/** * Create a new session and copy variables from the old one * * @return boolean $result true on success * * @since 11.1 */ public function fork() { if ($this->_state !== 'active') { return false; } // Keep the old values $values = $_SESSION; $trans = ini_get('session.use_trans_sid'); if ($trans) { ini_set('session.use_trans_sid', 0); } $cookie = session_get_cookie_params(); // Generate a new ID session_regenerate_id(true); $id = session_id(); $data = $this->_store->read($this->getId()); // Kill the session session_destroy(); // Re-register the session store after a session has been destroyed, to avoid PHP bug $this->_store->register(); // Restore config ini_set('session.use_trans_sid', $trans); session_set_cookie_params($cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure']); // Restart session with new id session_id($id); session_start(); $_SESSION = $values; // Now put the session data back $this->_store->write($id, $data); }
/** * Constructor * * @param string $store The type of storage for the session. * @param array $options Optional parameters * * @since 11.1 */ public function __construct($store = 'none', $options = array()) { // Need to destroy any existing sessions started with session.auto_start if (session_id()) { session_unset(); session_destroy(); } // Set default sessios save handler ini_set('session.save_handler', 'files'); // Disable transparent sid support ini_set('session.use_trans_sid', '0'); if ($store == 'database') { if (ini_get('session.gc_probability') < 1) { ini_set('session.gc_probability', 1); } if (ini_get('session.gc_divisor') < 1) { ini_set('session.gc_divisor', 100); } } // Create handler $this->_store = JSessionStorage::getInstance($store, $options); // Set options $this->_setOptions($options); /* BEGIN: HUBzero Extension to pass session id in query string when cookie not available */ /* This is used, in particular, to allow QuickTime plugin in Safari on the Mac */ /* to view private mp4. QuickTime does not pass the browser's cookies to the site */ if (!isset($_COOKIE[session_name()]) && isset($_GET['PHPSESSID'])) { if (strlen($_GET['PHPSESSID']) == 32 && ctype_alnum($_GET['PHPSESSID'])) { if ($this->_store->read($_GET['PHPSESSID']) != '') { session_id($_GET['PHPSESSID']); } } } /* END: HUBzero Extension to pass session id in query string when cookie not available */ $this->_setCookieParams(); // Load the session $this->_start(); // Initialise the session $this->_setCounter(); $this->_setTimers(); $this->_state = 'active'; // Perform security checks $this->_validate(); }