/** * @return bool */ public static function start() { if (!self::$initialised) { session_cache_limiter(''); ini_set('session.use_cookies', 1); if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } self::$initialised = true; } if (session_status() === PHP_SESSION_DISABLED) { Exception::error(Lib\I18n::__('PHP sessions are disabled.')); } if (session_status() === PHP_SESSION_ACTIVE) { return true; } if (ini_get('session.use_cookies') && headers_sent($file, $line)) { Exception::error(Lib\I18n::__('Failed to start the session because headers have already been sent by "%s" at line %d.', $file, $line)); } if (!session_start()) { Exception::error(Lib\I18n::__('Failed to start the session.')); } self::$reference =& $_SESSION; return true; }
/** * Bootstrap the session. * * @param Config $config The session config */ public static function bootstrap(Config $config) { if (!$config->cookie_name) { $config->cookie_name = 'session_id'; } if (!$config->id_format) { $config->id_format = Handler::DEFAULT_ID_FORMAT; } // Create and set the session save handler static::$handler = new Handler($config); session_set_save_handler(static::$handler, true); // Set the session name session_name($config->cookie_name); // Set the cookie parameters $app = Application::instance(); $path = $app->config->base_uri ?: '/'; $domain = $app->config->domain ?: $_SERVER['HTTP_HOST']; $secure = $app->request->isSecure(); $lifetime = $config->lifetime ?: 2592000; session_set_cookie_params($lifetime, $path, $domain, $secure, true); // Start the session session_start(); // Register session_write_close() as a shutdown function session_register_shutdown(); }
/** * Constructor. * * @param SessionHandlerInterface $handler */ public function __construct(SessionHandlerInterface $handler) { ini_set('session.use_cookies', 1); session_cache_limiter(''); session_register_shutdown(); $this->proxy = new SaveHandlerProxy($handler); }
/** * Constructor * * @param KObjectConfig $config An optional ObjectConfig object with configuration options */ public function __construct(KObjectConfig $config) { parent::__construct($config); //Session write and close handlers are called after destructing objects since PHP 5.0.5. if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } //Only configure the session if it's not active yet if (!$this->isActive()) { //Set the session options $this->setOptions($config->options); //Set the session name if (!empty($config->name)) { $this->setName($config->name); } //Set the session identifier if (!empty($config->id)) { $this->setId($config->id); } //Set the session handler $this->setHandler($config->handler, KObjectConfig::unbox($config)); } //Set the session namespace $this->setNamespace($config->namespace); //Set lifetime time $this->getContainer('metadata')->setLifetime($config->lifetime); }
/** * Constructor. * * @throws Session\SessionException */ protected function init() { $config = self::getConfig(); // validate that headers have not already been sent if (headers_sent()) { throw new SessionException('Unable to register session handler because headers have already been sent.'); } // remove any shut down functions session_register_shutdown(); // get the driver $saveHandler = $config->get('Storage.Driver', '\\Webiny\\Component\\Http\\Session\\Storage\\NativeStorage'); try { // try to create driver instance $saveHandler = new $saveHandler($config); // register driver as session handler session_set_save_handler($saveHandler, false); // start the session if (session_status() == PHP_SESSION_NONE) { session_start(); } // get session id $this->sessionId = session_id(); // save current session locally $this->sessionBag = $this->arr($_SESSION); } catch (\Exception $e) { throw new SessionException($e->getMessage()); } }
public function __invoke(Request $req, Response $res, callable $next) { $config = $this->app['config']; if (!$config->get('sessions.enabled') || $req->isApi()) { return $next($req, $res); } $lifetime = $config->get('sessions.lifetime'); $hostname = $config->get('app.hostname'); ini_set('session.use_trans_sid', false); ini_set('session.use_only_cookies', true); ini_set('url_rewriter.tags', ''); ini_set('session.gc_maxlifetime', $lifetime); // set the session name $defaultSessionTitle = $config->get('app.title') . '-' . $hostname; $sessionTitle = $config->get('sessions.name', $defaultSessionTitle); $safeSessionTitle = str_replace(['.', ' ', "'", '"'], ['', '_', '', ''], $sessionTitle); session_name($safeSessionTitle); // set the session cookie parameters session_set_cookie_params($lifetime, '/', '.' . $hostname, $req->isSecure(), true); // register session_write_close as a shutdown function session_register_shutdown(); // install any custom session handlers $class = $config->get('sessions.driver'); if ($class) { $handler = new $class($this->app); $handler::registerHandler($handler); } session_start(); // fix the session cookie Utility::setCookieFixDomain(session_name(), session_id(), time() + $lifetime, '/', $hostname, $req->isSecure(), true); // make the newly started session in our request $req->setSession($_SESSION); return $next($req, $res); }
/** * @param \SessionHandlerInterface $handler * @param string $namespace */ public function __construct(\SessionHandlerInterface $handler = null, $namespace = '__SLOTHS__') { if ($handler) { session_set_save_handler($handler); } session_register_shutdown(); $this->namespace = $namespace; }
/** * Initialize the Session * * @param \SessionHandlerInterface $handler The session handler */ public function __construct(SessionHandlerInterface $handler = null, array $options = []) { session_register_shutdown(); $this->setOptions($options); if (!$this->handler) { $this->handler = $handler ?: new NativeHandler(); session_set_save_handler($this->handler, false); } }
/** * Start a session * * @param array $config */ public static function start(array $config = array()) { $default_config = array('use_cookies' => 1, 'name' => 'WT_SESSION', 'cookie_lifetime' => 0, 'gc_maxlifetime' => 7200, 'gc_probability' => 1, 'gc_divisor' => 100, 'cookie_path' => '', 'cookie_httponly' => true); session_register_shutdown(); foreach ($config + $default_config as $key => $value) { ini_set('session.' . $key, $value); } session_start(); }
/** * Constructor * * @param \SessionHandlerInterface $handler Session save handler * @param array $options Session options * * @since 1.0 */ public function __construct(\SessionHandlerInterface $handler = null, array $options = array()) { // Disable transparent sid support ini_set('session.use_trans_sid', '0'); ini_set('session.use_cookies', 1); session_cache_limiter('none'); session_register_shutdown(); $this->setOptions($options); $this->setHandler($handler); }
/** * initialize storage mechanism, set save handler */ public function __construct() { ini_set('session.use_cookies', 1); if (PHP_VERSION_ID >= 50400) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } $this->sessionDataBag = new SessionDataBag(); $this->setSaveHandler(); }
/** * Construct * * @param array $options * @param \SessionHandlerInterface $saveHandler */ public function __construct(array $options = array(), \SessionHandlerInterface $saveHandler = null) { session_cache_limiter(''); ini_set('session.use_cookies', 1); ini_set('session.cookie_lifetime', 0); $this->setOptions($options); if ($saveHandler !== null) { $this->setSaveHandler($saveHandler); } session_register_shutdown(); }
public function open($savePath, $sessionName) { if (function_exists('session_register_shutdown')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } /* Nothing to do here. */ debug('session open'); return true; }
/** * Инициализация модуля * */ public function Init() { $this->bUseStandardSession = Config::Get('sys.session.standart'); // * Стартуем сессию $this->Start(); if (!$this->GetCookie('visitor_id')) { $this->SetCookie('visitor_id', F::RandomStr()); } if (PHP_VERSION_ID >= 50400) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } }
/** * Constructor. * * Depending on how you want the storage driver to behave you probably * want to override this constructor entirely. * * List of options for $options array with their defaults. * @see http://php.net/session.configuration for options * but we omit 'session.' from the beginning of the keys for convenience. * * ("auto_start", is not supported as it tells PHP to start a session before * PHP starts to execute user-land code. Setting during runtime has no effect). * * cache_limiter, "nocache" (use "0" to prevent headers from being sent entirely). * cookie_domain, "" * cookie_httponly, "" * cookie_lifetime, "0" * cookie_path, "/" * cookie_secure, "" * entropy_file, "" * entropy_length, "0" * gc_divisor, "100" * gc_maxlifetime, "1440" * gc_probability, "1" * hash_bits_per_character, "4" * hash_function, "0" * name, "PHPSESSID" * referer_check, "" * serialize_handler, "php" * use_cookies, "1" * use_only_cookies, "1" * use_trans_sid, "0" * upload_progress.enabled, "1" * upload_progress.cleanup, "1" * upload_progress.prefix, "upload_progress_" * upload_progress.name, "PHP_SESSION_UPLOAD_PROGRESS" * upload_progress.freq, "1%" * upload_progress.min-freq, "1" * url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset=" * * @param array $options Session configuration options. * @param AbstractProxy|NativeSessionHandler|\SessionHandlerInterface|null $handler * @param MetadataBag $metaBag MetadataBag. */ public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null) { session_cache_limiter(''); // disable by default because it's managed by HeaderBag (if used) ini_set('session.use_cookies', 1); if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } $this->setMetadataBag($metaBag); $this->setOptions($options); $this->setSaveHandler($handler); }
public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null) { ini_set('session.auto_start', 0); ini_set('session.cache_limiter', ''); ini_set('session.use_cookies', 1); if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } $this->setMetadataBag($metaBag); $this->setOptions($options); $this->setSaveHandler($handler); }
/** * SessionStorage constructor. */ public function __construct(SessionMetaBottle $metaBottle = null) { ini_set('session.use_cookies', 1); if (PHP_VERSION_ID >= 50400) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } if (null === $metaBottle) { $metaBottle = new SessionMetaBottle(); } $this->metadataBag = $metaBottle; $this->handler = new PHPSessionHandler(); $this->isStart = true; }
public function __construct() { $this->params = session_get_cookie_params(); $this->params["secure"] = true; $this->params['httponly'] = true; // unsecure version of cookies. // $this->params["secure"] = false; // $this->params['httponly'] = false; // session register shutdown will call session_write_close when a die or exit is called. session_register_shutdown(); session_set_cookie_params($this->RESTART_TIMER, $this->params["path"], $this->params["domain"], $this->params["secure"], $this->params["httponly"]); $this->constructDefaults($this->RESTART_TIMER); $this->sessionRegenerator(); if (!isset($_SESSION['csrf_token'])) { $this->setCSRFToken(); } }
/** * Starts the session. * * @return bool True if started. * * @throws \RuntimeException If something goes wrong starting the session. */ public function start() { /* * Write and Close handlers are called after destructing objects since PHP 5.0.5. * Thus destructors can use sessions but session handler can't use objects. * So we are moving session closure before destructing objects. */ if (version_compare(PHP_VERSION, '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } session_cache_limiter('none'); if (!session_start()) { throw new \RuntimeException('Failed to start the session'); } $this->started = true; return true; }
/** * __construct * @param object $storage * @param array $options */ public function __construct($storage = null, array $options = array()) { // Set options $this->options = array_merge(array('meta' => true, 'name' => null, 'lifetime' => 0, 'path' => '/', 'domain' => null, 'secure' => true, 'httponly' => false), $options); session_set_cookie_params($this->options['lifetime'], $this->options['path'], $this->options['domain'], $this->options['secure'], $this->options['httponly']); // Disable transparent sid support ini_set('session.use_trans_sid', '0'); // Only allow the session ID to come from cookies and nothing else. ini_set('session.use_only_cookies', '1'); // Better entropy source ini_set('session.entropy_file', "/dev/urandom"); // Custom save handler $this->handler($storage); // http://www.php.net/manual/en/function.session-register-shutdown.php if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function(array($this, 'close')); } }
/** * Configures the session */ protected function configureSession() { if (session_status() == PHP_SESSION_NONE) { // Configure the php.ini session settings ini_set('session.name', self::SESSION_NAME); ini_set('session.use_trans_sid', 0); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); // Session GC ini_set('session.gc_maxlifetime', $this->expireTime); ini_set('session.gc_probability', $this->gcProbability); ini_set('session.gc_divisor', 100); // Set our own session handling methods ini_set('session.save_handler', 'user'); session_set_save_handler($this, true); session_register_shutdown(); // Start the session and secure it $this->startSession(); } }
/** * Starts the session * * @return boolean True if started * * @since 3.5 * @throws RuntimeException If something goes wrong starting the session. */ public function start() { if ($this->isStarted()) { return true; } /** * Write and Close handlers are called after destructing objects since PHP 5.0.5. * Thus destructors can use sessions but session handler can't use objects. * So we are moving session closure before destructing objects. */ if (version_compare(PHP_VERSION, '5.4', 'ge')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } // Disable the cache limiter session_cache_limiter('none'); /* * Extended checks to determine if the session has already been started */ // If running PHP 5.4, try to use the native API if (version_compare(PHP_VERSION, '5.4', 'ge') && PHP_SESSION_ACTIVE === session_status()) { throw new RuntimeException('Failed to start the session: already started by PHP.'); } // Fallback check for PHP 5.3 if (version_compare(PHP_VERSION, '5.4', 'lt') && !$this->closed && isset($_SESSION) && $this->getId()) { throw new RuntimeException('Failed to start the session: already started by PHP ($_SESSION is set).'); } // If we are using cookies (default true) and headers have already been started (early output), if (ini_get('session.use_cookies') && headers_sent($file, $line)) { throw new RuntimeException(sprintf('Failed to start the session because headers have already been sent by "%s" at line %d.', $file, $line)); } // Ok to try and start the session if (!session_start()) { throw new RuntimeException('Failed to start the session'); } return true; }
function __construct() { session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc')); session_register_shutdown(); $this->db = $db_manager = new DbSessionManager(); }
* @param string $domain * @return string */ function _m($message, $domain = 'default') { global $i18n; return $i18n->translateModule($message, $domain); } /** * Plural version of _m() * * @param string $singular * @param string $plural * @param string $count * @param null|string $domain * @return string */ function _mp($singular, $plural, $count, $domain = 'default') { global $i18n; return $i18n->translateModulePlural($singular, $plural, $count, $domain); } // Output buffering ob_start(); // Shutdown handlers register_shutdown_function(function () use($request, $response) { $response->setContent(App::view()->render()); $response->prepare($request)->send(); session_register_shutdown(); // This important! });
/** * Constructor. * * Depending on how you want the storage driver to behave you probably * want to override this constructor entirely. * * List of options for $options array with their defaults. * * @see http://php.net/session.configuration for options * but we omit 'session.' from the beginning of the keys for convenience. * * ("auto_start", is not supported as it tells PHP to start a session before * PHP starts to execute user-land code. Setting during runtime has no effect). * * cache_limiter, "" (use "0" to prevent headers from being sent entirely). * cookie_domain, "" * cookie_httponly, "" * cookie_lifetime, "0" * cookie_path, "/" * cookie_secure, "" * entropy_file, "" * entropy_length, "0" * gc_divisor, "100" * gc_maxlifetime, "1440" * gc_probability, "1" * hash_bits_per_character, "4" * hash_function, "0" * name, "PHPSESSID" * referer_check, "" * serialize_handler, "php" * use_cookies, "1" * use_only_cookies, "1" * use_trans_sid, "0" * upload_progress.enabled, "1" * upload_progress.cleanup, "1" * upload_progress.prefix, "upload_progress_" * upload_progress.name, "PHP_SESSION_UPLOAD_PROGRESS" * upload_progress.freq, "1%" * upload_progress.min-freq, "1" * url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset=" * * @param array $options Session configuration options. * @param AbstractProxy|NativeSessionHandler|\SessionHandlerInterface|null $handler * @param MetadataBag $metaBag MetadataBag. */ public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null) { session_cache_limiter(''); // disable by default because it's managed by HeaderBag (if used) ini_set('session.use_cookies', 1); session_register_shutdown(); $this->setMetadataBag($metaBag); $this->setOptions($options); $this->setSaveHandler($handler); }
/** * Constructor. * * Depending on how you want the storage driver to behave you probably * want top override this constructor entirely. * * List of options for $options array with their defaults. * @see http://php.net/session.configuration for options * but we omit 'session.' from the beginning of the keys for convenience. * * auto_start, "0" * cache_limiter, "nocache" (use "0" to prevent headers from being sent entirely). * cookie_domain, "" * cookie_httponly, "" * cookie_lifetime, "0" * cookie_path, "/" * cookie_secure, "" * entropy_file, "" * entropy_length, "0" * gc_divisor, "100" * gc_maxlifetime, "1440" * gc_probability, "1" * hash_bits_per_character, "4" * hash_function, "0" * name, "PHPSESSID" * referer_check, "" * serialize_handler, "php" * use_cookies, "1" * use_only_cookies, "1" * use_trans_sid, "0" * upload_progress.enabled, "1" * upload_progress.cleanup, "1" * upload_progress.prefix, "upload_progress_" * upload_progress.name, "PHP_SESSION_UPLOAD_PROGRESS" * upload_progress.freq, "1%" * upload_progress.min-freq, "1" * url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset=" * * @param array $options Session configuration options. * @param object $handler SessionHandlerInterface. * @param MetadataBag $handler MetadataBag. */ public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null) { // sensible defaults ini_set('session.auto_start', 0); // by default we prefer to explicitly start the session using the class. ini_set('session.cache_limiter', ''); // disable by default because it's managed by HeaderBag (if used) ini_set('session.use_cookies', 1); if (version_compare(phpversion(), '5.4.0', '>=')) { session_register_shutdown(); } else { register_shutdown_function('session_write_close'); } $this->setMetadataBag($metaBag); $this->setOptions($options); $this->setSaveHandler($handler); }
/** * Configure and start the session * * @return void */ public function sessionStart() { /** * Revisit this once basics are working * * grab session_id from https login form * * if ($xoops->getConfig('use_ssl') * && isset($_POST[$xoops->getConfig('sslpost_name')]) * && $_POST[$xoops->getConfig('sslpost_name')] != '' * ) { * session_id($_POST[$xoops->getConfig('sslpost_name')]); * } else { set session_name...} */ $name = $this->xoops->getConfig('session_name'); $name = empty($name) ? 'xoops_session' : $name; $expire = (int) $this->xoops->getConfig('session_expire'); $expire = $expire > 0 ? $expire : 300; $path = \XoopsBaseConfig::get('cookie-path'); $domain = \XoopsBaseConfig::get('cookie-domain'); $secure = $this->httpRequest->is('ssl'); session_name($name); session_cache_expire($expire); session_set_cookie_params(0, $path, $domain, $secure, true); $sessionHandler = new Handler(); session_set_save_handler($sessionHandler); session_register_shutdown(); session_start(); // if session is empty, make sure it isn't using a passed in id if (empty($_SESSION)) { $this->regenerateSession(); } // Make sure the session hasn't expired, and destroy it if it has if (!$this->validateSession()) { $this->clearSession(); return; } // Check to see if the session shows sign of hijacking attempt if (!$this->fingerprint->checkSessionPrint($this)) { $this->regenerateSession(); // session data already cleared, just needs new id return; } // establish valid user data in session, possibly clearing or adding from // RememberMe mechanism as needed $this->sessionUser->establish(); // Give a 5% chance of the session id changing on any authenticated request //if ($this->has('xoopsUserId') && (rand(1, 100) <= 5)) { if (rand(1, 100) <= 5) { $this->expireSession(); } }
public function stop() { session_unset(); session_destroy(); session_register_shutdown(); }
/** * Constructor. * * ### Configuration: * * - timeout: The time in minutes the session should be valid for. * - cookiePath: The url path for which session cookie is set. Maps to the * `session.cookie_path` php.ini config. Defaults to base path of app. * - ini: A list of php.ini directives to change before the session start. * - handler: An array containing at least the `class` key. To be used as the session * engine for persisting data. The rest of the keys in the array will be passed as * the configuration array for the engine. You can set the `class` key to an already * instantiated session handler object. * * @param array $config The Configuration to apply to this session object */ public function __construct(array $config = []) { if (isset($config['timeout'])) { $config['ini']['session.gc_maxlifetime'] = 60 * $config['timeout']; } if (!empty($config['cookie'])) { $config['ini']['session.name'] = $config['cookie']; } if (!isset($config['ini']['session.cookie_path'])) { $cookiePath = empty($config['cookiePath']) ? '/' : $config['cookiePath']; $config['ini']['session.cookie_path'] = $cookiePath; } if (!empty($config['ini']) && is_array($config['ini'])) { $this->options($config['ini']); } if (!empty($config['handler']['engine'])) { $class = $config['handler']['engine']; unset($config['handler']['engine']); session_set_save_handler($this->engine($class, $config['handler']), false); } $this->_lifetime = ini_get('session.gc_maxlifetime'); $this->_isCLI = PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg'; session_register_shutdown(); }
/** * Destructor. * @return void */ public final function __destruct() { session_register_shutdown(); }