[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/admin/includes/classes/ -> sessions.php (source)

   1  <?php
   2  /*

   3  $Id: sessions.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2006 osCMax

   9  

  10    Released under the GNU General Public License

  11  

  12    Original source from Web Application Development with PHP (Tobias Ratschiller, Till Gerken)

  13    Copyright 2006 osCMax2000, New Riders Publishing

  14  */
  15  
  16    $SID = '';
  17  
  18    class php3session {
  19      var $name = PHP_SESSION_NAME;
  20      var $auto_start = false;
  21      var $referer_check = false;
  22  
  23      var $save_path = PHP_SESSION_SAVE_PATH;
  24      var $save_handler = 'php3session_files';
  25  
  26      var $lifetime = 0;
  27  
  28      var $cache_limiter = 'nocache';
  29      var $cache_expire = 180;
  30  
  31      var $use_cookies = true;
  32      var $cookie_lifetime = 0;
  33      var $cookie_path = substr(DIR_WS_ADMIN, 0, -1);
  34      var $cookie_domain = '';
  35  
  36      var $gc_probability = 1;
  37      var $gc_maxlifetime = 0;
  38  
  39      var $serialize_handler = 'php';
  40      var $ID;
  41  
  42      var $nr_open_sessions = 0;
  43      var $mod_name = '';
  44      var $id;
  45      var $delimiter = "\n";
  46      var $delimiter_value = '[==]';
  47  
  48      function php3session() {
  49        $this->mod_name = $this->save_handler;
  50      }
  51    }
  52  
  53    class php3session_user {
  54      var $open_func, $close_func, $read_func, $write_func, $destroy_func, $gc_func;
  55  
  56      function open($save_path, $sess_name) {
  57        $func = $this->open_func;
  58        if (function_exists($func)) {
  59          return $func($save_path, $sess_name);
  60        }
  61  
  62        return true;
  63      }
  64  
  65      function close($save_path, $sess_name) {
  66        $func = $this->close_func;
  67        if (function_exists($func)) {
  68          return $func();
  69        }
  70  
  71        return true;
  72      }
  73  
  74      function read($sess_id) {
  75        $func = $this->read_func;
  76  
  77        return $func($sess_id);
  78      }
  79  
  80      function write($sess_id, $val) {
  81        $func = $this->write_func;
  82  
  83        return $func($sess_id, $val);
  84      }
  85  
  86      function destroy($sess_id) {
  87        $func = $this->destroy_func;
  88        if (function_exists($func)) {
  89          return $func($sess_id);
  90        }
  91  
  92        return true;
  93      }
  94  
  95      function gc($max_lifetime) {
  96        $func = $this->gc_func;
  97        if (function_exists($func)) {
  98          return $func($max_lifetime);
  99        }
 100  
 101        return true;
 102      }
 103    }
 104  
 105    class php3session_files {
 106      function open($save_path, $sess_name) {
 107        return true;
 108      }
 109  
 110      function close() {
 111        return true;
 112      }
 113  
 114      function read($sess_id) {
 115        global $session;
 116  
 117  // Open, read in, close file with session data

 118        $file = $session->save_path . '/sess_' . $sess_id;
 119        if (!file_exists($file)) {
 120  // Create it

 121          touch($file);
 122        }
 123        $fp = fopen($file, 'r') or die('Could not open session file (' . $file . ').');
 124        $val = fread($fp, filesize($file));
 125        fclose($fp);
 126  
 127        return $val;
 128      }
 129  
 130      function write($sess_id, $val) {
 131        global $session;
 132  
 133  // Open, write to, close file with session data

 134        $file = $session->save_path . '/sess_' . $sess_id;
 135        $fp = fopen($file, 'w') or die('Could not write session file (' . $file . ')');
 136        $val = fputs($fp, $val);
 137        fclose($fp);
 138  
 139        return true;
 140      }
 141  
 142      function destroy($sess_id) {
 143        global $session;
 144  
 145        $file = $session->save_path . '/sess_' . $sess_id;
 146        unlink($file);
 147  
 148        return true;
 149      }
 150  
 151      function gc($max_lifetime) {
 152  // We return true, since all cleanup should be handled by

 153  // an external entity (i.e. find -ctime x | xargs rm)

 154        return true;
 155      }
 156    }
 157  
 158    function _session_create_id() {
 159      return md5(uniqid(microtime()));
 160    }
 161  
 162    function _session_cache_limiter() {
 163      global $session;
 164  
 165      switch ($session->cache_limiter) {
 166        case 'nocache':
 167                        header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
 168                        header('Cache-Control: no-cache');
 169                        header('Pragma: no-cache');
 170                        break;
 171        case 'private':
 172                        header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
 173                        header(sprintf('Cache-Control: private, max-age=%s', $session->cache_expire * 60));
 174                        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', filemtime(basename($GLOBALS['PHP_SELF']))) . ' GMT');
 175                        break;
 176        case 'public':
 177                        $now = time();
 178                        $now += $session->cache_expire * 60;
 179                        $now = gmdate('D, d M Y H:i:s', $now) . ' GMT';
 180                        header('Expires: ' . $now);
 181                        header(sprintf('Cache-Control: public, max-age=%s', $session->cache_expire * 60));
 182                        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', filemtime(basename($GLOBALS['PHP_SELF']))) . ' GMT');
 183                        break;
 184        default:
 185                        die('Caching method ' . $session->cache_limiter . ' not implemented.');
 186      }
 187    }
 188  
 189    function _php_encode() {
 190      global $session;
 191  
 192      $ret = '';
 193  // Create a string containing the serialized variables

 194      for (reset($session->vars); list($i)=each($session->vars);) {
 195        $ret .= $session->vars[$i] . $session->delimiter_value . serialize($GLOBALS[$session->vars[$i]]) . $session->delimiter;
 196      }
 197  
 198      return $ret;
 199    }
 200  
 201    function _php_decode($data) {
 202      global $session;
 203  
 204      $data = trim($data);
 205      $vars = explode($session->delimiter, $data);
 206  
 207  // Add the variables to the global namespace

 208      for (reset($vars); list($i)=each($vars);) {
 209        $tmp = explode($session->delimiter_value, $vars[$i]);
 210        $name = trim($tmp[0]);
 211        $value = trim($tmp[1]);
 212        $GLOBALS[$name] = unserialize($value);
 213        $session->vars[] = trim($name);
 214      }
 215    }
 216  
 217    function _wddx_encode($data) {
 218      global $session;
 219  
 220      $ret = wddx_serialize_vars($session->vars);
 221  
 222      return $ret;
 223    }
 224  
 225    function _wddx_decode($data) {
 226      return wddx_deserialize($data);
 227    }
 228  
 229    function session_name($name = '') {
 230      global $session;
 231  
 232      if (empty($name)) {
 233        return $session->name;
 234      }
 235  
 236      $session->name = $name;
 237    }
 238  
 239    function session_set_save_handler($open, $close, $read, $write, $destroy, $gc) {
 240      global $session, $php3session_user;
 241  
 242      $php3session_user = new php3session_user;
 243      $php3session_user->open_func = $open;
 244      $php3session_user->close_func = $close;
 245      $php3session_user->read_func = $read;
 246      $php3session_user->write_func = $write;
 247      $php3session_user->destroy_func = $destroy;
 248      $php3session_user->gc_func = $gc;
 249      $session->mod_name = 'php3session_user';
 250    }
 251  
 252    function session_module_name($name = '') {
 253      global $session;
 254  
 255      if (empty($name)) {
 256        return $session->mod_name;
 257      }
 258  
 259      $session->mod_name = $name;
 260    }
 261  
 262    function session_save_path($path = '') {
 263      global $session;
 264  
 265      if(empty($path)) {
 266        return $session->save_path;
 267      }
 268  
 269      $session->save_path = $path;
 270    }
 271  
 272    function session_id($id = '') {
 273      global $session;
 274  
 275      if(empty($id)) {
 276        return $session->id;
 277      }
 278  
 279      $session->id = $id;
 280    }
 281  
 282    function session_register($var) {
 283      global $session;
 284  
 285      if ($session->nr_open_sessions == 0) {
 286        session_start();
 287      }
 288  
 289      $session->vars[] = trim($var);
 290    }
 291  
 292    function session_unregister($var) {
 293      global $session;
 294  
 295      for (reset($session->vars); list($i)=each($session->vars);) {
 296        if ($session->vars[$i] == trim($var)) {
 297          unset($session->vars[$i]);
 298          break;
 299        }
 300      }
 301    }
 302  
 303    function session_is_registered($var) {
 304      global $session;
 305  
 306      for (reset($session->vars); list($i)=each($session->vars);) {
 307        if ($session->vars[$i] == trim($var)) {
 308          return true;
 309        }
 310      }
 311  
 312      return false;
 313    }
 314  
 315    function session_encode() {
 316      global $session;
 317  
 318      $serializer = '_' . $session->serialize_handler . '_encode';
 319      $ret = $serializer();
 320  
 321      return $ret;
 322    }
 323  
 324    function session_decode($data) {
 325      global $session;
 326  
 327      $serializer = '_' . $session->serialize_handler . '_decode';
 328      $ret = $serializer($data);
 329  
 330      return $ret;
 331    }
 332  
 333    function session_start() {
 334      global $session, $SID, $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS;
 335  
 336  // Define the global variable $SID?

 337      $define_sid = true;
 338  
 339  // Send the session cookie?

 340      $send_cookie = true;
 341  
 342  // Is track_vars enabled?

 343      $track_vars = ( (isset($HTTP_COOKIE_VARS)) || (isset($HTTP_GET_VARS)) || (isset($HTTP_POST_VARS)) ) ? true : false;
 344  
 345  // Check if session_start() has been called once already

 346      if ($session->nr_open_sessions != 0) {
 347        return false;
 348      }
 349  
 350  // If our only resource is the global symbol_table, then check it.

 351  // If track_vars are enabled, we prefer these, because they are more

 352  // reliable, and we always know whether the user has accepted the 

 353  // cookie.

 354      if ( (isset($GLOBALS[$session->name])) && (!empty($GLOBALS[$session->name])) && (!$track_vars) ) {
 355        $session->id = $GLOBALS[$session->name];
 356        $send_cookie = false;
 357      }
 358  
 359  // Now check the track_vars. Cookies are preferred, because initially

 360  // cookie and get variables will be available. 

 361      if ( (empty($session->id)) && ($track_vars) ) {
 362        if (isset($HTTP_COOKIE_VARS[$session->name])) {
 363          $session->id = $HTTP_COOKIE_VARS[$session->name];
 364          $define_sid = false;
 365          $send_cookie = false;
 366        }
 367  
 368        if (isset($HTTP_GET_VARS[$session->name])) {
 369          $session->id = $HTTP_GET_VARS[$session->name];
 370        }
 371  
 372        if (isset($HTTP_POST_VARS[$session->name])) {
 373          $session->id = $HTTP_POST_VARS[$session->name];
 374        }
 375      }
 376  
 377  /*

 378  // Check the REQUEST_URI symbol for a string of the form

 379  // '<session-name>=<session-id>' to allow URLs of the form

 380  // http://yoursite/<session-name>=<session-id>/script.php 

 381      if (empty($session->id)) {

 382        eregi($session->name . '=([^/]+)', $GLOBALS['REQUEST_URI'], $regs);

 383        $regs[1] = trim($regs[1]);

 384        if (!empty($regs[1])) {

 385          $session->id = $regs[1];

 386        }

 387      }

 388  */
 389  
 390  // Check whether the current request was referred to by

 391  // an external site which invalidates the previously found ID

 392      if ( (!empty($session->id)) && ($session->referer_check) ) {
 393        $url = parse_url($GLOBALS['HTTP_REFERER']);
 394        if (trim($url['host']) != $GLOBALS['SERVER_NAME']) {
 395          unset($session->id);
 396          $send_cookie = true;
 397          $define_sid = true;
 398        }
 399      }
 400  
 401  // Do we have an existing session ID?

 402      if (empty($session->id)) {
 403  // Create new session ID

 404        $session->id = _session_create_id();
 405      }
 406  
 407  // Is use_cookies set to false?

 408      if ( (!$session->use_cookies) && ($send_cookie) ) {
 409        $define_sid = true;
 410        $send_cookie = false;
 411      }
 412  
 413  // Should we send a cookie?

 414      if ($send_cookie) {
 415        setcookie($session->name, $session->id, $session->cookie_lifetime, $session->cookie_path, $session->cookie_domain);
 416      }
 417  
 418  // Should we define the SID?

 419      if($define_sid) {
 420        $SID = $session->name . '=' . $session->id;
 421      }
 422  
 423      $session->nr_open_sessions++;
 424  
 425  // Send caching headers

 426  
 427  // Start session

 428      $mod = $GLOBALS[$session->mod_name];
 429      if (!$mod->open($session->save_path, $session->name)) {
 430        die('Failed to initialize session module.');
 431      }
 432  
 433  // Read session data

 434      if ($val = $mod->read($session->id)) {
 435  // Decode session data

 436        session_decode($val);
 437      }
 438  
 439  // Send HTTP cache headers

 440      _session_cache_limiter();
 441  
 442  // Check if we should clean up (call the garbage collection routines)

 443      if ($session->gc_probability > 0) {
 444        $randmax = getrandmax();
 445        $nrand = (int)(100 * tep_rand() / $randmax);
 446        if ($nrand < $session->gc_probability) {
 447          $mod->gc($session->gc_maxlifetime);
 448        }
 449      }
 450  
 451      if ($define_sid) {
 452        define('SID', $SID);
 453      } else {
 454        define('SID', '');
 455      }
 456  
 457      return true;
 458    }
 459  
 460    function session_destroy() {
 461      global $session;
 462  
 463      if ($session->nr_open_sessions == 0) {
 464        return false;
 465      }
 466  
 467  // Destroy session

 468      $mod = $GLOBALS[$session->mod_name];
 469      if (!$mod->destroy($session->id)) {
 470        return false;
 471      }
 472      unset($session);
 473      $session = new php3session;
 474  
 475      return true;
 476    }
 477  
 478    function session_close() {
 479      global $session, $SID;
 480  
 481      if ($session->nr_open_sessions == 0) {
 482        return false;
 483      }
 484  // Encode session

 485      $val = session_encode();
 486      $len = strlen($val);
 487  
 488  // Save session

 489      $mod = $GLOBALS[$session->mod_name];
 490      if (!$mod->write($session->id, $val)) {
 491        die('Session could not be saved.');
 492      }
 493  // Close session

 494      if ( (function_exists($session->mod_name . '->close')) && (!$mod->close()) ) {
 495        die('Session could not be closed.');
 496      }
 497      $SID = '';
 498      $session->nr_open_sessions--;
 499  
 500      return true;
 501    }
 502  
 503    $session = new php3session;
 504    $mod = $session->save_handler;
 505    $$mod = new $mod;
 506  
 507    if ($session->auto_start) {
 508      $ret = session_start() or die('Session could not be started.');
 509    }
 510  
 511    register_shutdown_function('session_close');
 512  ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7