diff options
| author | Andrey Andreev <narf@devilix.net> | 2014-10-31 22:35:32 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2014-10-31 22:35:32 +0100 |
| commit | 7474a6799b44e4988b6a7a4adcc2901ec0b993b4 (patch) | |
| tree | 6873bef76c1efec9e72cb1a25e8fe08a385fbcf1 /system/libraries/Session/drivers/Session_redis_driver.php | |
| parent | c6e50989480d5e9a9847177b8dc7cefa6559329a (diff) | |
#3073 (feature/session): Fix session_regenerate_id() issues
Diffstat (limited to 'system/libraries/Session/drivers/Session_redis_driver.php')
| -rw-r--r-- | system/libraries/Session/drivers/Session_redis_driver.php | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ef18defe2..bc6150d2d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -135,6 +135,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis) && $this->_get_lock($session_id)) { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); $this->_fingerprint = md5($session_data); return $session_data; @@ -145,7 +148,23 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function write($session_id, $session_data) { - if (isset($this->_redis, $this->_lock_key)) + if ( ! isset($this->_redis)) + { + return FALSE; + } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_fingerprint = md5(''); + $this->_session_id = $session_id; + } + + if (isset($this->_lock_key)) { $this->_redis->setTimeout($this->_lock_key, 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) @@ -190,7 +209,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return TRUE; } - return FALSE; + return TRUE; } // ------------------------------------------------------------------------ @@ -204,20 +223,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } - return ($this->_cookie_destroy() && $this->close()); + return $this->_cookie_destroy(); } - return $this->close(); + return FALSE; } // ------------------------------------------------------------------------ public function gc($maxlifetime) { - // TODO: keys()/getKeys() is said to be performance-intensive, - // although it supports patterns (*, [charlist] at the very least). - // scan() seems to be recommended, but requires redis 2.8 - // Not sure if we need any of these though, as we set keys with expire times + // Not necessary, Redis takes care of that. return TRUE; } |