CakePHP abstracts the handling of sessions. There are several convenient methods to access session information.
This class is the implementation of those methods. They are mostly used by the Session Component.
/**
* setUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->View = new View();
$session = new Session();
$this->View->request = new Request(['session' => $session]);
$this->Flash = new FlashHelper($this->View);
$session->write(['Flash' => ['flash' => [['key' => 'flash', 'message' => 'This is a calling', 'element' => 'Flash/default', 'params' => []]], 'notification' => [['key' => 'notification', 'message' => 'This is a test of the emergency broadcasting system', 'element' => 'flash_helper', 'params' => ['title' => 'Notice!', 'name' => 'Alert!']]], 'classy' => [['key' => 'classy', 'message' => 'Recorded', 'element' => 'flash_classy', 'params' => []]], 'stack' => [['key' => 'flash', 'message' => 'This is a calling', 'element' => 'Flash/default', 'params' => []], ['key' => 'notification', 'message' => 'This is a test of the emergency broadcasting system', 'element' => 'flash_helper', 'params' => ['title' => 'Notice!', 'name' => 'Alert!']], ['key' => 'classy', 'message' => 'Recorded', 'element' => 'flash_classy', 'params' => []]]]]);
}
/**
* {@inheritDoc}
*/
public function redirectUrl($url = null)
{
if ($url === null) {
return $this->_session->read($this->_config['redirect']);
}
if ($url === false) {
$this->_session->delete($this->_config['redirect']);
return null;
}
$this->_session->write($this->_config['redirect'], $url);
}
/**
* setUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->View = new View();
$this->Session = new SessionHelper($this->View);
Session::start();
if (!Session::started()) {
Session::start();
}
$_SESSION = array('test' => 'info', 'Message' => array('flash' => array('element' => 'default', 'params' => array(), 'message' => 'This is a calling'), 'notification' => array('element' => 'session_helper', 'params' => array('title' => 'Notice!', 'name' => 'Alert!'), 'message' => 'This is a test of the emergency broadcasting system'), 'classy' => array('element' => 'default', 'params' => array('class' => 'positive'), 'message' => 'Recorded'), 'bare' => array('element' => null, 'message' => 'Bare message', 'params' => array())), 'Deeply' => array('nested' => array('key' => 'value')));
}
/**
* provides facebook login URL
* used by webapp
*
* @param string $redirectUrl destination to be redirect to after calling the login URL
* @return string facebook login url
*/
public function getLoginUrl($redirectUrl = null)
{
$this->_session->write('Facebook.redirectUrl', $redirectUrl);
$facebookRedirectLoginHelper = $this->_getFacebookRedirectLoginHelper($redirectUrl);
return $facebookRedirectLoginHelper->getLoginUrl(['email', 'user_birthday']);
}
/**
* Assert session contents
*
* @param string $expected The expected contents.
* @param string $path The session data path. Uses Hash::get() compatible notation
* @param string $message The failure message that will be appended to the generated message.
* @return void
*/
public function assertSession($expected, $path, $message = '')
{
if (empty($this->_requestSession)) {
$this->fail('There is no stored session data. Perhaps you need to run a request?');
}
$result = $this->_requestSession->read($path);
$this->assertEquals($expected, $result, 'Session content differs. ' . $message);
}
/**
* {@inheritDoc}
*/
public static function fromGlobals(array $server = null, array $query = null, array $body = null, array $cookies = null, array $files = null)
{
$request = parent::fromGlobals($server, $query, $body, $cookies, $files);
list($base, $webroot) = static::getBase($request);
$sessionConfig = (array) Configure::read('Session') + ['defaults' => 'php', 'cookiePath' => $webroot];
$session = Session::create($sessionConfig);
$request = $request->withAttribute('base', $base)->withAttribute('webroot', $webroot)->withAttribute('session', $session);
if ($base) {
$request = static::updatePath($base, $request);
}
return $request;
}
/**
* Get instance of the session.
*
* @return \Cake\Network\Session
*/
public function getSession()
{
if (!empty($this->cake['session'])) {
return $this->cake['session'];
}
if (!empty($this->cake['request'])) {
$this->cake['session'] = $this->cake['request']->session();
return $this->cake['session'];
}
$config = (array) Configure::read('Session') + ['defaults' => 'php'];
$this->cake['session'] = Session::create($config);
return $this->cake['session'];
}
/**
* Get the current user.
*
* Will prefer the static user cache over sessions. The static user
* cache is primarily used for stateless authentication. For stateful authentication,
* cookies + sessions will be used.
*
* @param string $key field to retrieve. Leave null to get entire User record
* @return mixed User record. or null if no user is logged in.
* @link http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#accessing-the-logged-in-user
*/
public static function user($key = null)
{
if (!empty(static::$_user)) {
$user = static::$_user;
} elseif (static::$sessionKey && Session::check(static::$sessionKey)) {
$user = Session::read(static::$sessionKey);
} else {
return null;
}
if ($key === null) {
return $user;
}
return Hash::get($user, $key);
}
public function initialize(array $config)
{
parent::initialize($config);
// TODO: Change the autogenerated stub
$session = new Session();
$lang = $session->read('Config.language');
$fieldLanguage = 'vie';
switch ($lang) {
case 'ja_JP':
$fieldLanguage = 'jpn';
break;
case 'vi_VN':
$fieldLanguage = 'vie';
break;
case 'en_US':
$fieldLanguage = 'eng';
break;
}
$this->fieldLanguage = $fieldLanguage;
$curUser = $session->read('Core.Users');
if ($curUser && $curUser->group == GROUP_ADMIN) {
$this->cacheConfig = 'api_backend';
}
$this->jcApi = new JcApi(KEY_API, $this->fieldLanguage);
}
/**
* Set the language for the user.
*
* @return void
*/
public function setLanguage()
{
if ($this->_controller->Auth->user()) {
//The user has already a valid language defined in the database.
if ($this->_session->read('Auth.User.language') && isset($this->_locales[$this->_session->read('Auth.User.language')])) {
//If the user has not the cookie, we set the cookie.
if (!$this->_cookie->check('language') || $this->_cookie->read('language') != $this->_session->read('Auth.User.language')) {
$this->_cookie->write('language', $this->_session->read('Auth.User.language'));
}
//Stock the locale of the user.
$this->_locale = $this->_session->read('Auth.User.language');
}
} else {
//The user has a valid cookie.
if ($this->_cookie->check('language') && isset($this->_locales[$this->_cookie->read('language')])) {
$this->_locale = $this->_cookie->read('language');
}
}
//The user want to change his language.
if (isset($this->_controller->request->params['lang']) && isset($this->_locales[$this->_controller->request->params['lang']])) {
//If the user is connected, we need to save the new language in the database and refresh his session.
if ($this->_controller->Auth->user()) {
$this->_controller->loadModel('Users');
$user = $this->_controller->Users->find()->where(['id' => $this->_session->read('Auth.User.id')])->first();
$user->language = $this->_controller->request->params['lang'];
$this->_controller->Users->save($user);
$this->_session->write('Auth.User.language', $this->_controller->request->params['lang']);
}
//Save the new language in the cookie.
$this->_cookie->write('language', $this->_controller->request->params['lang']);
$this->_locale = $this->_controller->request->params['lang'];
}
//Set the locale.
I18n::locale($this->_locale);
}
/**
* Used to set a session variable that can be used to output messages in the view.
*
* In your controller: $this->Flash->set('This has been saved');
*
* ### Options:
*
* - `key` The key to set under the session's Flash key
* - `element` The element used to render the flash message. Default to 'default'.
* - `params` An array of variables to make available when using an element
*
* @param string|\Exception $message Message to be flashed. If an instance
* of \Exception the exception message will be used and code will be set
* in params.
* @param array $options An array of options
* @return void
*/
public function set($message, array $options = [])
{
$options += $this->config();
if ($message instanceof \Exception) {
$options['params'] += ['code' => $message->getCode()];
$message = $message->getMessage();
}
list($plugin, $element) = pluginSplit($options['element']);
if ($plugin) {
$options['element'] = $plugin . '.Flash/' . $element;
} else {
$options['element'] = 'Flash/' . $element;
}
$this->_session->write('Flash.' . $options['key'], ['message' => $message, 'key' => $options['key'], 'element' => $options['element'], 'params' => $options['params']]);
}
/**
* Get the URL a user should be redirected to upon login.
*
* Pass a URL in to set the destination a user should be redirected to upon
* logging in.
*
* If no parameter is passed, gets the authentication redirect URL. The URL
* returned is as per following rules:
*
* - Returns the normalized URL from session Auth.redirect value if it is
* present and for the same domain the current app is running on.
* - If there is no session value and there is a config `loginRedirect`, the
* `loginRedirect` value is returned.
* - If there is no session and no `loginRedirect`, / is returned.
*
* @param string|array $url Optional URL to write as the login redirect URL.
* @return string Redirect URL
*/
public function redirectUrl($url = null)
{
if ($url !== null) {
$redir = $url;
$this->session->write('Auth.redirect', $redir);
} elseif ($this->session->check('Auth.redirect')) {
$redir = $this->session->read('Auth.redirect');
$this->session->delete('Auth.redirect');
if (Router::normalize($redir) === Router::normalize($this->_config['loginAction'])) {
$redir = $this->_config['loginRedirect'];
}
} elseif ($this->_config['loginRedirect']) {
$redir = $this->_config['loginRedirect'];
} else {
$redir = '/';
}
if (is_array($redir)) {
return Router::url($redir + ['_base' => false]);
}
return $redir;
}
/**
* setUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->View = new View();
$session = new Session();
$this->View->request = new Request(['session' => $session]);
$this->Session = new SessionHelper($this->View);
$session->write(array('test' => 'info', 'Flash' => array('flash' => array('type' => 'info', 'params' => array(), 'message' => 'This is a calling'), 'notification' => array('type' => 'info', 'params' => array('title' => 'Notice!', 'name' => 'Alert!', 'element' => 'session_helper'), 'message' => 'This is a test of the emergency broadcasting system'), 'classy' => array('type' => 'success', 'params' => array('class' => 'positive'), 'message' => 'Recorded'), 'incomplete' => ['message' => 'A thing happened']), 'Deeply' => array('nested' => array('key' => 'value'))));
}
/**
* setUp method
*
* @return void
*/
public function setUp()
{
parent::setUp();
$this->View = new View();
$session = new Session();
$this->View->request = new Request(['session' => $session]);
$this->Flash = new FlashHelper($this->View);
$session->write(['Flash' => ['flash' => ['key' => 'flash', 'message' => 'This is a calling', 'element' => 'Flash/default', 'params' => []], 'error' => ['key' => 'error', 'message' => 'This is error', 'element' => 'Flash/error', 'params' => []], 'custom1' => ['key' => 'custom1', 'message' => 'This is custom1', 'element' => 'Flash/warning', 'params' => []], 'custom2' => ['key' => 'custom2', 'message' => 'This is custom2', 'element' => 'Flash/default', 'params' => ['class' => 'foobar']], 'custom3' => ['key' => 'custom3', 'message' => 'This is <a href="#">custom3</a>', 'element' => 'Flash/default', 'params' => ['escape' => false]]]]);
}
/**
* Used to set a session variable that can be used to output messages in the view.
* If you make consecutive calls to this method, the messages will stack (if they are
* set with the same flash key)
*
* In your controller: $this->Flash->set('This has been saved');
*
* ### Options:
*
* - `key` The key to set under the session's Flash key
* - `element` The element used to render the flash message. Default to 'default'.
* - `params` An array of variables to make available when using an element
* - `clear` A bool stating if the current stack should be cleared to start a new one
* - `escape` Set to false to allow templates to print out HTML content
*
* @param string|\Exception $message Message to be flashed. If an instance
* of \Exception the exception message will be used and code will be set
* in params.
* @param array $options An array of options
* @return void
*/
public function set($message, array $options = [])
{
$options += $this->config();
if ($message instanceof Exception) {
if (!isset($options['params']['code'])) {
$options['params']['code'] = $message->getCode();
}
$message = $message->getMessage();
}
if (isset($options['escape']) && !isset($options['params']['escape'])) {
$options['params']['escape'] = $options['escape'];
}
list($plugin, $element) = pluginSplit($options['element']);
if ($plugin) {
$options['element'] = $plugin . '.Flash/' . $element;
} else {
$options['element'] = 'Flash/' . $element;
}
$messages = [];
if ($options['clear'] === false) {
$messages = $this->_session->read('Flash.' . $options['key']);
}
$messages[] = ['message' => $message, 'key' => $options['key'], 'element' => $options['element'], 'params' => $options['params']];
$this->_session->write('Flash.' . $options['key'], $messages);
}
/**
* Manually add form tampering prevention token information into the provided
* request object.
*
* @param \Cake\Network\Request $request The request object to add into.
* @return bool
*/
public function generateToken(Request $request)
{
if (isset($request->params['requested']) && $request->params['requested'] === 1) {
if ($this->session->check('_Token')) {
$request->params['_Token'] = $this->session->read('_Token');
}
return false;
}
$token = ['allowedControllers' => $this->_config['allowedControllers'], 'allowedActions' => $this->_config['allowedActions'], 'unlockedFields' => $this->_config['unlockedFields']];
$this->session->write('_Token', $token);
$request->params['_Token'] = ['unlockedFields' => $token['unlockedFields']];
return true;
}
public function login()
{
$this->viewBuilder()->layout('login');
//If a user is already logged in, redirect them to their profile.
if ($this->Auth->user()) {
$this->redirect($this->referer());
}
$session = new Session();
if ($this->request->is('post')) {
if (isset($this->request->data['referred'])) {
$session->write('Redirect.login', $this->referer());
}
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
$this->_setCookie();
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error('Invalid username or password, try again');
}
}
/**
* Used by the translation functions in basics.php
* Returns a translated string based on current language and translation files stored in locale folder
*
* @param string $singular String to translate
* @param string $plural Plural string (if any)
* @param string $domain Domain The domain of the translation. Domains are often used by plugin translations.
* If null, the default domain will be used.
* @param int $category Category The integer value of the category to use.
* @param int $count Count Count is used with $plural to choose the correct plural form.
* @param string $language Language to translate string to.
* If null it checks for language in session followed by Config.language configuration variable.
* @return string translated string.
* @throws \Cake\Error\Exception When '' is provided as a domain.
*/
public static function translate($singular, $plural = null, $domain = null, $category = self::LC_MESSAGES, $count = null, $language = null)
{
$_this = I18n::getInstance();
if (strpos($singular, "\r\n") !== false) {
$singular = str_replace("\r\n", "\n", $singular);
}
if ($plural !== null && strpos($plural, "\r\n") !== false) {
$plural = str_replace("\r\n", "\n", $plural);
}
if (is_numeric($category)) {
$_this->category = $_this->_categories[$category];
}
if (empty($language)) {
if (Session::started()) {
$language = Session::read('Config.language');
}
if (empty($language)) {
$language = Configure::read('Config.language');
}
}
if ($_this->_lang && $_this->_lang !== $language || !$_this->_lang) {
$lang = $_this->l10n->get($language);
$_this->_lang = $lang;
}
if ($domain === null) {
$domain = static::$defaultDomain;
}
if ($domain === '') {
throw new Exception('You cannot use "" as a domain.');
}
$_this->domain = $domain . '_' . $_this->l10n->lang;
if (!isset($_this->_domains[$domain][$_this->_lang])) {
$_this->_domains[$domain][$_this->_lang] = [];
$_this->_domains[$domain][$_this->_lang] = Cache::read($_this->domain, '_cake_core_');
}
if (!isset($_this->_domains[$domain][$_this->_lang][$_this->category])) {
$_this->_bindTextDomain($domain);
Cache::write($_this->domain, $_this->_domains[$domain][$_this->_lang], '_cake_core_');
}
if ($_this->category === 'LC_TIME') {
return $_this->_translateTime($singular, $domain);
}
if (!isset($count)) {
$plurals = 0;
} elseif (!empty($_this->_domains[$domain][$_this->_lang][$_this->category]["%plural-c"]) && $_this->_noLocale === false) {
$header = $_this->_domains[$domain][$_this->_lang][$_this->category]["%plural-c"];
$plurals = $_this->_pluralGuess($header, $count);
} else {
if ($count != 1) {
$plurals = 1;
} else {
$plurals = 0;
}
}
if (!empty($_this->_domains[$domain][$_this->_lang][$_this->category][$singular])) {
if (($trans = $_this->_domains[$domain][$_this->_lang][$_this->category][$singular]) || $plurals && ($trans = $_this->_domains[$domain][$_this->_lang][$_this->category][$plural])) {
if (is_array($trans)) {
if (isset($trans[$plurals])) {
$trans = $trans[$plurals];
} else {
trigger_error(sprintf('Missing plural form translation for "%s" in "%s" domain, "%s" locale. ' . ' Check your po file for correct plurals and valid Plural-Forms header.', $singular, $domain, $_this->_lang), E_USER_WARNING);
$trans = $trans[0];
}
}
if (strlen($trans)) {
return $trans;
}
}
}
if (!empty($plurals)) {
return $plural;
}
return $singular;
}
/**
* Gets current User's ID.
*
* @return int User ID, zero if not found
*/
protected function _getUserId()
{
$callable = $this->config('idCallable');
$id = 0;
if (is_string($callable)) {
$session = Session::create();
$id = $session->read($callable);
} elseif (is_callable($callable)) {
$id = $callable();
}
return (int) $id;
}
/**
* Tests instantiating a missing engine
*
* @expectedException \InvalidArgumentException
* @expectedExceptionMessage The class "Derp" does not exist and cannot be used as a session engine
* @return void
*/
public function testBadEngine()
{
$session = new Session();
$session->engine('Derp');
}
/**
* testSetLanguageWithSession method
*
* @return void
*/
public function testSetLanguageWithSession()
{
Session::start();
Session::write('Config.language', 'po');
$singular = $this->_singular();
$this->assertEquals('Po (translated)', $singular);
$plurals = $this->_plural();
$this->assertTrue(in_array('0 everything else (po translated)', $plurals));
$this->assertTrue(in_array('1 is 1 (po translated)', $plurals));
$this->assertTrue(in_array('2 is 2-4 (po translated)', $plurals));
$this->assertTrue(in_array('3 is 2-4 (po translated)', $plurals));
$this->assertTrue(in_array('4 is 2-4 (po translated)', $plurals));
$this->assertTrue(in_array('5 everything else (po translated)', $plurals));
$this->assertTrue(in_array('6 everything else (po translated)', $plurals));
$this->assertTrue(in_array('7 everything else (po translated)', $plurals));
$this->assertTrue(in_array('8 everything else (po translated)', $plurals));
$this->assertTrue(in_array('9 everything else (po translated)', $plurals));
$this->assertTrue(in_array('10 everything else (po translated)', $plurals));
$this->assertTrue(in_array('11 everything else (po translated)', $plurals));
$this->assertTrue(in_array('12 everything else (po translated)', $plurals));
$this->assertTrue(in_array('13 everything else (po translated)', $plurals));
$this->assertTrue(in_array('14 everything else (po translated)', $plurals));
$this->assertTrue(in_array('15 everything else (po translated)', $plurals));
$this->assertTrue(in_array('16 everything else (po translated)', $plurals));
$this->assertTrue(in_array('17 everything else (po translated)', $plurals));
$this->assertTrue(in_array('18 everything else (po translated)', $plurals));
$this->assertTrue(in_array('19 everything else (po translated)', $plurals));
$this->assertTrue(in_array('20 everything else (po translated)', $plurals));
$this->assertTrue(in_array('21 everything else (po translated)', $plurals));
$this->assertTrue(in_array('22 everything else (po translated)', $plurals));
$this->assertTrue(in_array('23 everything else (po translated)', $plurals));
$this->assertTrue(in_array('24 everything else (po translated)', $plurals));
$this->assertTrue(in_array('25 everything else (po translated)', $plurals));
Session::delete('Config.language');
}
/**
* Wrapper method to create a new request from PHP superglobals.
*
* Uses the $_GET, $_POST, $_FILES, $_COOKIE, $_SERVER, $_ENV and php://input data to construct
* the request.
*
* @return \Cake\Network\Request
*/
public static function createFromGlobals()
{
list($base, $webroot) = static::_base();
$sessionConfig = (array) Configure::read('Session') + ['defaults' => 'php', 'cookiePath' => $webroot];
$config = ['query' => $_GET, 'post' => $_POST, 'files' => $_FILES, 'cookies' => $_COOKIE, 'environment' => $_SERVER + $_ENV, 'base' => $base, 'webroot' => $webroot, 'session' => Session::create($sessionConfig)];
$config['url'] = static::_url($config);
return new static($config);
}
/**
* testSessionId method
*
* @return void
*/
public function testSessionId()
{
unset($_SESSION);
$Session = new SessionComponent($this->ComponentRegistry);
Session::start();
$this->assertEquals(session_id(), $Session->id());
}
/**
* Returns a bool, whether or not the session has been started.
*
* @return bool
*/
public function started()
{
return Session::started();
}
/**
* Returns a bool, whether or not the session has been started.
*
* @return bool
*/
public function started()
{
return $this->_session->started();
}
/**
* testStatelessAuthNoSessionStart method
*
* @return void
*/
public function testStatelessAuthNoSessionStart()
{
if (Session::id()) {
session_destroy();
Session::$id = null;
}
$event = new Event('Controller.startup', $this->Controller);
AuthComponent::$sessionKey = false;
$this->Auth->config('authenticate', ['Basic' => array('userModel' => 'AuthUsers')]);
$this->Controller->request['action'] = 'admin_add';
$this->Controller->request->env('PHP_AUTH_USER', 'mariano');
$this->Controller->request->env('PHP_AUTH_PW', 'cake');
$result = $this->Auth->startup($event);
$this->assertNull($result);
$this->assertNull(Session::id());
}
/**
* Get / Set the user agent
*
* @param string $userAgent Set the user agent
* @return string Current user agent
*/
public static function userAgent($userAgent = null)
{
if ($userAgent) {
static::$_userAgent = $userAgent;
}
if (empty(static::$_userAgent)) {
Session::init(static::$path);
}
return static::$_userAgent;
}
/**
* Used to check is a session is valid in a view
*
* @return bool
* @link http://book.cakephp.org/2.0/en/core-libraries/helpers/session.html#SessionHelper::valid
*/
public function valid()
{
return Session::valid();
}