/** * Listener method of the Enlight_Controller_Front_DispatchLoopShutdown event. * If the request is from a Bot, discard the session * * @param \Enlight_Event_EventArgs $args */ public function onDispatchLoopShutdown(\Enlight_Event_EventArgs $args) { $container = Shopware()->Container(); if ($container->initialized('session') && $container->get('session')->Bot && PHP_SAPI !== 'cli') { Enlight_Components_Session::destroy(); } }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); if (!isset($options['cookie_path']) && $this->request !== null) { $options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/'; } if (empty($options['gc_maxlifetime'])) { $backendTimeout = $this->Config()->get('backendTimeout', 60 * 90); $options['gc_maxlifetime'] = $backendTimeout; } $refererCheck = false; $clientCheck = false; if(is_bool($options['referer_check'])) { $refererCheck = $options['referer_check']; unset($options['referer_check']); } if(!empty($options['client_check'])) { $clientCheck = true; } unset($options['client_check']); Enlight_Components_Session::start($options); $referer = $this->request->getHeader('referer'); if($refererCheck && $referer !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if(!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } $client = $this->request->getHeader('userAgent'); if($clientCheck && $client !== null) { if(!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); $refererCheck = (bool) $options['referer_check']; $clientCheck = (bool) $options['client_check']; $options = $this->prepareSessionOptions($options); if (!isset($options['save_handler']) || $options['save_handler'] == 'db') { $config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry', 'lifetime' => $options['gc_maxlifetime'] ?: PHP_INT_MAX); Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)); } Enlight_Components_Session::start($options); if (!$this->isBackendHomepage() && $refererCheck && $this->shouldAuth() && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if (!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) { if (!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }
/** * Initiate shopware auth resource * database adapter by default * * @param Enlight_Event_EventArgs $args * @throws Exception * @return null|\Zend_Auth */ public function onInitResourceBackendSession(Enlight_Event_EventArgs $args) { $options = $this->Application()->getOption('backendSession', array()); if (!isset($options['cookie_path']) && $this->request !== null) { $options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/'; } if (empty($options['gc_maxlifetime'])) { $backendTimeout = $this->Config()->get('backendTimeout', 60 * 90); $options['gc_maxlifetime'] = $backendTimeout; } $refererCheck = false; $clientCheck = false; if (is_bool($options['referer_check'])) { $refererCheck = $options['referer_check']; unset($options['referer_check']); } if (!empty($options['client_check'])) { $clientCheck = true; } unset($options['client_check']); if (!isset($options['save_handler']) || $options['save_handler'] == 'db') { // SW-4819 Add database backend support $config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry'); Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler)); } Enlight_Components_Session::start($options); if ($refererCheck && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) { $referer = substr($referer, 0, strpos($referer, '/backend/')); $referer .= '/backend/'; if (!isset($_SESSION['__SW_REFERER'])) { $_SESSION['__SW_REFERER'] = $referer; } elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) { Enlight_Components_Session::destroy(); throw new Exception('Referer check for backend session failed'); } } if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) { if (!isset($_SESSION['__SW_CLIENT'])) { $_SESSION['__SW_CLIENT'] = $client; } elseif ($client !== $_SESSION['__SW_CLIENT']) { Enlight_Components_Session::destroy(); throw new Exception('Client check for backend session failed'); } } return new Enlight_Components_Session_Namespace('ShopwareBackend'); }