/**
* Listener method of the Enlight_Controller_Front_DispatchLoopShutdown event.
* If the request is from a Bot, discard the session
*
* @param \Enlight_Event_EventArgs $args
*/
public function onDispatchLoopShutdown(\Enlight_Event_EventArgs $args)
{
$container = Shopware()->Container();
if ($container->initialized('session') && $container->get('session')->Bot && PHP_SAPI !== 'cli') {
Enlight_Components_Session::destroy();
}
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
if (!isset($options['cookie_path']) && $this->request !== null) {
$options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/';
}
if (empty($options['gc_maxlifetime'])) {
$backendTimeout = $this->Config()->get('backendTimeout', 60 * 90);
$options['gc_maxlifetime'] = $backendTimeout;
}
$refererCheck = false; $clientCheck = false;
if(is_bool($options['referer_check'])) {
$refererCheck = $options['referer_check'];
unset($options['referer_check']);
}
if(!empty($options['client_check'])) {
$clientCheck = true;
}
unset($options['client_check']);
Enlight_Components_Session::start($options);
$referer = $this->request->getHeader('referer');
if($refererCheck && $referer !== null
&& strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if(!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
$client = $this->request->getHeader('userAgent');
if($clientCheck && $client !== null) {
if(!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
$refererCheck = (bool) $options['referer_check'];
$clientCheck = (bool) $options['client_check'];
$options = $this->prepareSessionOptions($options);
if (!isset($options['save_handler']) || $options['save_handler'] == 'db') {
$config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry', 'lifetime' => $options['gc_maxlifetime'] ?: PHP_INT_MAX);
Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler));
}
Enlight_Components_Session::start($options);
if (!$this->isBackendHomepage() && $refererCheck && $this->shouldAuth() && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if (!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) {
if (!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
/**
* Initiate shopware auth resource
* database adapter by default
*
* @param Enlight_Event_EventArgs $args
* @throws Exception
* @return null|\Zend_Auth
*/
public function onInitResourceBackendSession(Enlight_Event_EventArgs $args)
{
$options = $this->Application()->getOption('backendSession', array());
if (!isset($options['cookie_path']) && $this->request !== null) {
$options['cookie_path'] = rtrim($this->request->getBaseUrl(), '/') . '/backend/';
}
if (empty($options['gc_maxlifetime'])) {
$backendTimeout = $this->Config()->get('backendTimeout', 60 * 90);
$options['gc_maxlifetime'] = $backendTimeout;
}
$refererCheck = false;
$clientCheck = false;
if (is_bool($options['referer_check'])) {
$refererCheck = $options['referer_check'];
unset($options['referer_check']);
}
if (!empty($options['client_check'])) {
$clientCheck = true;
}
unset($options['client_check']);
if (!isset($options['save_handler']) || $options['save_handler'] == 'db') {
// SW-4819 Add database backend support
$config_save_handler = array('name' => 's_core_sessions_backend', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'expiry');
Enlight_Components_Session::setSaveHandler(new Enlight_Components_Session_SaveHandler_DbTable($config_save_handler));
}
Enlight_Components_Session::start($options);
if ($refererCheck && ($referer = $this->request->getHeader('referer')) !== null && strpos($referer, 'http') === 0) {
$referer = substr($referer, 0, strpos($referer, '/backend/'));
$referer .= '/backend/';
if (!isset($_SESSION['__SW_REFERER'])) {
$_SESSION['__SW_REFERER'] = $referer;
} elseif (strpos($referer, $_SESSION['__SW_REFERER']) !== 0) {
Enlight_Components_Session::destroy();
throw new Exception('Referer check for backend session failed');
}
}
if ($clientCheck && ($client = $this->request->getHeader('userAgent')) !== null) {
if (!isset($_SESSION['__SW_CLIENT'])) {
$_SESSION['__SW_CLIENT'] = $client;
} elseif ($client !== $_SESSION['__SW_CLIENT']) {
Enlight_Components_Session::destroy();
throw new Exception('Client check for backend session failed');
}
}
return new Enlight_Components_Session_Namespace('ShopwareBackend');
}
