[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/includes/classes/ -> sessions.php (source)

   1  <?php
   2  /*

   3  $Id: sessions.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2006 osCMax

   9  

  10    Released under the GNU General Public License

  11  

  12    Original source from Web Application Development with PHP (Tobias Ratschiller, Till Gerken)

  13    Copyright 2006 osCMax2000, New Riders Publishing

  14  */
  15  
  16    $SID = '';
  17  
  18    class php3session {
  19      var $name = PHP_SESSION_NAME;
  20      var $auto_start = false;
  21      var $referer_check = false;
  22  
  23      var $save_path = PHP_SESSION_SAVE_PATH;
  24      var $save_handler = 'php3session_files';
  25  
  26      var $lifetime = 0;
  27  
  28      var $cache_limiter = 'nocache';
  29      var $cache_expire = 180;
  30  
  31      var $use_cookies = true;
  32      var $cookie_lifetime = 0;
  33      var $cookie_path = PHP_SESSION_PATH;
  34      var $cookie_domain = PHP_SESSION_DOMAIN;
  35  
  36      var $gc_probability = 1;
  37      var $gc_maxlifetime = 0;
  38  
  39      var $serialize_handler = 'php';
  40      var $ID;
  41  
  42      var $nr_open_sessions = 0;
  43      var $mod_name = '';
  44      var $id;
  45      var $delimiter = "\n";
  46      var $delimiter_value = '[==]';
  47  
  48      var $vars;
  49  
  50      function php3session() {
  51        $this->mod_name = $this->save_handler;
  52        $this->vars = array();
  53      }
  54    }
  55  
  56    class php3session_user {
  57      var $open_func, $close_func, $read_func, $write_func, $destroy_func, $gc_func;
  58  
  59      function open($save_path, $sess_name) {
  60        $func = $this->open_func;
  61        if (function_exists($func)) {
  62          return $func($save_path, $sess_name);
  63        }
  64  
  65        return true;
  66      }
  67  
  68      function close($save_path, $sess_name) {
  69        $func = $this->close_func;
  70        if (function_exists($func)) {
  71          return $func();
  72        }
  73  
  74        return true;
  75      }
  76  
  77      function read($sess_id) {
  78        $func = $this->read_func;
  79  
  80        return $func($sess_id);
  81      }
  82  
  83      function write($sess_id, $val) {
  84        $func = $this->write_func;
  85  
  86        return $func($sess_id, $val);
  87      }
  88  
  89      function destroy($sess_id) {
  90        $func = $this->destroy_func;
  91        if (function_exists($func)) {
  92          return $func($sess_id);
  93        }
  94  
  95        return true;
  96      }
  97  
  98      function gc($max_lifetime) {
  99        $func = $this->gc_func;
 100        if (function_exists($func)) {
 101          return $func($max_lifetime);
 102        }
 103  
 104        return true;
 105      }
 106    }
 107  
 108    class php3session_files {
 109      function open($save_path, $sess_name) {
 110        return true;
 111      }
 112  
 113      function close() {
 114        return true;
 115      }
 116  
 117      function read($sess_id) {
 118        global $session;
 119  
 120  // Open, read in, close file with session data

 121        $file = $session->save_path . '/sess_' . $sess_id;
 122        if (!file_exists($file)) {
 123  // Create it

 124          touch($file);
 125        }
 126        $fp = fopen($file, 'r') or die('Could not open session file (' . $file . ').');
 127        $val = fread($fp, filesize($file));
 128        fclose($fp);
 129  
 130        return $val;
 131      }
 132  
 133      function write($sess_id, $val) {
 134        global $session;
 135  
 136  // Open, write to, close file with session data

 137        $file = $session->save_path . '/sess_' . $sess_id;
 138        $fp = fopen($file, 'w') or die('Could not write session file (' . $file . ')');
 139        $val = fputs($fp, $val);
 140        fclose($fp);
 141  
 142        return true;
 143      }
 144  
 145      function destroy($sess_id) {
 146        global $session;
 147  
 148        $file = $session->save_path . '/sess_' . $sess_id;
 149        unlink($file);
 150  
 151        return true;
 152      }
 153  
 154      function gc($max_lifetime) {
 155  // We return true, since all cleanup should be handled by

 156  // an external entity (i.e. find -ctime x | xargs rm)

 157        return true;
 158      }
 159    }
 160  
 161    function _session_create_id() {
 162      return md5(uniqid(microtime()));
 163    }
 164  
 165    function _session_cache_limiter() {
 166      global $session;
 167  
 168      switch ($session->cache_limiter) {
 169        case 'nocache':
 170                        header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
 171                        header('Cache-Control: no-cache');
 172                        header('Pragma: no-cache');
 173                        break;
 174        case 'private':
 175                        header('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
 176                        header(sprintf('Cache-Control: private, max-age=%s', $session->cache_expire * 60));
 177                        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', filemtime(basename($GLOBALS['PHP_SELF']))) . ' GMT');
 178                        break;
 179        case 'public':
 180                        $now = time();
 181                        $now += $session->cache_expire * 60;
 182                        $now = gmdate('D, d M Y H:i:s', $now) . ' GMT';
 183                        header('Expires: ' . $now);
 184                        header(sprintf('Cache-Control: public, max-age=%s', $session->cache_expire * 60));
 185                        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', filemtime(basename($GLOBALS['PHP_SELF']))) . ' GMT');
 186                        break;
 187        default:
 188                        die('Caching method ' . $session->cache_limiter . ' not implemented.');
 189      }
 190    }
 191  
 192    function _php_encode() {
 193      global $session;
 194  
 195      $ret = '';
 196  // Create a string containing the serialized variables

 197      for (reset($session->vars); list($i)=each($session->vars);) {
 198        $ret .= $session->vars[$i] . $session->delimiter_value . serialize($GLOBALS[$session->vars[$i]]) . $session->delimiter;
 199      }
 200  
 201      return $ret;
 202    }
 203  
 204    function _php_decode($data) {
 205      global $session;
 206  
 207      $data = trim($data);
 208      $vars = explode($session->delimiter, $data);
 209  
 210  // Add the variables to the global namespace

 211      for (reset($vars); list($i)=each($vars);) {
 212        $tmp = explode($session->delimiter_value, $vars[$i]);
 213        $name = trim($tmp[0]);
 214        $value = trim($tmp[1]);
 215        $GLOBALS[$name] = unserialize($value);
 216        $session->vars[] = trim($name);
 217      }
 218    }
 219  
 220    function _wddx_encode($data) {
 221      global $session;
 222  
 223      $ret = wddx_serialize_vars($session->vars);
 224  
 225      return $ret;
 226    }
 227  
 228    function _wddx_decode($data) {
 229      return wddx_deserialize($data);
 230    }
 231  
 232    function session_name($name = '') {
 233      global $session;
 234  
 235      if (empty($name)) {
 236        return $session->name;
 237      }
 238  
 239      $session->name = $name;
 240    }
 241  
 242    function session_set_save_handler($open, $close, $read, $write, $destroy, $gc) {
 243      global $session, $php3session_user;
 244  
 245      $php3session_user = new php3session_user;
 246      $php3session_user->open_func = $open;
 247      $php3session_user->close_func = $close;
 248      $php3session_user->read_func = $read;
 249      $php3session_user->write_func = $write;
 250      $php3session_user->destroy_func = $destroy;
 251      $php3session_user->gc_func = $gc;
 252      $session->mod_name = 'php3session_user';
 253    }
 254  
 255    function session_module_name($name = '') {
 256      global $session;
 257  
 258      if (empty($name)) {
 259        return $session->mod_name;
 260      }
 261  
 262      $session->mod_name = $name;
 263    }
 264  
 265    function session_save_path($path = '') {
 266      global $session;
 267  
 268      if(empty($path)) {
 269        return $session->save_path;
 270      }
 271  
 272      $session->save_path = $path;
 273    }
 274  
 275    function session_id($id = '') {
 276      global $session;
 277  
 278      if(empty($id)) {
 279        return $session->id;
 280      }
 281  
 282      $session->id = $id;
 283    }
 284  
 285    function session_register($var) {
 286      global $session;
 287  
 288      if ($session->nr_open_sessions == 0) {
 289        session_start();
 290      }
 291  
 292      $session->vars[] = trim($var);
 293    }
 294  
 295    function session_unregister($var) {
 296      global $session;
 297  
 298      for (reset($session->vars); list($i)=each($session->vars);) {
 299        if ($session->vars[$i] == trim($var)) {
 300          unset($session->vars[$i]);
 301          break;
 302        }
 303      }
 304    }
 305  
 306    function session_is_registered($var) {
 307      global $session;
 308  
 309      for (reset($session->vars); list($i)=each($session->vars);) {
 310        if ($session->vars[$i] == trim($var)) {
 311          return true;
 312        }
 313      }
 314  
 315      return false;
 316    }
 317  
 318    function session_encode() {
 319      global $session;
 320  
 321      $serializer = '_' . $session->serialize_handler . '_encode';
 322      $ret = $serializer();
 323  
 324      return $ret;
 325    }
 326  
 327    function session_decode($data) {
 328      global $session;
 329  
 330      $serializer = '_' . $session->serialize_handler . '_decode';
 331      $ret = $serializer($data);
 332  
 333      return $ret;
 334    }
 335  
 336    function session_start() {
 337      global $session, $SID, $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS;
 338  
 339  // Define the global variable $SID?

 340      $define_sid = true;
 341  
 342  // Send the session cookie?

 343      $send_cookie = true;
 344  
 345  // Is track_vars enabled?

 346      $track_vars = ( (isset($HTTP_COOKIE_VARS)) || (isset($HTTP_GET_VARS)) || (isset($HTTP_POST_VARS)) ) ? true : false;
 347  
 348  // Check if session_start() has been called once already

 349      if ($session->nr_open_sessions != 0) {
 350        return false;
 351      }
 352  
 353  // If our only resource is the global symbol_table, then check it.

 354  // If track_vars are enabled, we prefer these, because they are more

 355  // reliable, and we always know whether the user has accepted the 

 356  // cookie.

 357      if ( (isset($GLOBALS[$session->name])) && (!empty($GLOBALS[$session->name])) && (!$track_vars) ) {
 358        $session->id = $GLOBALS[$session->name];
 359        $send_cookie = false;
 360      }
 361  
 362  // Now check the track_vars. Cookies are preferred, because initially

 363  // cookie and get variables will be available. 

 364      if ( (empty($session->id)) && ($track_vars) ) {
 365        if (isset($HTTP_COOKIE_VARS[$session->name])) {
 366          $session->id = $HTTP_COOKIE_VARS[$session->name];
 367          $define_sid = false;
 368          $send_cookie = false;
 369        }
 370  
 371        if (isset($HTTP_GET_VARS[$session->name])) {
 372          $session->id = $HTTP_GET_VARS[$session->name];
 373        }
 374  
 375        if (isset($HTTP_POST_VARS[$session->name])) {
 376          $session->id = $HTTP_POST_VARS[$session->name];
 377        }
 378      }
 379  
 380  if (!empty($session->id)) {
 381    if (preg_match('/^[a-zA-Z0-9]+$/', $session->id) == false) {
 382      unset($session->id);
 383    }
 384  }
 385  /*

 386  // Check the REQUEST_URI symbol for a string of the form

 387  // '<session-name>=<session-id>' to allow URLs of the form

 388  // http://yoursite/<session-name>=<session-id>/script.php 

 389      if (empty($session->id)) {

 390        eregi($session->name . '=([^/]+)', $GLOBALS['REQUEST_URI'], $regs);

 391        $regs[1] = trim($regs[1]);

 392        if (!empty($regs[1])) {

 393          $session->id = $regs[1];

 394        }

 395      }

 396  */
 397  
 398  // Check whether the current request was referred to by

 399  // an external site which invalidates the previously found ID

 400      if ( (!empty($session->id)) && ($session->referer_check) ) {
 401        $url = parse_url($GLOBALS['HTTP_REFERER']);
 402        if (trim($url['host']) != $GLOBALS['SERVER_NAME']) {
 403          unset($session->id);
 404          $send_cookie = true;
 405          $define_sid = true;
 406        }
 407      }
 408  
 409  // Do we have an existing session ID?

 410      if (empty($session->id)) {
 411  // Create new session ID

 412        $session->id = _session_create_id();
 413      }
 414  
 415  // Is use_cookies set to false?

 416      if ( (!$session->use_cookies) && ($send_cookie) ) {
 417        $define_sid = true;
 418        $send_cookie = false;
 419      }
 420  
 421  // Should we send a cookie?

 422      if ($send_cookie) {
 423        setcookie($session->name, $session->id, $session->cookie_lifetime, $session->cookie_path, $session->cookie_domain);
 424      }
 425  
 426  // Should we define the SID?

 427      if($define_sid) {
 428        $SID = $session->name . '=' . $session->id;
 429      }
 430  
 431      $session->nr_open_sessions++;
 432  
 433  // Send caching headers

 434  
 435  // Start session

 436      $mod = $GLOBALS[$session->mod_name];
 437      if (!$mod->open($session->save_path, $session->name)) {
 438        die('Failed to initialize session module.');
 439      }
 440  
 441  // Read session data

 442      if ($val = $mod->read($session->id)) {
 443  // Decode session data

 444        session_decode($val);
 445      }
 446  
 447  // Send HTTP cache headers

 448      _session_cache_limiter();
 449  
 450  // Check if we should clean up (call the garbage collection routines)

 451      if ($session->gc_probability > 0) {
 452        $randmax = getrandmax();
 453        $nrand = (int)(100 * tep_rand() / $randmax);
 454        if ($nrand < $session->gc_probability) {
 455          $mod->gc($session->gc_maxlifetime);
 456        }
 457      }
 458  
 459      if ($define_sid) {
 460        define('SID', $SID);
 461      } else {
 462        define('SID', '');
 463      }
 464  
 465      return true;
 466    }
 467  
 468    function session_destroy() {
 469      global $session;
 470  
 471      if ($session->nr_open_sessions == 0) {
 472        return false;
 473      }
 474  
 475  // Destroy session

 476      $mod = $GLOBALS[$session->mod_name];
 477      if (!$mod->destroy($session->id)) {
 478        return false;
 479      }
 480      unset($session);
 481      $session = new php3session;
 482  
 483      return true;
 484    }
 485  
 486    function session_close() {
 487      global $session, $SID;
 488  
 489      if ($session->nr_open_sessions == 0) {
 490        return false;
 491      }
 492  // Encode session

 493      $val = session_encode();
 494      $len = strlen($val);
 495  
 496  // Save session

 497      $mod = $GLOBALS[$session->mod_name];
 498      if (!$mod->write($session->id, $val)) {
 499        die('Session could not be saved.');
 500      }
 501  // Close session

 502      if ( (function_exists($session->mod_name . '->close')) && (!$mod->close()) ) {
 503        die('Session could not be closed.');
 504      }
 505      $SID = '';
 506      $session->nr_open_sessions--;
 507  
 508      return true;
 509    }
 510  
 511    $session = new php3session;
 512    $mod = $session->save_handler;
 513    $$mod = new $mod;
 514  
 515    if ($session->auto_start) {
 516      $ret = session_start() or die('Session could not be started.');
 517    }
 518  
 519    register_shutdown_function('session_close');
 520  ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7