/** * @param Container $pimple A container instance */ public function register(Container $pimple) { $pimple[SystemContainer::REQUEST] = function () { return Request::createFromGlobals(); }; $pimple[SystemContainer::SESSION] = function () { if ($this->mockSession) { $session = new Session(new MockArraySessionStorage()); } else { $session = new Session(); } $session->setName(sprintf('SID%s', mt_rand(1000, 9999))); $session->start(); return $session; }; $pimple[SystemContainer::TIME_PROVIDER] = function () { return new SystemTimeProvider(); }; $pimple[SystemContainer::EVENT_DISPATCHER] = function () { return new EventDispatcher(); }; $pimple[SystemContainer::LOGGER] = function () { return new NullLogger(); }; }
public static function start() { $app = Core::make('app'); if ($app->isRunThroughCommandLineInterface()) { $storage = new MockArraySessionStorage(); } else { if (Config::get('concrete.session.handler') == 'database') { $db = \Database::get(); $storage = new NativeSessionStorage(array(), new PdoSessionHandler($db->getWrappedConnection(), array('db_table' => 'Sessions', 'db_id_col' => 'sessionID', 'db_data_col' => 'sessionValue', 'db_time_col' => 'sessionTime'))); } else { //$storage = new NativeSessionStorage(array(), new NativeFileSessionHandler()); $storage = new NativeSessionStorage(array()); } $options = Config::get('concrete.session.cookie'); if ($options['cookie_path'] === false) { $options['cookie_path'] = $app['app_relative_path'] . '/'; } $options['gc_max_lifetime'] = Config::get('concrete.session.max_lifetime'); $storage->setOptions($options); } $session = new SymfonySession($storage); $session->setName(Config::get('concrete.session.name')); static::testSessionFixation($session); return $session; }
/** * Initialize the session. * * This is something you might want to override in your controller so you can * redirect to a page with a message about being logged out after detecting the session has expired. * * @var int $session_expiration Session Expiration in seconds */ protected function initializeSession($session_expiration = null) { /** * Setup the session with cookie expiration of one week. This will * allow the session to persist even if the browser window is closed. * The session expiration will still be respected (default 1 hour). */ $this->session = new Session(new \Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage(['cookie_lifetime' => 604800])); $this->config->load('config'); // Should session cookie be http only? Default true to reduce XSS attack vector. $session_cookie_httponly = (bool) $this->config->get('session_cookie_httponly', true); ini_set('session.cookie_httponly', $session_cookie_httponly); // We need a unique session name for this app. Let's use last 10 characters the file path's sha1 hash. try { $this->session->setName('TSAPP' . substr(sha1(__FILE__), -10)); $this->session->start(); // Default session expiration 1 hour. // Can be overridden in method param or by setting session_expiration in config.php $session_expiration = !empty($session_expiration) ? $session_expiration : $this->config->get('session_expiration', 3600); // Is this session too old? if (time() - $this->session->getMetadataBag()->getLastUsed() > $session_expiration) { $this->session->invalidate(); } } catch (\LogicException $e) { // Session already active, can't change it now! } }
private function startSession() { $session = new Session(); $session->setName('flarum_session'); $session->start(); if (!$session->has('csrf_token')) { $session->set('csrf_token', Str::random(40)); } return $session; }
/** * Create a new symfony session object * This method MUST NOT start the session * * @return \Symfony\Component\HttpFoundation\Session\Session */ public function createSession() { $config = $this->app['config']; $storage = $this->getSessionStorage($config); $session = new SymfonySession($storage); $session->setName($config->get('concrete.session.name')); /** * @todo Move this to somewhere else */ $this->request->setSession($session); return $session; }
/** * Make the session object. * * @return \Symfony\Component\HttpFoundation\Session\Session */ public function makeSession() { $session = new Session($this->dic->resolve('Symfony\\Component\\HttpFoundation\\Session\\Storage\\SessionStorageInterface'), $this->dic->resolve('Symfony\\Component\\HttpFoundation\\Session\\Attribute\\AttributeBagInterface'), $this->dic->resolve('Symfony\\Component\\HttpFoundation\\Session\\Flash\\FlashBagInterface')); $session->setName($this->config->get('session.cookie.name', 'autarky_session')); return $session; }
/** * \brief This is where the magic for * Authentication happens. */ function PostInitialize() { global $SysConf; /* if Site Minder enabled core-auth will be disabled*/ if (siteminder_check() != -1) { return 0; } if (!$this->session->isStarted()) { $this->session->setName('Login'); $this->session->start(); } if (array_key_exists('selectMemberGroup', $_POST)) { $selectedGroupId = intval($_POST['selectMemberGroup']); $this->userDao->setDefaultGroupMembership(intval($_SESSION[Auth::USER_ID]), $selectedGroupId); $_SESSION[Auth::GROUP_ID] = $selectedGroupId; $this->session->set(Auth::GROUP_ID, $selectedGroupId); $SysConf['auth'][Auth::GROUP_ID] = $selectedGroupId; } if (array_key_exists(Auth::USER_ID, $_SESSION)) { $SysConf['auth'][Auth::USER_ID] = $_SESSION[Auth::USER_ID]; } if (array_key_exists(Auth::GROUP_ID, $_SESSION)) { $SysConf['auth'][Auth::GROUP_ID] = $_SESSION[Auth::GROUP_ID]; } $Now = time(); if (!empty($_SESSION['time'])) { /* Logins older than 60 secs/min * 480 min = 8 hr are auto-logout */ if (@$_SESSION['time'] + 60 * 480 < $Now) { $this->updateSession(""); } } $_SESSION['time'] = $Now; if (empty($_SESSION['ip'])) { $_SESSION['ip'] = $this->getIP(); } else { if (@$_SESSION['checkip'] == 1 && @$_SESSION['ip'] != $this->getIP()) { /* Sessions are not transferable. */ $this->updateSession(""); $_SESSION['ip'] = $this->getIP(); } } if (@$_SESSION[Auth::USER_NAME]) { /* Recheck the user in case he is suddenly blocked or changed. */ if (empty($_SESSION['time_check'])) { $_SESSION['time_check'] = time() + 480 * 60; } if (time() >= @$_SESSION['time_check']) { $row = $this->userDao->getUserAndDefaultGroupByUserName(@$_SESSION[Auth::USER_NAME]); /* Check for instant logouts */ if (empty($row['user_pass'])) { $row = ""; } $this->updateSession($row); } } else { $this->updateSession(""); } /* Disable all plugins with >= level access */ plugin_disable($_SESSION[Auth::USER_LEVEL]); $this->State = PLUGIN_STATE_READY; }
<?php /* * This is just a dummy page pretending to log a user in. * The idea is to test sessions on the server */ require __DIR__ . '/../vendor/autoload.php'; use Symfony\Component\HttpFoundation\Session\Session; use Symfony\Component\HttpFoundation\Session\Storage\Handler\MemcachedSessionHandler; use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage; try { $memcached = new Memcached(); $memcached->addServer('localhost', 11211); $handler = new MemcachedSessionHandler($memcached); $storage = new NativeSessionStorage(array(), $handler); $session = new Session($storage); $session->setName('CUSTOM_NAME'); $session->start(); if ($session->has('username')) { echo "Already logged in"; } else { $session->set('username', 'Mister hoba loba loba'); echo "Logged in!"; } } catch (Exception $e) { echo $e->getMessage(); }
} return $validator; }, 'xvsys\\validator\\Validator'); // Template Engine $viewEngine = new \phastl\ViewEngine('app' . DIRECTORY_SEPARATOR . 'view'); $viewEngine->assign('_baseurl', $request->getUriForPath('/')); $viewEngine->assign('_isXHR', $request->isXmlHttpRequest()); $diContainer->addSharedInstance($viewEngine, '\\phastl\\ViewEngineInterface'); if (($requestMethodBypass = $request->request->get('http-method')) !== null) { $request->setMethod($requestMethodBypass); } // Session $sessionHandler = new NativeFileSessionHandler(); $sessionStorage = new NativeSessionStorage([], $sessionHandler); $session = new Session($sessionStorage); $session->setName('application_name'); $session->start(); $request->setSession($session); if ($request->isXmlHttpRequest() === false) { $viewEngine->setDynamicLayout('layout' . DIRECTORY_SEPARATOR . 'main'); } else { $viewEngine->setDynamicLayout('layout' . DIRECTORY_SEPARATOR . 'xhr'); } $eventDispatcher = new EventDispatcher(); // controller resolver implementation (alternatives ReflectionCacheControllerResolver, ConfigControllerResolver) $conrollerResolver = new ReflectionControllerResolver($diContainer); // Exceptions handler $logger = new \Monolog\Logger("syslog"); $logHandler = new Monolog\Handler\NullHandler(); $logHandler->setFormatter(new \Monolog\Formatter\HtmlFormatter()); $logger->pushHandler($logHandler);
// global parameter $injector->defineParam('config', $config); // route dispatcher $injector->prepare('Dispatcher', function ($obj, $injector) { $obj->injector = $injector; }); // request $request = Request::createFromGlobals(); $injector->share($request); // router $injector->define('AltoRouter', [':routes' => $route, ':basePath' => rtrim($baseDir, '/')]); // template engine $injector->alias('Template\\Renderer', 'Template\\PlatesRenderer'); $injector->define('League\\Plates\\Engine', [':directory' => __DIR__ . '/views/' . $config['theme']]); $injector->alias('League\\Plates\\Extension\\ExtensionInterface', 'Template\\MyPlatesExtension'); $injector->define('Template\\MyPlatesExtension', [':baseDir' => $baseDir]); // session and flash $sessionFactory = function () { $session = new Session(null, null, new Lib\MyFlash()); $session->setName('RakitanFramework'); $session->start(); return $session; }; $injector->delegate('Symfony\\Component\\HttpFoundation\\Session\\Session', $sessionFactory); $injector->share('Symfony\\Component\\HttpFoundation\\Session\\Session'); // authentication class //$injector->share('Lib\MyAuth'); // middleware $injector->alias('Debugbar\\DebugBar', 'DebugBar\\StandardDebugBar'); $injector->define('DebugBar\\JavascriptRenderer', [':baseUrl' => $baseDir . 'debugbar']); return $injector;