessionId)
 141      {
 142          if (\PHP_VERSION_ID < 70000) {
 143              $this->prefetchData = null;
 144          }
 145          if (!headers_sent() && filter_var(ini_get('session.use_cookies'), \FILTER_VALIDATE_BOOLEAN)) {
 146              if (!$this->sessionName) {
 147                  throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', static::class));
 148              }
 149              $cookie = SessionUtils::popSessionCookie($this->sessionName, $sessionId);
 150  
 151              /*
 152               * We send an invalidation Set-Cookie header (zero lifetime)
 153               * when either the session was started or a cookie with
 154               * the session name was sent by the client (in which case
 155               * we know it's invalid as a valid session cookie would've
 156               * started the session).
 157               */
 158              if (null === $cookie || isset($_COOKIE[$this->sessionName])) {
 159                  if (\PHP_VERSION_ID < 70300) {
 160                      setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), \FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), \FILTER_VALIDATE_BOOLEAN));
 161                  } else {
 162                      $params = session_get_cookie_params();
 163                      unset($params['lifetime']);
 164                      setcookie($this->sessionName, '', $params);
 165                  }
 166              }
 167          }
 168  
 169          return $this->newSessionId === $sessionId || $this->doDestroy($sessionId);
 170      }
 171  }


Generated: Wed Nov 11 20:28:18 2020 Cross-referenced by PHPXref 0.7.1