/**
* Ethna_Sessionクラスのコンストラクタ
*
* @access public
* @param string $appid アプリケーションID(セッション名として使用)
* @param string $save_dir セッションデータを保存するディレクトリ
*/
public function __construct($ctl, $appid)
{
$this->ctl = $ctl;
$this->logger = $this->ctl->getLogger();
$config = $this->ctl->getConfig()->get('session');
if ($config) {
$this->config = array_merge($this->config, $config);
}
$this->session_save_dir = $this->config['path'];
if (($dir = $this->ctl->getDirectory($this->config['path'])) !== null) {
$this->session_save_dir = $dir;
}
$this->session_name = $appid . $this->config['suffix'];
// set session handler
ini_set('session.save_handler', $this->config['handler']);
session_save_path($this->session_save_dir);
session_name($this->session_name);
session_cache_limiter($this->config['cache_limiter']);
session_cache_expire($this->config['cache_expire']);
$this->session_start = false;
if (isset($_SERVER['REQUEST_METHOD']) == false) {
return;
}
if (strcasecmp($_SERVER['REQUEST_METHOD'], 'post') == 0) {
$http_vars = $_POST;
} else {
$http_vars = $_GET;
}
if (array_key_exists($this->session_name, $http_vars) && $http_vars[$this->session_name] != null) {
$_COOKIE[$this->session_name] = $http_vars[$this->session_name];
}
}
/**
* Conigure and start session
*
* @param string $sessionName
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function start($sessionName = null)
{
if (isset($_SESSION)) {
return $this;
}
switch ($this->getSessionSaveMethod()) {
case 'db':
ini_set('session.save_handler', 'user');
$sessionResource = Mage::getResourceSingleton('core/session');
/* @var $sessionResource Mage_Core_Model_Mysql4_Session */
$sessionResource->setSaveHandler();
break;
case 'memcache':
ini_set('session.save_handler', 'memcache');
session_save_path($this->getSessionSavePath());
break;
case 'eaccelerator':
ini_set('session.save_handler', 'eaccelerator');
break;
default:
session_module_name('files');
if (is_writable(Mage::getBaseDir('session'))) {
session_save_path($this->getSessionSavePath());
}
break;
}
if (Mage::app()->getStore()->isAdmin()) {
$adminSessionLifetime = (int) Mage::getStoreConfig('admin/security/session_cookie_lifetime');
if ($adminSessionLifetime > 60) {
$this->getCookie()->setLifetime($adminSessionLifetime);
}
}
// session cookie params
$cookieParams = array('lifetime' => $this->getCookie()->getLifetime(), 'path' => $this->getCookie()->getPath(), 'domain' => $this->getCookie()->getConfigDomain(), 'secure' => $this->getCookie()->isSecure(), 'httponly' => $this->getCookie()->getHttponly());
if (!$cookieParams['httponly']) {
unset($cookieParams['httponly']);
if (!$cookieParams['secure']) {
unset($cookieParams['secure']);
if (!$cookieParams['domain']) {
unset($cookieParams['domain']);
}
}
}
if (isset($cookieParams['domain'])) {
$cookieParams['domain'] = $this->getCookie()->getDomain();
}
call_user_func_array('session_set_cookie_params', $cookieParams);
if (!empty($sessionName)) {
$this->setSessionName($sessionName);
}
// potential custom logic for session id (ex. switching between hosts)
$this->setSessionId();
Varien_Profiler::start(__METHOD__ . '/start');
if ($sessionCacheLimiter = Mage::getConfig()->getNode('global/session_cache_limiter')) {
session_cache_limiter((string) $sessionCacheLimiter);
}
session_start();
Varien_Profiler::stop(__METHOD__ . '/start');
return $this;
}
/**
* start($path = '', $name = '')
*
* セッションを開始する
* もし、すでにセッションが存在している場合は
* そのセッションIDを用いてセッションをスタートする
* セッションが存在しない場合は新規にセッションを生成し、スタートする
*
* @access public
*
* @param string $path セッションファイル保存ディレクトリ
* @param string $name セッション名
*
* @return boolean セッション開始結果(true:正常終了/false:異常終了)
*/
public function start($path = '', $name = '')
{
// セッション保存ディレクトリが指定されていたらその値を採用
if (!empty($path)) {
$this->sesspath = $path;
}
// セッション名が指定されていたらその値を採用
if (!empty($name)) {
$this->sessname = $name;
}
// セッション保存ディレクトリをセット
if (!empty($this->sesspath) and is_writable($this->sesspath)) {
session_save_path($this->sesspath);
// 指定されていないか書き込めないならfalseを返す
} else {
return false;
}
// セッション名の指定
session_name($this->sessname);
// セッションが存在しない場合の処理
if (empty($_COOKIE[$this->sessname])) {
// 生成したセッションIDを付与する
$base = $this->genRand();
session_id($base);
}
// end of if
// セッションタイムアウトの秒数をコンフィグから取得しセット
$conf = new Conf();
$conf->parse(RISOLUTO_CONF . 'risoluto.ini');
session_set_cookie_params($conf->getIni('SESSION', 'timeout'));
// セッションの開始
return session_start();
}
public function destroy($session_id)
{
$file = session_save_path() . '/sess_' . $session_id;
if (is_file($file)) {
unset($file);
}
}
protected function __construct()
{
/* Call the parent constructor in case it should become
* necessary in the future.
*/
parent::__construct();
/* Initialize the php session handling.
*
* If session_id() returns a blank string, then we need
* to call session start. Otherwise the session is already
* started, and we should avoid calling session_start().
*/
if (session_id() === '') {
$config = SimpleSAML_Configuration::getInstance();
$cookiepath = $config->getBoolean('session.phpsession.limitedpath', FALSE) ? '/' . $config->getBaseURL() : '/';
session_set_cookie_params(0, $cookiepath, NULL, SimpleSAML_Utilities::isHTTPS());
$cookiename = $config->getString('session.phpsession.cookiename', NULL);
if (!empty($cookiename)) {
session_name($cookiename);
}
$savepath = $config->getString('session.phpsession.savepath', NULL);
if (!empty($savepath)) {
session_save_path($savepath);
}
if (!array_key_exists(session_name(), $_COOKIE)) {
/* Session cookie unset - session id not set. Generate new (secure) session id. */
session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)));
}
session_start();
}
}
protected function execute(InputInterface $input, OutputInterface $output)
{
if ($input->getOption('list')) {
$sessions = scandir(session_save_path());
foreach ($sessions as $session) {
$filename = session_save_path() . '/' . $session;
if (is_file($filename)) {
$id = substr($session, 5);
$output->writeln($id);
}
}
}
if ($input->getOption('destroy')) {
$arg = $input->getOption('destroy');
$filename = session_save_path() . '/sess_' . $arg;
if (is_file($filename)) {
$output->writeln(_('Destroying session'));
unlink($filename);
}
}
if ($input->getOption('killall')) {
$sessions = scandir(session_save_path());
foreach ($sessions as $session) {
$filename = session_save_path() . '/' . $session;
if (is_file($filename)) {
$output->writeln(_('Destroying ') . $session);
unlink($filename);
}
}
}
}
function session_start_session()
{
global $cfg;
session_save_path($cfg['SESSION_SAVE_PATH']);
session_name("UAPORTAL");
session_start();
}
function doTest()
{
$handler = ini_get("session.save_handler");
if ($handler != "files") {
$this->testedParams["Session Save Path"] = "Handler is not file based";
return TRUE;
}
$tmpDir = session_save_path();
$this->testedParams["Session Save Path"] = $tmpDir;
if ($tmpDir != "") {
$this->testedParams["Session Save Path Writeable"] = @is_writable($tmpDir);
if (!$this->testedParams["Session Save Path Writeable"]) {
$this->failedLevel = "error";
$this->failedInfo = "The temporary folder used by PHP to save the session data is either incorrect or not writeable! Please check : " . session_save_path();
$this->failedInfo .= "<p class='suggestion'><b>Suggestion</b> : create your own temporary folder for sessions and set the session.save_path parameter in the conf/bootstrap_conf.php</p>";
return FALSE;
}
} else {
$this->failedLevel = "warning";
$this->failedInfo = "Warning, it seems that your temporary folder used to save session data is not set. If you are encountering troubles with logging and sessions, please check session.save_path in your php.ini. Otherwise you can ignore this.";
return FALSE;
}
$this->failedLevel = "info";
return FALSE;
}
public function __construct($output = true)
{
ini_set('date.timezone', 'GMT');
$this->initClasses();
session_save_path($this->config->get('core.session'));
session_start();
$this->loadUser();
if ($output) {
$in_redirect_endpoint = false;
$redirect_endpoints = ['preregister', 'banned', 'account/terms', 'account/settings', 'account/login', 'account/logout'];
foreach ($redirect_endpoints as $endpoint) {
if (strpos($_SERVER['REQUEST_URI'], $endpoint) !== false) {
$in_redirect_endpoint = true;
}
}
$this->logger->log($_SERVER['REQUEST_URI'], 'DEBUG');
if ($this->config->get('mode') == 'preregistration' && !$in_redirect_endpoint) {
$this->output->redirect('/preregister');
}
if ($this->user->isLoggedIn() && $this->user->isRank('Banned') && !$in_redirect_endpoint) {
$this->output->redirect('/banned');
} elseif ($this->user->isLoggedIn() and $this->user->tos_agree == 0 && !$in_redirect_endpoint) {
$this->output->redirect('/account/terms');
} elseif ($this->user->isLoggedIn() && empty($this->user->trade_url) && !$in_redirect_endpoint) {
$this->output->redirect('/account/settings');
}
$this->router->resolve();
}
}
/**
* set session ID
*
* @param $sessionid
*
* @return mixed
*/
public static function SetID($sessionid)
{
$file = session_save_path() . "/sess_" . $sessionid;
if (file_exists($file)) {
session_id($sessionid);
}
}
private function initializeCAS()
{
$casClient = new \CAS_Client(CAS_VERSION_2_0, true, Config::get('cas.hostname'), Config::get('cas.port'), Config::get('cas.context'));
$casClient->setNoCasServerValidation();
if (true === Config::get('pgtservice.enabled', false)) {
$casClient->setCallbackURL(Config::get('pgtservice.callback'));
$casClient->setPGTStorage(new ProxyTicketServiceStorage($casClient));
} else {
if (false !== Config::get('redis.hostname', false)) {
$casClient->setCallbackURL($this->url->getURL() . '/callback.php');
$redis = new \Redis();
$redis->connect(Config::get('redis.hostname'), Config::get('redis.port', 6379), 2, null, 100);
$redis->setOption(\Redis::OPT_SERIALIZER, \Redis::SERIALIZER_PHP);
$redis->setOption(\Redis::OPT_PREFIX, Config::get('application.project_name') . ':PHPCAS_TICKET_STORAGE:');
$redis->select((int) Config::get('redis.hostname', 2));
$casClient->setPGTStorage(new RedisTicketStorage($casClient, $redis));
} else {
$casClient->setCallbackURL($this->url->getURL() . '/callback.php');
$casClient->setPGTStorageFile(session_save_path());
// Handle logout requests but do not validate the server
$casClient->handleLogoutRequests(false);
}
}
// Accept all proxy chains
$casClient->getAllowedProxyChains()->allowProxyChain(new \CAS_ProxyChain_Any());
return $casClient;
}
/**
* Check if user is authorized
*
* @return boolean true if access granted, false if no access
*/
function auth()
{
$cwd = getcwd();
chdir(dirname(dirname(dirname(dirname(dirname(__DIR__))))));
if (!defined('EP3_BS_DEV')) {
define('EP3_BS_DEV', false);
}
$config = (require 'config/autoload/global.php');
$sessionName = $config['session_config']['name'];
$sessionPath = $config['session_config']['save_path'];
if (isset($_COOKIE[$sessionName])) {
require 'vendor/zendframework/zendframework/library/Zend/Stdlib/Exception/ExceptionInterface.php';
require 'vendor/zendframework/zendframework/library/Zend/Stdlib/Exception/InvalidArgumentException.php';
require 'vendor/zendframework/zendframework/library/Zend/Stdlib/ArrayObject.php';
session_name($sessionName);
session_save_path($sessionPath);
session_start();
chdir($cwd);
if (isset($_SESSION['UserSession'])) {
$userSession = $_SESSION['UserSession'];
if ($userSession && $userSession instanceof Zend\Stdlib\ArrayObject) {
if ($userSession->uid && is_numeric($userSession->uid) && $userSession->uid > 0) {
if ($userSession->status && ($userSession->status == 'assist' || $userSession->status == 'admin')) {
return true;
}
}
}
}
}
return false;
}
public function __construct($Ethna_Backend)
{
$appid = $Ethna_Backend->getAppId();
session_save_path($Ethna_Backend->getTmpdir());
session_name($appid . 'SESSID');
return parent::__construct(array('session_name' => $appid . 'SESSID'));
}
public static function setup()
{
$session_conf = (array) \Gini\Config::get('system.session');
$cookie_params = (array) $session_conf['cookie'];
$session_name = $session_conf['name'] ?: 'gini-session';
$host_hash = sha1($cookie_params['domain'] ?: $_SERVER['HTTP_HOST']);
ini_set('session.name', $session_name . '_' . $host_hash);
if ($session_conf['save_handler']) {
self::$_handlerName = $session_conf['save_handler'];
// save_handler = internal/files
if (0 == strncmp(self::$_handlerName, 'internal/', 9)) {
ini_set('session.save_handler', substr(self::$_handlerName, 9));
} else {
// save_handler = Database
$class = '\\Gini\\Session\\' . self::$_handlerName;
if (class_exists($class)) {
self::$_handler = \Gini\IoC::construct($class);
session_set_save_handler(self::$_handler, false);
}
}
}
if ($session_conf['save_path']) {
session_save_path($session_conf['save_path']);
}
if ($session_conf['gc_maxlifetime']) {
ini_set('session.gc_maxlifetime', $session_conf['gc_maxlifetime']);
}
if (isset($_POST['gini-session'])) {
session_id($_POST['gini-session']);
} elseif (isset($_SERVER['HTTP_X_GINI_SESSION'])) {
session_id($_SERVER['HTTP_X_GINI_SESSION']);
}
session_set_cookie_params($cookie_params['lifetime'], $cookie_params['path'], $cookie_params['domain']);
self::open();
}
function createCustomer()
{
session_save_path('/tmp');
ini_set('session.gc_probability', 1);
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['categories'] = $_POST['categories'];
$_SESSION['sizes'] = $_POST['sizes'];
$_SESSION['colors'] = $_POST['colors'];
$_SESSION['gender'] = $_POST['gender'];
/*
* Parameters
*/
$email = $_REQUEST['email'];
$password_hash = $this->createPasswordHash($_REQUEST['password']);
/*
* Mongo model
*/
$model = new Application_Models_MongoDB();
$model->createNewCustomer($email, $password_hash);
/*
* Grab newly created customer and return customer object
* Auto login customer
*/
$customer_object = $model->getCustomerByEmail($email);
$_SESSION['user'] = $customer_object;
return $customer_object;
}
/**
* Constructor. Starts PHP session handling in our own private store
*
* Side-effect: might set a cookie, so must be called before any other output.
*/
public function __construct()
{
$this->typo3tempPath = PATH_site . 'typo3temp/';
// Start our PHP session early so that hasSession() works
$sessionSavePath = $this->getSessionSavePath();
// Register our "save" session handler
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
session_save_path($sessionSavePath);
session_name($this->cookieName);
ini_set('session.cookie_path', GeneralUtility::getIndpEnv('TYPO3_SITE_PATH'));
// Always call the garbage collector to clean up stale session files
ini_set('session.gc_probability', 100);
ini_set('session.gc_divisor', 100);
ini_set('session.gc_maxlifetime', $this->expireTimeInMinutes * 2 * 60);
if (\TYPO3\CMS\Core\Utility\PhpOptionsUtility::isSessionAutoStartEnabled()) {
$sessionCreationError = 'Error: session.auto-start is enabled.<br />';
$sessionCreationError .= 'The PHP option session.auto-start is enabled. Disable this option in php.ini or .htaccess:<br />';
$sessionCreationError .= '<pre>php_value session.auto_start Off</pre>';
throw new \TYPO3\CMS\Install\Exception($sessionCreationError, 1294587485);
} elseif (defined('SID')) {
$sessionCreationError = 'Session already started by session_start().<br />';
$sessionCreationError .= 'Make sure no installed extension is starting a session in its ext_localconf.php or ext_tables.php.';
throw new \TYPO3\CMS\Install\Exception($sessionCreationError, 1294587486);
}
session_start();
}
/**
* Offer a session handler for the current session
*/
function handleSession()
{
session_save_path(site()->config()->session_path);
ini_set('session.gc_probability', 1);
$sessionHandler = new \Symfony\Component\HttpFoundation\Session\Storage\Handler\MongoDbSessionHandler(\Idno\Core\site()->db()->getClient(), ['database' => 'idnosession', 'collection' => 'idnosession']);
session_set_save_handler($sessionHandler, true);
}
/**
* Initialize instance
*
* @param Charcoal_Config $config configuration data
*/
public function configure($config)
{
parent::configure($config);
$session_name = $config->getString('session_name', '');
$save_path = $config->getString('save_path', '', TRUE);
$lifetime = $config->getInteger('lifetime', 0);
$valid_path = $config->getString('valid_path', '');
$valid_domain = $config->getString('valid_domain', '');
$ssl_only = $config->getBoolean('ssl_only', FALSE);
$save_path = us($save_path);
$lifetime = ui($lifetime);
$ssl_only = ub($ssl_only);
$session_name = us($session_name);
// デフォルトのセッション保存先
if (!$save_path || !is_dir($save_path)) {
$save_path = Charcoal_ResourceLocator::getApplicationPath('sessions');
}
// セッション初期化処理
// session_set_cookie_params( $lifetime, "$valid_path", "$valid_domain", $ssl_only );
session_save_path($save_path);
// $session_name = session_name( $session_name ? $session_name : APPLICATION );
session_name("PHPSESSID");
//session_regenerate_id( TRUE );
if ($this->getSandbox()->isDebug()) {
log_debug("session", "session_name:{$session_name}", self::TAG);
log_debug("session", "save_path:{$save_path}", self::TAG);
log_debug("session", "lifetime:{$lifetime}", self::TAG);
log_debug("session", "valid_path:{$valid_path}", self::TAG);
log_debug("session", "valid_domain:{$valid_domain}", self::TAG);
log_debug("session", "ssl_only:{$ssl_only}", self::TAG);
}
// メンバーに保存
$this->save_path = $save_path;
}
/**
* Initialize session.
* @param boolean $keepopen keep session open? The default is
* to close the session after $_SESSION has been populated.
* @uses $_SESSION
*/
function session_init($keepopen = false)
{
$settings = new phpVBoxConfigClass();
// Sessions provided by auth module?
if (@$settings->auth->capabilities['sessionStart']) {
call_user_func(array($settings->auth, $settings->auth->capabilities['sessionStart']), $keepopen);
return;
}
// No session support? No login...
if (@$settings->noAuth || !function_exists('session_start')) {
global $_SESSION;
$_SESSION['valid'] = true;
$_SESSION['authCheckHeartbeat'] = time();
$_SESSION['admin'] = true;
return;
}
// start session
session_start();
// Session is auto-started by PHP?
if (!ini_get('session.auto_start')) {
ini_set('session.use_trans_sid', 0);
ini_set('session.use_only_cookies', 1);
// Session path
if (isset($settings->sessionSavePath)) {
session_save_path($settings->sessionSavePath);
}
session_name(isset($settings->session_name) ? $settings->session_name : md5('phpvbx' . $_SERVER['DOCUMENT_ROOT'] . $_SERVER['HTTP_USER_AGENT']));
session_start();
}
if (!$keepopen) {
session_write_close();
}
}
function PbSessions($save_path = '')
{
global $_PB_CACHE;
$iniSet = function_exists('ini_set');
$this->save_path = $save_path;
if (empty($_SESSION)) {
if ($iniSet && !empty($_PB_CACHE['setting']['session_savepath'])) {
if (isset($_SERVER['HTTPS'])) {
ini_set('session.cookie_secure', 1);
}
//Todo:
//ini_set('session.use_cookies', 1);
//ini_set('session.cookie_lifetime', $this->lifetime);
if (!empty($this->save_path)) {
ini_set('session.save_path', $this->save_path);
} elseif (defined("DATA_PATH")) {
session_save_path(DATA_PATH . "tmp" . DS);
}
}
}
if (headers_sent()) {
if (empty($_SESSION)) {
$_SESSION = array();
}
return false;
} elseif (!isset($_SESSION)) {
session_cache_limiter("must-revalidate");
session_start();
header('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
return true;
} else {
session_start();
return true;
}
}
/**
* Constructor of SessionContext, init session and set session file path
*
* @return void
**/
function __construct()
{
if (defined('SESSION_PATH')) {
session_save_path(SESSION_PATH);
}
if (is_writable(session_save_path())) {
if (!defined('CLI') || CLI == 0) {
session_start();
}
} else {
// we cannot write in the session save path; aborting
die("Unable to write in the session save path [" . session_save_path() . "]");
}
// retrieve objects data
if (defined('SESSION_PATH')) {
$this->_sessObjFileName = SESSION_PATH . "/" . session_id() . "_obj";
}
// record access time
$curTime = time();
if (isset($_SESSION["LastAccessTime"])) {
$this->_lastAccessTime = $_SESSION["LastAccessTime"];
} else {
$this->_lastAccessTime = $curTime;
}
$_SESSION["LastAccessTime"] = $curTime;
// see if timeout
$this->_timeOut = false;
if (TIMEOUT > 0 && $curTime - $this->_lastAccessTime > TIMEOUT) {
$this->_timeOut = true;
}
}
function setupSession($session, $savepath = 'storage/sessions')
{
ini_set('session.save_handler', 'files');
session_set_save_handler($session, true);
session_save_path(config('base_path') . $savepath);
ini_set('session.gc_probability', 1);
}
function run($config)
{
try {
//session设置,控制访问
if (isset($config['session']) && !empty($config['session'])) {
if (is_string($config['session'])) {
session_save_path(__DIR__ . '/' . $config['session']);
}
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['admin'])) {
throw new Exception('你没有文件管理权限.');
}
}
if (!file_exists('YesFinder.class.php')) {
throw new Exception('主文件YesFinder.class.php丢失了.');
}
require 'YesFinder.class.php';
$app = new YesFinder($config);
if (!method_exists($app, $this->action)) {
throw new Exception("请求无效," . $this->action . " 不存在");
}
$data = call_user_func_array(array($app, $this->action), $this->params);
} catch (Exception $e) {
$data['error'] = $e->getMessage();
}
$this->output($data);
}
/**
* @covers think\Session::init
*
* @todo Implement testInit().
*/
public function testInit()
{
\think\Session::prefix(null);
$config = ['prefix' => 'think_', 'expire' => 60, 'path' => '/path/to/test/session/', 'domain' => '.thinkphp.cn', 'var_session_id' => 'sessionidtest', 'id' => 'sess_8fhgkjuakhatbeg2fa14lo84q1', 'name' => 'session_name', 'use_trans_sid' => '1', 'use_cookies' => '1', 'cache_limiter' => '60', 'cache_expire' => '60', 'type' => '', 'namespace' => '\\think\\session\\driver\\', 'auto_start' => '1'];
$_REQUEST[$config['var_session_id']] = $config['id'];
\think\Session::init($config);
// 开始断言
$this->assertEquals($config['prefix'], \think\Session::prefix());
$this->assertEquals($config['id'], $_REQUEST[$config['var_session_id']]);
$this->assertEquals($config['name'], session_name());
$this->assertEquals($config['path'], session_save_path());
$this->assertEquals($config['use_cookies'], ini_get('session.use_cookies'));
$this->assertEquals($config['domain'], ini_get('session.cookie_domain'));
$this->assertEquals($config['expire'], ini_get('session.gc_maxlifetime'));
$this->assertEquals($config['expire'], ini_get('session.cookie_lifetime'));
$this->assertEquals($config['cache_limiter'], session_cache_limiter($config['cache_limiter']));
$this->assertEquals($config['cache_expire'], session_cache_expire($config['cache_expire']));
// 检测分支
$_REQUEST[$config['var_session_id']] = null;
session_write_close();
session_destroy();
\think\Session::init($config);
// 测试auto_start
// PHP_SESSION_DISABLED
// PHP_SESSION_NONE
// PHP_SESSION_ACTIVE
// session_status()
$this->assertEquals(0, ini_get('session.auto_start'));
$this->assertEquals($config['use_trans_sid'], ini_get('session.use_trans_sid'));
\think\Session::init($config);
$this->assertEquals($config['id'], session_id());
}
protected function __construct()
{
/* Call the parent constructor in case it should become
* necessary in the future.
*/
parent::__construct();
/* Initialize the php session handling.
*
* If session_id() returns a blank string, then we need
* to call session start. Otherwise the session is already
* started, and we should avoid calling session_start().
*/
if (session_id() === '') {
$config = SimpleSAML_Configuration::getInstance();
$params = $this->getCookieParams();
$version = explode('.', PHP_VERSION);
if ((int) $version[0] === 5 && (int) $version[1] < 2) {
session_set_cookie_params($params['lifetime'], $params['path'], $params['domain'], $params['secure']);
} else {
session_set_cookie_params($params['lifetime'], $params['path'], $params['domain'], $params['secure'], $params['httponly']);
}
$this->cookie_name = $config->getString('session.phpsession.cookiename', NULL);
if (!empty($this->cookie_name)) {
session_name($this->cookie_name);
} else {
$this->cookie_name = session_name();
}
$savepath = $config->getString('session.phpsession.savepath', NULL);
if (!empty($savepath)) {
session_save_path($savepath);
}
}
}
public function __construct($config = null)
{
if (!isset($config['savePath'])) {
$config['savePath'] = session_save_path();
}
$this->_config = $config;
}
protected function checkUsersSession()
{
$sql = "SELECT * FROM hr_superusers WHERE isLogged=1";
$cmd = $this->db->createCommand($sql);
$data = $cmd->query();
$data = $data->readAll();
foreach ($data as $d) {
$session_id = $d['session_id'];
$session_path = session_save_path();
$handle = @opendir($session_path);
if (!$handle) {
return;
}
// and scan through the items inside
while (FALSE !== ($item = readdir($handle))) {
// if the filepointer is not the current directory
// or the parent directory
if ($item != '.' && $item != '..') {
// we build the new path to delete
$path = $session_path . DIRECTORY_SEPARATOR . $item;
if (filesize($path) == 0) {
$sess = explode("_", $item);
$sql = "UPDATE hr_superusers SET isLogged=0 WHERE session_id='" . $sess[1] . "'";
$cmd = $this->db->createCommand($sql);
$res = $cmd->Execute();
}
}
}
closedir($handle);
}
}
/**
* Open a session
*
* @access public
* @param string $base_path Cookie path
* @param string $save_path Custom session save path
*/
public function open($base_path = '/', $save_path = '')
{
if ($save_path !== '') {
session_save_path($save_path);
}
// HttpOnly and secure flags for session cookie
session_set_cookie_params(self::SESSION_LIFETIME, $base_path ?: '/', null, Tool::isHTTPS(), true);
// Avoid session id in the URL
ini_set('session.use_only_cookies', '1');
// Ensure session ID integrity
ini_set('session.entropy_file', '/dev/urandom');
ini_set('session.entropy_length', '32');
ini_set('session.hash_bits_per_character', 6);
// If session was autostarted with session.auto_start = 1 in php.ini destroy it, otherwise we cannot login
if (isset($_SESSION)) {
session_destroy();
}
// Custom session name
session_name('__S');
session_start();
// Regenerate the session id to avoid session fixation issue
if (empty($_SESSION['__validated'])) {
session_regenerate_id(true);
$_SESSION['__validated'] = 1;
}
}
function __construct()
{
$path = S_ROOT . 'data' . DIRECTORY_SEPARATOR . 'session';
ini_set('session.save_handler', 'files');
session_save_path($path);
session_start();
}
function __construct($config)
{
if (!$config || !is_array($config)) {
$config["id"] = "PHPSESSID";
$config["path"] = "./data/session/";
$config["timeout"] = 3600;
}
$this->config($config);
$sid = $config["id"] ? $config["id"] : "PHPSESSION";
session_name($sid);
$this->sid = $sid;
$session_id = isset($_POST[$sid]) ? $_POST[$sid] : (isset($_GET[$sid]) ? $_GET[$sid] : "");
if ($session_id && preg_match("/^[a-z0-9A-Z\\_\\-]+\$/u", $session_id)) {
session_id($session_id);
$this->sessid = $session_id;
} else {
$this->sessid = session_id();
}
session_save_path($config["path"]);
$this->config = $config;
$this->timeout = $config["timeout"] ? $config["timeout"] : 600;
session_cache_expire(intval($this->timeout) / 60);
session_cache_limiter('public');
session_start();
}