/**
* @see SessionFactory::create()
*/
public function create()
{
// get spider information
$spider = $this->isSpider(UserUtil::getUserAgent());
if ($spider) {
if (($session = $this->getExistingSpiderSession($spider['spiderID'])) !== null) {
if (!$session->isCorrupt()) {
return $session;
}
}
}
// create new session hash
$sessionID = StringUtil::getRandomID();
// check cookies for userID & password
require_once WCF_DIR . 'lib/system/auth/UserAuth.class.php';
$user = UserAuth::getInstance()->loginAutomatically(true, $this->userClassName);
if ($user === null) {
// no valid user found
// create guest user
$user = new $this->guestClassName();
}
// update user session
$user->update();
if ($user->userID != 0) {
// user is no guest
// delete all other sessions of this user
Session::deleteSessions($user->userID, true, false);
}
$requestMethod = !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '';
// insert session into database
$sql = "INSERT INTO \twcf" . WCF_N . "_session\n\t\t\t\t\t(sessionID, packageID, userID, ipAddress, userAgent,\n\t\t\t\t\tlastActivityTime, requestURI, requestMethod,\n\t\t\t\t\tusername" . ($spider ? ", spiderID" : "") . ")\n\t\t\tVALUES\t\t('" . $sessionID . "',\n\t\t\t\t\t" . PACKAGE_ID . ",\n\t\t\t\t\t" . $user->userID . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getIpAddress()) . "',\n\t\t\t\t\t'" . escapeString(UserUtil::getUserAgent()) . "',\n\t\t\t\t\t" . TIME_NOW . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getRequestURI()) . "',\n\t\t\t\t\t'" . escapeString($requestMethod) . "',\n\t\t\t\t\t'" . ($spider ? escapeString($spider['spiderName']) : escapeString($user->username)) . "'\n\t\t\t\t\t" . ($spider ? ", " . $spider['spiderID'] : "") . ")";
WCF::getDB()->sendQuery($sql);
// save user data
$serializedUserData = '';
if (ENABLE_SESSION_DATA_CACHE && get_class(WCF::getCache()->getCacheSource()) == 'MemcacheCacheSource') {
require_once WCF_DIR . 'lib/system/cache/source/MemcacheAdapter.class.php';
MemcacheAdapter::getInstance()->getMemcache()->set('session_userdata_-' . $sessionID, $user);
} else {
$serializedUserData = serialize($user);
try {
$sql = "INSERT INTO \twcf" . WCF_N . "_session_data\n\t\t\t\t\t\t\t(sessionID, userData)\n\t\t\t\t\tVALUES \t\t('" . $sessionID . "',\n\t\t\t\t\t\t\t'" . escapeString($serializedUserData) . "')";
WCF::getDB()->sendQuery($sql);
} catch (DatabaseException $e) {
// horizon update workaround
$sql = "UPDATE \twcf" . WCF_N . "_session\n\t\t\t\t\tSET\tuserData = '" . escapeString($serializedUserData) . "'\n\t\t\t\t\tWHERE\tsessionID = '" . $sessionID . "'";
WCF::getDB()->sendQuery($sql);
}
}
// return new session object
return new $this->sessionClassName(null, array('sessionID' => $sessionID, 'packageID' => PACKAGE_ID, 'userID' => $user->userID, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent(), 'lastActivityTime' => TIME_NOW, 'requestURI' => UserUtil::getRequestURI(), 'requestMethod' => $requestMethod, 'userData' => $serializedUserData, 'sessionVariables' => '', 'username' => $spider ? $spider['spiderName'] : $user->username, 'spiderID' => $spider ? $spider['spiderID'] : 0, 'isNew' => true));
}
/**
* Handles the given resultset. Stores database data in this session object.
*
* @param array $row
*/
protected function handleData($data)
{
parent::handleData($data);
if ($this->sessionID) {
// validate session
if (!$this->validate()) {
$this->data['sessionID'] = false;
return;
}
$this->data['lastRequestURI'] = $this->requestURI;
$this->data['lastRequestMethod'] = $this->requestMethod;
$this->data['ipAddress'] = UserUtil::getIpAddress();
$this->data['userAgent'] = UserUtil::getUserAgent();
$this->data['requestURI'] = UserUtil::getRequestURI();
$this->data['requestMethod'] = !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '';
// handle data
if (ENABLE_SESSION_DATA_CACHE && get_class(WCF::getCache()->getCacheSource()) == 'MemcacheCacheSource') {
require_once WCF_DIR . 'lib/system/cache/source/MemcacheAdapter.class.php';
// get user data
$this->user = MemcacheAdapter::getInstance()->getMemcache()->get($this->sessionTable . '_userdata_' . $this->sessionID);
// get session variables
$this->sessionVariables = MemcacheAdapter::getInstance()->getMemcache()->get($this->sessionTable . '_variables_' . $this->sessionID);
if (!is_array($this->sessionVariables)) {
$this->sessionVariables = array();
}
// package changed; reset user data
if ($this->data['packageID'] != PACKAGE_ID) {
$this->user = null;
}
} else {
// package changed; reset user data
if ($this->data['packageID'] != PACKAGE_ID) {
$this->data['userData'] = '';
}
//$this->data['packageID'] = PACKAGE_ID;
// unserialize the variables of this session
@($this->sessionVariables = unserialize($data['sessionVariables']));
if (!is_array($this->sessionVariables)) {
$this->sessionVariables = array();
}
// unserialize the user object of this session
@($this->user = unserialize($this->userData));
unset($this->data['userData']);
}
// check whether the user object is valid
if (!is_object($this->user) || $this->userID != 0 && !$this->user instanceof $this->userSessionClassName || $this->userID == 0 && !$this->user instanceof $this->guestSessionClassName) {
// create a new user object
$this->createUser($this->userID != 0 ? $this->userID : null);
}
// generate security token
$this->initSecurityToken();
}
}
/**
* Creates a new session.
*
* Generates a new session hash, inserts the new session into database
* and returns the object of the created session.
*
* @return Session $session
*/
public function create()
{
// create new session hash
$sessionID = StringUtil::getRandomID();
// get user automatically
if (!defined('NO_IMPORTS')) {
require_once WCF_DIR . 'lib/system/auth/UserAuth.class.php';
}
$user = UserAuth::getInstance()->loginAutomatically();
// create user
if ($user === null) {
// no valid user found
// create guest user
$user = new $this->userClassName();
}
// update user session
$user->update();
// insert session into database
$requestMethod = !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '';
$sql = "INSERT INTO \twcf" . WCF_N . "_acp_session\n\t\t\t\t\t(sessionID, packageID, userID, ipAddress, userAgent, lastActivityTime, requestURI, requestMethod)\n\t\t\tVALUES \t\t('" . $sessionID . "',\n\t\t\t\t\t" . PACKAGE_ID . ",\n\t\t\t\t\t" . $user->userID . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getIpAddress()) . "',\n\t\t\t\t\t'" . escapeString(UserUtil::getUserAgent()) . "',\n\t\t\t\t\t" . TIME_NOW . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getRequestURI()) . "',\n\t\t\t\t\t'" . escapeString($requestMethod) . "')";
WCF::getDB()->sendQuery($sql);
// save user data
$serializedUserData = '';
if (ENABLE_SESSION_DATA_CACHE && get_class(WCF::getCache()->getCacheSource()) == 'MemcacheCacheSource') {
require_once WCF_DIR . 'lib/system/cache/source/MemcacheAdapter.class.php';
MemcacheAdapter::getInstance()->getMemcache()->set('acp_session_userdata_' . $sessionID, $user);
} else {
$serializedUserData = serialize($user);
try {
$sql = "INSERT INTO \twcf" . WCF_N . "_acp_session_data\n\t\t\t\t\t\t\t(sessionID, userData)\n\t\t\t\t\tVALUES \t\t('" . $sessionID . "',\n\t\t\t\t\t\t\t'" . escapeString($serializedUserData) . "')";
WCF::getDB()->sendQuery($sql);
} catch (DatabaseException $e) {
// horizon update workaround
$sql = "UPDATE \twcf" . WCF_N . "_acp_session\n\t\t\t\t\tSET\tuserData = '" . escapeString($serializedUserData) . "'\n\t\t\t\t\tWHERE\tsessionID = '" . $sessionID . "'";
WCF::getDB()->sendQuery($sql);
}
}
// return new session object
return new $this->sessionClassName(null, array('sessionID' => $sessionID, 'packageID' => PACKAGE_ID, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent(), 'lastActivityTime' => TIME_NOW, 'requestURI' => UserUtil::getRequestURI(), 'requestMethod' => $requestMethod, 'userData' => $serializedUserData, 'sessionVariables' => '', 'userID' => $user->userID, 'isNew' => true));
}
