/** * Listener method of the Enlight_Controller_Front_DispatchLoopShutdown event. * If the request is from a Bot, discard the session * * @param \Enlight_Event_EventArgs $args */ public function onDispatchLoopShutdown(\Enlight_Event_EventArgs $args) { $container = Shopware()->Container(); if ($container->initialized('session') && $container->get('session')->Bot && PHP_SAPI !== 'cli') { Enlight_Components_Session::destroy(); } }
/** * @return Enlight_Components_Session_Namespace */ public function initSession() { $configSession = array_merge(array('name' => 'ENLIGHTSID', 'cookie_lifetime' => 0, 'use_trans_sid' => 0, 'gc_probability' => 1), (array) $this->Application()->getOption('session')); Enlight_Components_Session::start($configSession); $this->registerResource('SessionId', Enlight_Components_Session::getId()); $namespace = new Enlight_Components_Session_Namespace('Default'); return $namespace; }
/** * Starts the redis connection. * @param Container $container * @return \Enlight_Components_Session_Namespace */ public function factory(Container $container) { $sessionOptions = Shopware()->getOption('session', []); if (@$sessionOptions['save_handler'] === 'redis') { $redisOptions = array_merge(['exceptions' => true, 'prefix' => 'session:'], Shopware()->getOption('sessionredis', [])); $client = new PredisClient($redisOptions); \Enlight_Components_Session::setSaveHandler(new SaveHandler($client)); } // if return parent::factory($container); }
/** * Set some properties only available at runtime */ public function __construct() { parent::__construct(); // Add conditions to user queries foreach ($this->conditions as $condition) { $this->addCondition($condition); } $this->setSessionId(Enlight_Components_Session::getId()); }
/** * @param Enlight_Controller_Request_Request $request */ public function refreshBasket($request) { $currentController = $request->getParam('requestController', $request->getControllerName()); $sessionId = (string) Enlight_Components_Session::getId(); if (!empty($currentController) && !empty($sessionId)) { $userId = (int) Shopware()->Session()->sUserId; $userAgent = (string) $request->getServer("HTTP_USER_AGENT"); $sql = "\n UPDATE s_order_basket\n SET lastviewport = ?,\n useragent = ?,\n userID = ?\n WHERE sessionID=?\n "; Shopware()->Db()->query($sql, array($currentController, $userAgent, $userId, $sessionId)); } }
/** * authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to * attempt an authentication. Previous to this call, this adapter would have already * been configured with all necessary information to successfully connect to a database * table and attempt to find a record matching the provided identity. * * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible * @return Zend_Auth_Result */ public function authenticate() { $result = parent::authenticate(); $select = $this->_zendDb->select(); $select->from($this->_tableName); $select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity); $user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ); if ($result->isValid()) { // Check if user role is active $sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?'; if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array()); } Enlight_Components_Session::regenerateId(); // close and restart session to make sure the db session handler writes updates. session_write_close(); session_start(); $this->setSessionId(Enlight_Components_Session::getId()); $this->updateExpiry(); $this->updateSessionId(); //reset failed login count $this->setFailedLogins(0); } else { // If more then 4 previous failed logins lock account for n * failedlogins seconds if ($user->failedlogins >= 4) { $lockedUntil = new Zend_Date(); $lockedUntil->addSecond($this->lockSeconds * $user->failedlogins); $this->setLockedUntil($lockedUntil); } // Increase number of failed logins $this->setFailedLogins($user->failedlogins + 1); if (isset($lockedUntil)) { return new Zend_Auth_Result(-4, $this->_identity, array('lockedUntil' => $lockedUntil)); } } return $result; }
/** * Init session method * * @return Enlight_Components_Session_Namespace */ protected function initSession() { $sessionOptions = $this->Application()->getOption('session', array()); if (!empty($sessionOptions['unitTestEnabled'])) { Enlight_Components_Session::$_unitTestEnabled = true; } unset($sessionOptions['unitTestEnabled']); if (Enlight_Components_Session::isStarted()) { Enlight_Components_Session::writeClose(); } /** @var $shop \Shopware\Models\Shop\Shop */ $shop = $this->getResource('Shop'); $name = 'session-' . $shop->getId(); //$path = rtrim($shop->getBasePath(), '/') . '/'; //$host = $shop->getHost(); //$host = $host === 'localhost' ? null : $host; $sessionOptions['name'] = $name; //$sessionOptions['cookie_path'] = $path; //$sessionOptions['cookie_domain'] = $host; if (!isset($sessionOptions['save_handler']) || $sessionOptions['save_handler'] == 'db') { $config_save_handler = array( 'db' => $this->getResource('Db'), 'name' => 's_core_sessions', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry' ); Enlight_Components_Session::setSaveHandler( new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler) ); unset($sessionOptions['save_handler']); } Enlight_Components_Session::start($sessionOptions); $this->registerResource('SessionID', Enlight_Components_Session::getId()); $namespace = new Enlight_Components_Session_Namespace('Shopware'); return $namespace; }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); if (!isset($options['cookie_path']) && $this->request !== null) { $options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/'; } if (empty($options['gc_maxlifetime'])) { $backendTimeout = $this->Config()->get('backendTimeout', 60 * 90); $options['gc_maxlifetime'] = $backendTimeout; } $refererCheck = false; $clientCheck = false; if(is_bool($options['referer_check'])) { $refererCheck = $options['referer_check']; unset($options['referer_check']); } if(!empty($options['client_check'])) { $clientCheck = true; } unset($options['client_check']); Enlight_Components_Session::start($options); $referer = $this->request->getHeader('referer'); if($refererCheck && $referer !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if(!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } $client = $this->request->getHeader('userAgent'); if($clientCheck && $client !== null) { if(!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }
/** * Loads current user's locale or, if none exists, the default fallback * * @return \Shopware\Models\Shop\Locale */ protected function getCurrentLocale() { $options = $this->Application()->getOption('backendSession', array()); $options = $this->prepareSessionOptions($options); Enlight_Components_Session::setOptions($options); if (Enlight_Components_Session::sessionExists()) { $auth = Shopware()->Auth(); if ($auth->hasIdentity()) { $user = $auth->getIdentity(); if (isset($user->locale)) { return $user->locale; } } } $default = $this->getDefaultLocale(); $locale = Shopware()->Models()->getRepository('Shopware\\Models\\Shop\\Locale')->find($default); return $locale; }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); if (!isset($options['cookie_path']) && $this->request !== null) { $options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/'; } if (empty($options['gc_maxlifetime'])) { $backendTimeout = $this->Config()->get('backendTimeout', 60 * 90); $options['gc_maxlifetime'] = $backendTimeout; } $refererCheck = false; $clientCheck = false; if (is_bool($options['referer_check'])) { $refererCheck = $options['referer_check']; unset($options['referer_check']); } if (!empty($options['client_check'])) { $clientCheck = true; } unset($options['client_check']); if (!isset($options['save_handler']) || $options['save_handler'] == 'db') { // SW-4819 Add database backend support $config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry'); Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)); } Enlight_Components_Session::start($options); if ($refererCheck && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if (!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) { if (!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }
/** * @param Container $container * @return \Enlight_Components_Session_Namespace */ public function factory(Container $container) { $sessionOptions = Shopware()->getOption('session', array()); if (!empty($sessionOptions['unitTestEnabled'])) { \Enlight_Components_Session::$_unitTestEnabled = true; } unset($sessionOptions['unitTestEnabled']); if (\Enlight_Components_Session::isStarted()) { \Enlight_Components_Session::writeClose(); } /** @var $shop \Shopware\Models\Shop\Shop */ $shop = $container->get('Shop'); $name = 'session-' . $shop->getId(); $sessionOptions['name'] = $name; if (!isset($sessionOptions['save_handler']) || $sessionOptions['save_handler'] == 'db') { $config_save_handler = array('db' => $container->get('Db'), 'name' => 's_core_sessions', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry'); \Enlight_Components_Session::setSaveHandler(new \Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)); unset($sessionOptions['save_handler']); } \Enlight_Components_Session::start($sessionOptions); $container->set('SessionID', \Enlight_Components_Session::getId()); $namespace = new \Enlight_Components_Session_Namespace('Shopware'); $namespace->offsetSet('sessionId', \Enlight_Components_Session::getId()); return $namespace; }