/** * 初始化session */ private static function session() { //init session save type if (extension_loaded('memcache') && self::$_conf['SESSION_SAVE_TYPE'] == 'm') { ini_set('session.save_handler', 'memcache'); ini_set('session.save_path', 'tcp://' . self::$_conf['MEM_HOST'] . ':' . self::$_conf['MEM_PORT']); } Session::sid(self::$_conf['S_ID']); Session::name(self::$_conf['S_NAME']); Session::expire(self::$_conf['S_EXPIRE']); session_start(); }
/** +---------------------------------------------------------- * Session 初始化 +---------------------------------------------------------- * @static * @access private +---------------------------------------------------------- * @return boolean +---------------------------------------------------------- */ static function _init() { ini_set('session.auto_start', 0); if (is_null(Session::detectID())) { Session::id(uniqid(dechex(mt_rand()))); } // 设置Session有效域名 Session::setCookieDomain(C('COOKIE_DOMAIN')); //设置当前项目运行脚本作为Session本地名 Session::localName(APP_NAME); Session::name(C('SESSION_NAME')); Session::path(C('SESSION_PATH')); Session::setCallback(C('SESSION_CALLBACK')); }
} // Security : The session is wiped if the user-agent change if (Session::exists('HTTP_USER_AGENT')) { if (Session::read('HTTP_USER_AGENT') != $_SERVER['HTTP_USER_AGENT']) { Session::regenerate_id(); Session::wipe(); Session::write('HTTP_USER_AGENT', $_SERVER['HTTP_USER_AGENT']); } } else { Session::write('HTTP_USER_AGENT', $_SERVER['HTTP_USER_AGENT']); } // Security : The page is reloaded without session id in the URL if the session id is present in the URL if (strpos($_SERVER['REQUEST_URI'], Session::name()) && count($_POST) == 0) { Session::close(); setcookie(Session::name(), Session::id(), null, '/', '.' . $domaine); $page_address = preg_replace('#(?<=&|\\?)' . Session::name() . '=[^&]+(?:&|$)#', '', $_SERVER['REQUEST_URI']); $page_address = rtrim($page_address, '?&'); header('Location: http://' . $_SERVER['HTTP_HOST'] . $page_address); exit; } // Security : The $_POST variables are wiped if the referer domain is different from the current domain if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '' && !preg_match('#^https?://' . preg_quote($_SERVER['SERVER_NAME']) . '#', $_SERVER['HTTP_REFERER'])) { // On vide $_POST $_POST = array(); } // Removing special characters from $_POST variables (they may be a problem with DB or AJAX) foreach ($_POST as $key => $value) { if (!is_array($value)) { $value = preg_replace('#[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F]#', '', $value); } }
public function name() { return Session::name(); }
/** * Returns the <input type="text" tag * * @param array $attr * Optionals attributes to add to input tag * * @return string */ public static function input(array $attr = array()) { return self::tag(array_merge(array('input', 'type' => 'text', 'name' => Session::name(), 'required'), $attr)); }
/** +---------------------------------------------------------- * 检测SessionID +---------------------------------------------------------- * @static * @access public +---------------------------------------------------------- * @return void +---------------------------------------------------------- */ static function detectID() { if (session_id() != '') { return session_id(); } if (Session::useCookies()) { if (isset($_COOKIE[Session::name()])) { return $_COOKIE[Session::name()]; } } else { if (isset($_GET[Session::name()])) { return $_GET[Session::name()]; } if (isset($_POST[Session::name()])) { return $_POST[Session::name()]; } } return null; }
static function setExpire($time) { setcookie(Session::name(), Session::id(), time() + $time, '/'); }