public function write($sessionId, $serializedData)
{
try {
// For performance reasons, do not update the sessions table, unless
// $_SESSION has changed or more than 180 has passed since the last update.
if ($this->sessionDataHasChanged($sessionId, $serializedData)) {
// Either ssid or sid or both will be added from $key below.
$fields = array('uid' => $this->uid, 'cache' => 0, 'hostname' => ip_address(), 'session' => $serializedData, 'timestamp' => REQUEST_TIME);
$key = array('sid' => $sessionId, 'ssid' => '');
db_merge('sessions')->key($key)->fields($fields)->execute();
}
return TRUE;
} catch (Exception $exception) {
// FIXME: This should never be here, a global try/catch should definitely
// be done upper in the code.
require_once DRUPAL_ROOT . '/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a further
// uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . _drupal_render_exception_safe($exception) . '</p><hr />';
}
return FALSE;
}
}
public function write($sessionId, $serializedData)
{
global $user;
try {
// For performance reasons, do not update the sessions table, unless
// $_SESSION has changed or more than 180 has passed since the last update.
if ($this->sessionDataHasChanged($sessionId, $serializedData)) {
$cid = $this->getCid($sessionId);
// Either ssid or sid or both will be added from $key below.
$data = new stdClass();
$data->uid = $this->uid;
$data->session = $serializedData;
$this->cacheBackend->set($cid, $data);
}
return TRUE;
} catch (Exception $exception) {
// FIXME: This should never be here, a global try/catch should definitely
// be done upper in the code.
require_once DRUPAL_ROOT . '/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a further
// uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . _drupal_render_exception_safe($exception) . '</p><hr />';
}
return FALSE;
}
}
/**
* {@inheritdoc}
*/
public function write($sid, $value)
{
// The exception handler is not active at this point, so we need to do it
// manually.
try {
$request = $this->requestStack->getCurrentRequest();
$fields = array('uid' => $request->getSession()->get('uid', 0), 'hostname' => $request->getClientIP(), 'session' => $value, 'timestamp' => REQUEST_TIME);
$this->connection->merge('sessions')->keys(array('sid' => Crypt::hashBase64($sid)))->fields($fields)->execute();
return TRUE;
} catch (\Exception $exception) {
require_once DRUPAL_ROOT . '/core/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a
// further uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . Error::renderExceptionSafe($exception) . '</p><hr />';
}
return FALSE;
}
}
/**
* Handles any exception as a generic error page for JSON.
*
* @todo This should probably check the error reporting level.
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
* The event to process.
*/
protected function onJson(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
$error = Error::decodeException($exception);
// Display the message if the current error reporting level allows this type
// of message to be displayed,
$data = NULL;
if (error_displayable($error) && ($message = $exception->getMessage())) {
$data = ['message' => sprintf('A fatal error occurred: %s', $message)];
}
$response = new JsonResponse($data, Response::HTTP_INTERNAL_SERVER_ERROR);
if ($exception instanceof HttpExceptionInterface) {
$response->setStatusCode($exception->getStatusCode());
$response->headers->add($exception->getHeaders());
}
$event->setResponse($response);
}
/**
* Processes a generic exception into an HTTP 500 response.
*
* @param \Symfony\Component\Debug\Exception\FlattenException $exception
* Metadata about the exception that was thrown.
* @param \Symfony\Component\HttpFoundation\Request $request
* The request object that triggered this exception.
*
* @return \Symfony\Component\HttpFoundation\Response
* A response object.
*/
public function on500Html(FlattenException $exception, Request $request)
{
$error = $this->decodeException($exception);
// Because the kernel doesn't run until full bootstrap, we know that
// most subsystems are already initialized.
$headers = array();
// When running inside the testing framework, we relay the errors
// to the tested site by the way of HTTP headers.
if (DRUPAL_TEST_IN_CHILD_SITE && !headers_sent() && (!defined('SIMPLETEST_COLLECT_ERRORS') || SIMPLETEST_COLLECT_ERRORS)) {
// $number does not use drupal_static as it should not be reset
// as it uniquely identifies each PHP error.
static $number = 0;
$assertion = array($error['!message'], $error['%type'], array('function' => $error['%function'], 'file' => $error['%file'], 'line' => $error['%line']));
$headers['X-Drupal-Assertion-' . $number] = rawurlencode(serialize($assertion));
$number++;
}
watchdog('php', '%type: !message in %function (line %line of %file).', $error, $error['severity_level']);
// Display the message if the current error reporting level allows this type
// of message to be displayed, and unconditionnaly in update.php.
if (error_displayable($error)) {
$class = 'error';
// If error type is 'User notice' then treat it as debug information
// instead of an error message.
// @see debug()
if ($error['%type'] == 'User notice') {
$error['%type'] = 'Debug';
$class = 'status';
}
// Attempt to reduce verbosity by removing DRUPAL_ROOT from the file path
// in the message. This does not happen for (false) security.
$root_length = strlen(DRUPAL_ROOT);
if (substr($error['%file'], 0, $root_length) == DRUPAL_ROOT) {
$error['%file'] = substr($error['%file'], $root_length + 1);
}
// Should not translate the string to avoid errors producing more errors.
$message = String::format('%type: !message in %function (line %line of %file).', $error);
// Check if verbose error reporting is on.
$error_level = $this->container->get('config.factory')->get('system.logging')->get('error_level');
if ($error_level == ERROR_REPORTING_DISPLAY_VERBOSE) {
$backtrace_exception = $exception;
while ($backtrace_exception->getPrevious()) {
$backtrace_exception = $backtrace_exception->getPrevious();
}
$backtrace = $backtrace_exception->getTrace();
// First trace is the error itself, already contained in the message.
// While the second trace is the error source and also contained in the
// message, the message doesn't contain argument values, so we output it
// once more in the backtrace.
array_shift($backtrace);
// Generate a backtrace containing only scalar argument values.
$message .= '<pre class="backtrace">' . Error::formatFlattenedBacktrace($backtrace) . '</pre>';
}
drupal_set_message(SafeMarkup::set($message), $class, TRUE);
}
$content = $this->t('The website has encountered an error. Please try again later.');
$output = DefaultHtmlPageRenderer::renderPage($content, $this->t('Error'));
$response = new Response($output);
$response->setStatusCode(500, '500 Service unavailable (with message)');
return $response;
}
/**
* {@inheritdoc}
*/
public function write($sid, $value)
{
global $user;
// The exception handler is not active at this point, so we need to do it
// manually.
try {
if (!$this->sessionManager->isEnabled()) {
// We don't have anything to do if we are not allowed to save the
// session.
return TRUE;
}
// Either ssid or sid or both will be added from $key below.
$fields = array('uid' => $user->id(), 'hostname' => $this->requestStack->getCurrentRequest()->getClientIP(), 'session' => $value, 'timestamp' => REQUEST_TIME);
// Use the session ID as 'sid' and an empty string as 'ssid' by default.
// read() does not allow empty strings so that's a safe default.
$key = array('sid' => Crypt::hashBase64($sid), 'ssid' => '');
// On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
if ($this->requestStack->getCurrentRequest()->isSecure()) {
$key['ssid'] = $key['sid'];
// The "secure pages" setting allows a site to simultaneously use both
// secure and insecure session cookies. If enabled and both cookies
// are presented then use both keys. The session ID from the cookie is
// hashed before being stored in the database as a security measure.
if ($this->sessionManager->isMixedMode()) {
$insecure_session_name = $this->sessionManager->getInsecureName();
$cookies = $this->requestStack->getCurrentRequest()->cookies;
if ($cookies->has($insecure_session_name)) {
$key['sid'] = Crypt::hashBase64($cookies->get($insecure_session_name));
}
}
} elseif ($this->sessionManager->isMixedMode()) {
unset($key['ssid']);
}
$this->connection->merge('sessions')->keys($key)->fields($fields)->execute();
// Remove obsolete sessions.
$this->cleanupObsoleteSessions();
// Likewise, do not update access time more than once per 180 seconds.
if ($user->isAuthenticated() && REQUEST_TIME - $user->getLastAccessedTime() > Settings::get('session_write_interval', 180)) {
/** @var \Drupal\user\UserStorageInterface $storage */
$storage = \Drupal::entityManager()->getStorage('user');
$storage->updateLastAccessTimestamp($user, REQUEST_TIME);
}
return TRUE;
} catch (\Exception $exception) {
require_once DRUPAL_ROOT . '/core/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a
// further uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . Error::renderExceptionSafe($exception) . '</p><hr />';
}
return FALSE;
}
}
/**
* {@inheritdoc}
*/
public function execute(ViewExecutable $view)
{
if ($this->shouldAbort()) {
if (error_displayable()) {
foreach ($this->errors as $msg) {
drupal_set_message(Html::escape($msg), 'error');
}
}
$view->result = array();
$view->total_rows = 0;
$view->execute_time = 0;
return;
}
// Calculate the "skip result count" option, if it wasn't already set to
// FALSE.
$skip_result_count = $this->query->getOption('skip result count', TRUE);
if ($skip_result_count) {
$skip_result_count = !$view->pager->useCountQuery() && empty($view->get_total_rows);
$this->query->setOption('skip result count', $skip_result_count);
}
try {
// Trigger pager preExecute().
$view->pager->preExecute($this->query);
// Views passes sometimes NULL and sometimes the integer 0 for "All" in a
// pager. If set to 0 items, a string "0" is passed. Therefore, we unset
// the limit if an empty value OTHER than a string "0" was passed.
if (!$this->limit && $this->limit !== '0') {
$this->limit = NULL;
}
// Set the range. (We always set this, as there might even be an offset if
// all items are shown.)
$this->query->range($this->offset, $this->limit);
$start = microtime(TRUE);
// Execute the search.
$results = $this->query->execute();
$this->searchApiResults = $results;
// Store the results.
if (!$skip_result_count) {
$view->pager->total_items = $view->total_rows = $results->getResultCount();
if (!empty($view->pager->options['offset'])) {
$view->pager->total_items -= $view->pager->options['offset'];
}
$view->pager->updatePageInfo();
}
$view->result = array();
if ($results->getResultItems()) {
$this->addResults($results->getResultItems(), $view);
}
$view->execute_time = microtime(TRUE) - $start;
// Trigger pager postExecute().
$view->pager->postExecute($view->result);
} catch (\Exception $e) {
$this->abort($e->getMessage());
// Recursion to get the same error behaviour as above.
$this->execute($view);
}
}
/**
* {@inheritdoc}
*/
public function write($sid, $value)
{
$user = \Drupal::currentUser();
// The exception handler is not active at this point, so we need to do it
// manually.
try {
$fields = array('uid' => $user->id(), 'hostname' => $this->requestStack->getCurrentRequest()->getClientIP(), 'session' => $value, 'timestamp' => REQUEST_TIME);
$this->connection->merge('sessions')->keys(array('sid' => Crypt::hashBase64($sid)))->fields($fields)->execute();
// Likewise, do not update access time more than once per 180 seconds.
if ($user->isAuthenticated() && REQUEST_TIME - $user->getLastAccessedTime() > Settings::get('session_write_interval', 180)) {
/** @var \Drupal\user\UserStorageInterface $storage */
$storage = \Drupal::entityManager()->getStorage('user');
$storage->updateLastAccessTimestamp($user, REQUEST_TIME);
}
return TRUE;
} catch (\Exception $exception) {
require_once DRUPAL_ROOT . '/core/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a
// further uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . Error::renderExceptionSafe($exception) . '</p><hr />';
}
return FALSE;
}
}
/**
* Writes an entire session to the database (internal use only).
*
* This function is registered with session_set_save_handler() to support
* database-backed sessions.
*
* This function is an internal function and must not be called directly.
* Doing so may result in corrupted session data or other unexpected behavior.
* Session data must always be accessed via the $_SESSION superglobal.
*
* @param string $sid
* The session ID of the session to write to.
* @param string $value
* Session data to write as a serialized string.
*
* @return bool Always returns TRUE.
*/
public function write($sid, $value)
{
global $user;
// The exception handler is not active at this point, so we need to do it
// manually.
try {
if (!drupal_save_session()) {
// We don't have anything to do if we are not allowed to save the session.
return;
}
// Either ssid or sid or both will be added from $key below.
$fields = array('uid' => $user->uid, 'cache' => isset($user->cache) ? $user->cache : 0, 'hostname' => ip_address(), 'session' => $value, 'timestamp' => REQUEST_TIME);
// Use the session ID as 'sid' and an empty string as 'ssid' by default.
// _drupal_session_read() does not allow empty strings so that's a safe
// default.
$key = array('sid' => $sid, 'ssid' => '');
// On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
unset($key['ssid']);
db_merge('sessions')->key($key)->fields($fields)->execute();
// Likewise, do not update access time more than once per 180 seconds.
if ($user->uid) {
db_update('users')->fields(array('access' => REQUEST_TIME))->condition('uid', $user->uid)->execute();
}
return TRUE;
} catch (\Exception $exception) {
require_once DRUPAL_ROOT . '/includes/errors.inc';
// If we are displaying errors, then do so with no possibility of a further
// uncaught exception being thrown.
if (error_displayable()) {
print '<h1>Uncaught exception thrown in session handler.</h1>';
print '<p>' . _drupal_render_exception_safe($exception) . '</p><hr />';
}
return FALSE;
}
}
