protected function __construct() { $encrypt = \Config::getConfig()->get('encrypt', FALSE); if ($encrypt) { $this->crypto = Crypto::getInstance(); } $config = \Config::factory(\Config::getConfig()->get('cookie', array()), FALSE, 'cookie'); $this->expire = $config->get('expire', 0); $this->path = $config->get('path', '/'); $this->domain = $config->get('domain', ''); $this->secure = $config->get('secure', FALSE); $this->httponly = $config->get('httponly', FALSE); }
protected function setSessionHandler() { $encrypt = \Config::getConfig()->get('encrypt', FALSE); $db = \Database::getInstance(); $crypto = NULL; if ($encrypt) { $crypto = Crypto::getInstance(); } session_set_save_handler(function ($path, $name) { return TRUE; }, function () { return TRUE; }, function ($id) use($db, $encrypt, $crypto) { $stm = $db->prepare('SELECT data FROM sessions WHERE id=? LIMIT 1'); $stm->bindValue(1, $id, \PDO::PARAM_STR); if (!$stm->execute()) { $err = $stm->errorInfo(); Log::error($err[2]); return FALSE; } $ret = $stm->fetch(\PDO::FETCH_ASSOC); if (FALSE !== $ret) { return $encrypt ? $crypto->decrypt($ret['data']) : $ret['data']; } return ''; }, function ($id, $data) use($db, $encrypt, $crypto) { $stm = $db->prepare('SELECT COUNT(id) as count FROM sessions WHERE id=?'); $stm->bindValue(1, $id, \PDO::PARAM_STR); if (!$stm->execute()) { $err = $stm->errorInfo(); Log::error($err[2]); return FALSE; } $ret = $stm->fetch(\PDO::FETCH_ASSOC); $query = 'INSERT INTO sessions (data,expiry,id) VALUES(?,?,?)'; if ($ret['count'] > 0) { $query = 'UPDATE sessions SET data=?, expiry=? WHERE id=?'; } $data = $encrypt ? $crypto->encrypt($data) : $data; $stm = $db->prepare($query); $stm->bindValue(1, $data, \PDO::PARAM_STR); $stm->bindValue(2, intval(gmdate('U')), \PDO::PARAM_INT); $stm->bindValue(3, $id, \PDO::PARAM_STR); if (!$stm->execute()) { $err = $stm->errorInfo(); Log::error($err[2]); return FALSE; } return TRUE; }, function ($id) use($db) { $stm = $db->prepare('DELETE FROM session WHERE id=?'); $stm->bindValue(1, $id, \PDO::PARAM_STR); if (!$stm->execute()) { Log::error($stm->errorInfo()); return FALSE; } return TRUE; }, function ($maxtime) use($db) { $stm = $db->prepare('DELETE FROM session where expiry < ?'); $stm->bindValue(1, intval(gmdate('U') - $maxtime), \PDO::PARAM_INT); if (!$stm->execute()) { Log::error($stm->errorInfo()); return FALSE; } return TRUE; }); }