diff options
author | Ahmad Anbar <aanbar@gmail.com> | 2015-02-04 18:20:01 +0100 |
---|---|---|
committer | Ahmad Anbar <aanbar@gmail.com> | 2015-02-04 18:20:01 +0100 |
commit | e5454f9b28f123a5549971f580255a065b2f8cc2 (patch) | |
tree | c4927e7b7afb0bf242976034630cc60f2f1db00f /system/libraries/Session/drivers | |
parent | 6db62ab0ad0e223806a1367e12b1884b48dc65d7 (diff) | |
parent | eccac6e6a73a4d1a5b40f383ce64359c2c94ae12 (diff) |
Merge remote-tracking branch 'upstream/develop' into develop
Diffstat (limited to 'system/libraries/Session/drivers')
6 files changed, 1507 insertions, 1073 deletions
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php deleted file mode 100644 index c0e62affa..000000000 --- a/system/libraries/Session/drivers/Session_cookie.php +++ /dev/null @@ -1,816 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Cookie-based session management driver - * - * This is the classic CI_Session functionality, as written by EllisLab, abstracted out to a driver. - * - * @package CodeIgniter - * @subpackage Libraries - * @category Sessions - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/sessions.html - */ -class CI_Session_cookie extends CI_Session_driver { - - /** - * Whether to encrypt the session cookie - * - * @var bool - */ - public $sess_encrypt_cookie = FALSE; - - /** - * Whether to use to the database for session storage - * - * @var bool - */ - public $sess_use_database = FALSE; - - /** - * Name of the database table in which to store sessions - * - * @var string - */ - public $sess_table_name = ''; - - /** - * Length of time (in seconds) for sessions to expire - * - * @var int - */ - public $sess_expiration = 7200; - - /** - * Whether to kill session on close of browser window - * - * @var bool - */ - public $sess_expire_on_close = FALSE; - - /** - * Whether to match session on ip address - * - * @var bool - */ - public $sess_match_ip = FALSE; - - /** - * Whether to match session on user-agent - * - * @var bool - */ - public $sess_match_useragent = TRUE; - - /** - * Name of session cookie - * - * @var string - */ - public $sess_cookie_name = 'ci_session'; - - /** - * Session cookie prefix - * - * @var string - */ - public $cookie_prefix = ''; - - /** - * Session cookie path - * - * @var string - */ - public $cookie_path = ''; - - /** - * Session cookie domain - * - * @var string - */ - public $cookie_domain = ''; - - /** - * Whether to set the cookie only on HTTPS connections - * - * @var bool - */ - public $cookie_secure = FALSE; - - /** - * Whether cookie should be allowed only to be sent by the server - * - * @var bool - */ - public $cookie_httponly = FALSE; - - /** - * Interval at which to update session - * - * @var int - */ - public $sess_time_to_update = 300; - - /** - * Key with which to encrypt the session cookie - * - * @var string - */ - public $encryption_key = ''; - - /** - * Timezone to use for the current time - * - * @var string - */ - public $time_reference = 'local'; - - /** - * Session data - * - * @var array - */ - public $userdata = array(); - - /** - * Current time - * - * @var int - */ - public $now; - - // ------------------------------------------------------------------------ - - /** - * Default userdata keys - * - * @var array - */ - protected $defaults = array( - 'session_id' => NULL, - 'ip_address' => NULL, - 'user_agent' => NULL, - 'last_activity' => NULL - ); - - /** - * Data needs DB update flag - * - * @var bool - */ - protected $data_dirty = FALSE; - - /** - * Standardize newlines flag - * - * @var bool - */ - protected $_standardize_newlines; - - // ------------------------------------------------------------------------ - - /** - * Initialize session driver object - * - * @return void - */ - protected function initialize() - { - // Set all the session preferences, which can either be set - // manually via the $params array or via the config file - $prefs = array( - 'sess_encrypt_cookie', - 'sess_use_database', - 'sess_table_name', - 'sess_expiration', - 'sess_expire_on_close', - 'sess_match_ip', - 'sess_match_useragent', - 'sess_cookie_name', - 'cookie_path', - 'cookie_domain', - 'cookie_secure', - 'cookie_httponly', - 'sess_time_to_update', - 'time_reference', - 'cookie_prefix', - 'encryption_key', - ); - - $this->_standardize_newlines = (bool) config_item('standardize_newlines'); - - foreach ($prefs as $key) - { - $this->$key = isset($this->_parent->params[$key]) - ? $this->_parent->params[$key] - : $this->CI->config->item($key); - } - - if (empty($this->encryption_key)) - { - show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.'); - } - - // Do we need encryption? If so, load the encryption class - if ($this->sess_encrypt_cookie === TRUE) - { - $this->CI->load->library('encryption'); - } - - // Check for database - if ($this->sess_use_database === TRUE && $this->sess_table_name !== '') - { - // Load database driver - $this->CI->load->database(); - - // Register shutdown function - register_shutdown_function(array($this, '_update_db')); - } - - // Set the "now" time. Can either be GMT or server time, based on the config prefs. - // We use this to set the "last activity" time - $this->now = $this->_get_time(); - - // Set the session length. If the session expiration is - // set to zero we'll set the expiration two years from now. - if ($this->sess_expiration === 0) - { - $this->sess_expiration = (60*60*24*365*2); - } - - // Set the cookie name - $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; - - // Run the Session routine. If a session doesn't exist we'll - // create a new one. If it does, we'll update it. - if ( ! $this->_sess_read()) - { - $this->_sess_create(); - } - else - { - $this->_sess_update(); - } - - // Delete expired sessions if necessary - $this->_sess_gc(); - } - - // ------------------------------------------------------------------------ - - /** - * Write the session data - * - * @return void - */ - public function sess_save() - { - // Check for database - if ($this->sess_use_database === TRUE) - { - // Mark custom data as dirty so we know to update the DB - $this->data_dirty = TRUE; - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Destroy the current session - * - * @return void - */ - public function sess_destroy() - { - // Kill the session DB row - if ($this->sess_use_database === TRUE && isset($this->userdata['session_id'])) - { - $this->CI->db->delete($this->sess_table_name, array('session_id' => $this->userdata['session_id'])); - $this->data_dirty = FALSE; - } - - // Kill the cookie - $this->_setcookie($this->sess_cookie_name, '', ($this->now - 31500000), - $this->cookie_path, $this->cookie_domain, 0); - - // Kill session data - $this->userdata = array(); - } - - // ------------------------------------------------------------------------ - - /** - * Regenerate the current session - * - * Regenerate the session id - * - * @param bool Destroy session data flag (default: false) - * @return void - */ - public function sess_regenerate($destroy = FALSE) - { - // Check destroy flag - if ($destroy) - { - // Destroy old session and create new one - $this->sess_destroy(); - $this->_sess_create(); - } - else - { - // Just force an update to recreate the id - $this->_sess_update(TRUE); - } - } - - // ------------------------------------------------------------------------ - - /** - * Get a reference to user data array - * - * @return array Reference to userdata - */ - public function &get_userdata() - { - return $this->userdata; - } - - // ------------------------------------------------------------------------ - - /** - * Fetch the current session data if it exists - * - * @return bool - */ - protected function _sess_read() - { - // Fetch the cookie - $session = $this->CI->input->cookie($this->sess_cookie_name); - - // No cookie? Goodbye cruel world!... - if ($session === NULL) - { - log_message('debug', 'A session cookie was not found.'); - return FALSE; - } - - if ($this->sess_encrypt_cookie === TRUE) - { - $session = $this->CI->encryption->decrypt($session); - if ($session === FALSE) - { - log_message('error', 'Session: Unable to decrypt the session cookie, possibly due to a HMAC mismatch.'); - return FALSE; - } - } - else - { - if (($len = strlen($session) - 40) <= 0) - { - log_message('error', 'Session: The session cookie was not signed.'); - return FALSE; - } - - // Check cookie authentication - $hmac = substr($session, $len); - $session = substr($session, 0, $len); - - // Time-attack-safe comparison - $hmac_check = hash_hmac('sha1', $session, $this->encryption_key); - $diff = 0; - for ($i = 0; $i < 40; $i++) - { - $diff |= ord($hmac[$i]) ^ ord($hmac_check[$i]); - } - - if ($diff !== 0) - { - log_message('error', 'Session: HMAC mismatch. The session cookie data did not match what was expected.'); - $this->sess_destroy(); - return FALSE; - } - } - - // Unserialize the session array - $session = @unserialize($session); - - // Is the session data we unserialized an array with the correct format? - if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) - { - log_message('debug', 'Session: Wrong cookie data format'); - $this->sess_destroy(); - return FALSE; - } - - // Is the session current? - if (($session['last_activity'] + $this->sess_expiration) < $this->now OR $session['last_activity'] > $this->now) - { - log_message('debug', 'Session: Expired'); - $this->sess_destroy(); - return FALSE; - } - - // Does the IP match? - if ($this->sess_match_ip === TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) - { - log_message('debug', 'Session: IP address mismatch'); - $this->sess_destroy(); - return FALSE; - } - - // Does the User Agent Match? - if ($this->sess_match_useragent === TRUE && - trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) - { - log_message('debug', 'Session: User Agent string mismatch'); - $this->sess_destroy(); - return FALSE; - } - - // Is there a corresponding session in the DB? - if ($this->sess_use_database === TRUE) - { - $this->CI->db->where('session_id', $session['session_id']); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $session['ip_address']); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', $session['user_agent']); - } - - // Is caching in effect? Turn it off - $db_cache = $this->CI->db->cache_on; - $this->CI->db->cache_off(); - - $query = $this->CI->db->get($this->sess_table_name); - - // Was caching in effect? - if ($db_cache) - { - // Turn it back on - $this->CI->db->cache_on(); - } - - // No result? Kill it! - if (empty($query) OR $query->num_rows() === 0) - { - log_message('debug', 'Session: No match found in our database'); - $this->sess_destroy(); - return FALSE; - } - - // Is there custom data? If so, add it to the main session array - $row = $query->row(); - if ( ! empty($row->user_data)) - { - $custom_data = unserialize(trim($row->user_data)); - - if (is_array($custom_data)) - { - $session = $session + $custom_data; - } - } - } - - // Session is valid! - $this->userdata = $session; - return TRUE; - } - - // ------------------------------------------------------------------------ - - /** - * Create a new session - * - * @return void - */ - protected function _sess_create() - { - // Initialize userdata - $this->userdata = array( - 'session_id' => $this->_make_sess_id(), - 'ip_address' => $this->CI->input->ip_address(), - 'user_agent' => trim(substr($this->CI->input->user_agent(), 0, 120)), - 'last_activity' => $this->now, - ); - - log_message('debug', 'Session: Creating new session ('.$this->userdata['session_id'].')'); - - // Check for database - if ($this->sess_use_database === TRUE) - { - // Add empty user_data field and save the data to the DB - $this->CI->db->set('user_data', '')->insert($this->sess_table_name, $this->userdata); - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Update an existing session - * - * @param bool Force update flag (default: false) - * @return void - */ - protected function _sess_update($force = FALSE) - { - // We only update the session every five minutes by default (unless forced) - if ( ! $force && ($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now) - { - return; - } - - // Update last activity to now - $this->userdata['last_activity'] = $this->now; - - // Save the old session id so we know which DB record to update - $old_sessid = $this->userdata['session_id']; - - // Changing the session ID during an AJAX call causes problems - if ( ! $this->CI->input->is_ajax_request()) - { - // Get new id - $this->userdata['session_id'] = $this->_make_sess_id(); - - log_message('debug', 'Session: Regenerate ID'); - } - - // Check for database - if ($this->sess_use_database === TRUE) - { - $this->CI->db->where('session_id', $old_sessid); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $this->CI->input->ip_address()); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); - } - - // Update the session ID and last_activity field in the DB - $this->CI->db->update($this->sess_table_name, - array( - 'last_activity' => $this->now, - 'session_id' => $this->userdata['session_id'] - ) - ); - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Update database with current data - * - * This gets called from the shutdown function and also - * registered with PHP to run at the end of the request - * so it's guaranteed to update even when a fatal error - * occurs. The first call makes the update and clears the - * dirty flag so it won't happen twice. - * - * @return void - */ - public function _update_db() - { - // Check for database and dirty flag and unsaved - if ($this->sess_use_database === TRUE && $this->data_dirty === TRUE) - { - // Set up activity and data fields to be set - // If we don't find custom data, user_data will remain an empty string - $set = array( - 'last_activity' => $this->userdata['last_activity'], - 'user_data' => '' - ); - - // Get the custom userdata, leaving out the defaults - // (which get stored in the cookie) - $userdata = array_diff_key($this->userdata, $this->defaults); - - // Did we find any custom data? - if ( ! empty($userdata)) - { - // Serialize the custom data array so we can store it - $set['user_data'] = serialize($userdata); - } - - // Reset query builder values. - $this->CI->db->reset_query(); - - // Run the update query - // Any time we change the session id, it gets updated immediately, - // so our where clause below is always safe - $this->CI->db->where('session_id', $this->userdata['session_id']); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $this->CI->input->ip_address()); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); - } - - $this->CI->db->update($this->sess_table_name, $set); - - // Clear dirty flag to prevent double updates - $this->data_dirty = FALSE; - - log_message('debug', 'CI_Session Data Saved To DB'); - } - } - - // ------------------------------------------------------------------------ - - /** - * Generate a new session id - * - * @return string Hashed session id - */ - protected function _make_sess_id() - { - $new_sessid = ''; - do - { - $new_sessid .= mt_rand(); - } - while (strlen($new_sessid) < 32); - - // To make the session ID even more secure we'll combine it with the user's IP - $new_sessid .= $this->CI->input->ip_address(); - - // Turn it into a hash and return - return md5(uniqid($new_sessid, TRUE)); - } - - // ------------------------------------------------------------------------ - - /** - * Get the "now" time - * - * @return int Time - */ - protected function _get_time() - { - if ($this->time_reference === 'local' OR $this->time_reference === date_default_timezone_get()) - { - return time(); - } - - $datetime = new DateTime('now', new DateTimeZone($this->time_reference)); - sscanf($datetime->format('j-n-Y G:i:s'), '%d-%d-%d %d:%d:%d', $day, $month, $year, $hour, $minute, $second); - - return mktime($hour, $minute, $second, $month, $day, $year); - } - - // ------------------------------------------------------------------------ - - /** - * Write the session cookie - * - * @return void - */ - protected function _set_cookie() - { - // Get userdata (only defaults if database) - $cookie_data = ($this->sess_use_database === TRUE) - ? array_intersect_key($this->userdata, $this->defaults) - : $this->userdata; - - // The Input class will do this and since we use HMAC verification, - // unless we standardize here as well, the hash won't match. - if ($this->_standardize_newlines) - { - foreach (array_keys($this->userdata) as $key) - { - $this->userdata[$key] = preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $this->userdata[$key]); - } - } - - // Serialize the userdata for the cookie - $cookie_data = serialize($cookie_data); - - if ($this->sess_encrypt_cookie === TRUE) - { - $cookie_data = $this->CI->encryption->encrypt($cookie_data); - } - else - { - // Require message authentication - $cookie_data .= hash_hmac('sha1', $cookie_data, $this->encryption_key); - } - - $expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time(); - - // Set the cookie - $this->_setcookie($this->sess_cookie_name, $cookie_data, $expire, $this->cookie_path, $this->cookie_domain, - $this->cookie_secure, $this->cookie_httponly); - } - - // ------------------------------------------------------------------------ - - /** - * Set a cookie with the system - * - * This abstraction of the setcookie call allows overriding for unit testing - * - * @param string Cookie name - * @param string Cookie value - * @param int Expiration time - * @param string Cookie path - * @param string Cookie domain - * @param bool Secure connection flag - * @param bool HTTP protocol only flag - * @return void - */ - protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = FALSE, $httponly = FALSE) - { - setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); - } - - // ------------------------------------------------------------------------ - - /** - * Garbage collection - * - * This deletes expired session rows from database - * if the probability percentage is met - * - * @return void - */ - protected function _sess_gc() - { - if ($this->sess_use_database !== TRUE) - { - return; - } - - $probability = ini_get('session.gc_probability'); - $divisor = ini_get('session.gc_divisor'); - - if (mt_rand(1, $divisor) <= $probability) - { - $expire = $this->now - $this->sess_expiration; - $this->CI->db->delete($this->sess_table_name, 'last_activity < '.$expire); - - log_message('debug', 'Session garbage collection performed.'); - } - } - -} - -/* End of file Session_cookie.php */ -/* Location: ./system/libraries/Session/drivers/Session_cookie.php */
\ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php new file mode 100644 index 000000000..0ec6e34f0 --- /dev/null +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -0,0 +1,385 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * CodeIgniter Session Database Driver + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html + */ +class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { + + /** + * DB object + * + * @var object + */ + protected $_db; + + /** + * Row exists flag + * + * @var bool + */ + protected $_row_exists = FALSE; + + /** + * Lock "driver" flag + * + * @var string + */ + protected $_platform; + + // ------------------------------------------------------------------------ + + /** + * Class constructor + * + * @param array $params Configuration parameters + * @return void + */ + public function __construct(&$params) + { + parent::__construct($params); + + $CI =& get_instance(); + isset($CI->db) OR $CI->load->database(); + $this->_db = $CI->db; + + if ( ! $this->_db instanceof CI_DB_query_builder) + { + throw new Exception('Query Builder not enabled for the configured database. Aborting.'); + } + elseif ($this->_db->pconnect) + { + throw new Exception('Configured database connection is persistent. Aborting.'); + } + + $db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver); + if (strpos($db_driver, 'mysql') !== FALSE) + { + $this->_platform = 'mysql'; + } + elseif (in_array($db_driver, array('postgre', 'pdo_pgsql'), TRUE)) + { + $this->_platform = 'postgre'; + } + + // Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future. + isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); + } + + // ------------------------------------------------------------------------ + + /** + * Open + * + * Initializes the database connection + * + * @param string $save_path Table name + * @param string $name Session cookie name, unused + * @return bool + */ + public function open($save_path, $name) + { + return empty($this->_db->conn_id) + ? ( ! $this->_db->autoinit && $this->_db->db_connect()) + : TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ + public function read($session_id) + { + if ($this->_get_lock($session_id) !== FALSE) + { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + + $this->_db + ->select('data') + ->from($this->_config['save_path']) + ->where('id', $session_id); + + if ($this->_config['match_ip']) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + if (($result = $this->_db->get()->row()) === NULL) + { + $this->_fingerprint = md5(''); + return ''; + } + + // PostgreSQL's variant of a BLOB datatype is Bytea, which is a + // PITA to work with, so we use base64-encoded data in a TEXT + // field instead. + $result = ($this->_platform === 'postgre') + ? base64_decode(rtrim($result->data)) + : $result->data; + + $this->_fingerprint = md5($result); + $this->_row_exists = TRUE; + return $result; + } + + $this->_fingerprint = md5(''); + return ''; + } + + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ + public function write($session_id, $session_data) + { + // Was the ID regenerated? + if ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_row_exists = FALSE; + $this->_session_id = $session_id; + } + elseif ($this->_lock === FALSE) + { + return FALSE; + } + + if ($this->_row_exists === FALSE) + { + $insert_data = array( + 'id' => $session_id, + 'ip_address' => $_SERVER['REMOTE_ADDR'], + 'timestamp' => time(), + 'data' => ($this->_platform === 'postgre' ? base64_encode($session_data) : $session_data) + ); + + if ($this->_db->insert($this->_config['save_path'], $insert_data)) + { + $this->_fingerprint = md5($session_data); + return $this->_row_exists = TRUE; + } + + return FALSE; + } + + $this->_db->where('id', $session_id); + if ($this->_config['match_ip']) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + $update_data = array('timestamp' => time()); + if ($this->_fingerprint !== md5($session_data)) + { + $update_data['data'] = ($this->_platform === 'postgre') + ? base64_encode($session_data) + : $session_data; + } + + if ($this->_db->update($this->_config['save_path'], $update_data)) + { + $this->_fingerprint = md5($session_data); + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Close + * + * Releases locks + * + * @return void + */ + public function close() + { + return ($this->_lock) + ? $this->_release_lock() + : TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ + public function destroy($session_id) + { + if ($this->_lock) + { + $this->_db->where('id', $session_id); + if ($this->_config['match_ip']) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + return $this->_db->delete($this->_config['save_path']) + ? ($this->close() && $this->_cookie_destroy()) + : FALSE; + } + + return ($this->close() && $this->_cookie_destroy()); + } + + // ------------------------------------------------------------------------ + + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ + public function gc($maxlifetime) + { + return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); + } + + // ------------------------------------------------------------------------ + + /** + * Get lock + * + * Acquires a lock, depending on the underlying platform. + * + * @param string $session_id Session ID + * @return bool + */ + protected function _get_lock($session_id) + { + if ($this->_platform === 'mysql') + { + $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock) + { + $this->_lock = $arg; + return TRUE; + } + + return FALSE; + } + elseif ($this->_platform === 'postgre') + { + $arg = "hashtext('".$session_id."')".($this->_config['match_ip'] ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + if ($this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')')) + { + $this->_lock = $arg; + return TRUE; + } + + return FALSE; + } + + return parent::_get_lock($session_id); + } + + // ------------------------------------------------------------------------ + + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ + protected function _release_lock() + { + if ( ! $this->_lock) + { + return TRUE; + } + + if ($this->_platform === 'mysql') + { + if ($this->_db->query("SELECT RELEASE_LOCK('".$this->_lock."') AS ci_session_lock")->row()->ci_session_lock) + { + $this->_lock = FALSE; + return TRUE; + } + + return FALSE; + } + elseif ($this->_platform === 'postgre') + { + if ($this->_db->simple_query('SELECT pg_advisory_unlock('.$this->_lock.')')) + { + $this->_lock = FALSE; + return TRUE; + } + + return FALSE; + } + + return parent::_release_lock(); + } + +} diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php new file mode 100644 index 000000000..ad8315d52 --- /dev/null +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -0,0 +1,352 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 + * @filesource +*/ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * CodeIgniter Session Files Driver + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html + */ +class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { + + /** + * Save path + * + * @var string + */ + protected $_save_path; + + /** + * File handle + * + * @var resource + */ + protected $_file_handle; + + /** + * File name + * + * @var resource + */ + protected $_file_path; + + /** + * File new flag + * + * @var bool + */ + protected $_file_new; + + // ------------------------------------------------------------------------ + + /** + * Class constructor + * + * @param array $params Configuration parameters + * @return void + */ + public function __construct(&$params) + { + parent::__construct($params); + + if (isset($this->_config['save_path'])) + { + $this->_config['save_path'] = rtrim($this->_config['save_path'], '/\\'); + ini_set('session.save_path', $this->_config['save_path']); + } + else + { + $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); + } + } + + // ------------------------------------------------------------------------ + + /** + * Open + * + * Sanitizes the save_path directory. + * + * @param string $save_path Path to session files' directory + * @param string $name Session cookie name, unused + * @return bool + */ + public function open($save_path, $name) + { + if ( ! is_dir($save_path)) + { + if ( ! mkdir($save_path, 0700, TRUE)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); + } + } + elseif ( ! is_writable($save_path)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process."); + } + + $this->_config['save_path'] = $save_path; + $this->_file_path = $this->_config['save_path'].DIRECTORY_SEPARATOR + .$name // we'll use the session cookie name as a prefix to avoid collisions + .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); + + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ + public function read($session_id) + { + // This might seem weird, but PHP 5.6 introduces session_reset(), + // which re-reads session data + if ($this->_file_handle === NULL) + { + // Just using fopen() with 'c+b' mode would be perfect, but it is only + // available since PHP 5.2.6 and we have to set permissions for new files, + // so we'd have to hack around this ... + if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) + { + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) + { + log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); + return FALSE; + } + } + elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) + { + log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); + return FALSE; + } + + if (flock($this->_file_handle, LOCK_EX) === FALSE) + { + log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); + fclose($this->_file_handle); + $this->_file_handle = NULL; + return FALSE; + } + + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + + if ($this->_file_new) + { + chmod($this->_file_path.$session_id, 0600); + $this->_fingerprint = md5(''); + return ''; + } + } + else + { + rewind($this->_file_handle); + } + + $session_data = ''; + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) + { + if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) + { + break; + } + + $session_data .= $buffer; + } + + $this->_fingerprint = md5($session_data); + return $session_data; + } + + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ + public function write($session_id, $session_data) + { + // If the two IDs don't match, we have a session_regenerate_id() call + // and we need to close the old handle and open a new one + if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + { + return FALSE; + } + + if ( ! is_resource($this->_file_handle)) + { + return FALSE; + } + elseif ($this->_fingerprint === md5($session_data)) + { + return ($this->_file_new) + ? TRUE + : touch($this->_file_path.$session_id); + } + + if ( ! $this->_file_new) + { + ftruncate($this->_file_handle, 0); + rewind($this->_file_handle); + } + + if (($length = strlen($session_data)) > 0) + { + for ($written = 0; $written < $length; $written += $result) + { + if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + { + break; + } + } + + if ( ! is_int($result)) + { + $this->_fingerprint = md5(substr($session_data, 0, $written)); + log_message('error', 'Session: Unable to write data.'); + return FALSE; + } + } + + $this->_fingerprint = md5($session_data); + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Close + * + * Releases locks and closes file descriptor. + * + * @return void + */ + public function close() + { + if (is_resource($this->_file_handle)) + { + flock($this->_file_handle, LOCK_UN); + fclose($this->_file_handle); + + $this->_file_handle = $this->_file_new = $this->_session_id = NULL; + return TRUE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ + public function destroy($session_id) + { + if ($this->close()) + { + return unlink($this->_file_path.$session_id) && $this->_cookie_destroy(); + } + elseif ($this->_file_path !== NULL) + { + clearstatcache(); + return file_exists($this->_file_path.$session_id) + ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) + : TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ + public function gc($maxlifetime) + { + if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) + { + log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); + return FALSE; + } + + $ts = time() - $maxlifetime; + + foreach ($files as $file) + { + // If the filename doesn't match this pattern, it's either not a session file or is not ours + if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) + OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) + OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE + OR $mtime > $ts) + { + continue; + } + + unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file); + } + + return TRUE; + } + +} diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php new file mode 100644 index 000000000..00112c88c --- /dev/null +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -0,0 +1,375 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * CodeIgniter Session Memcached Driver + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html + */ +class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { + + /** + * Memcached instance + * + * @var Memcached + */ + protected $_memcached; + + /** + * Key prefix + * + * @var string + */ + protected $_key_prefix = 'ci_session:'; + + /** + * Lock key + * + * @var string + */ + protected $_lock_key; + + // ------------------------------------------------------------------------ + + /** + * Class constructor + * + * @param array $params Configuration parameters + * @return void + */ + public function __construct(&$params) + { + parent::__construct($params); + + if (empty($this->_config['save_path'])) + { + log_message('error', 'Session: No Memcached save path configured.'); + } + + if ($this->_config['match_ip'] === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } + } + + // ------------------------------------------------------------------------ + + /** + * Open + * + * Sanitizes save_path and initializes connections. + * + * @param string $save_path Server path(s) + * @param string $name Session cookie name, unused + * @return bool + */ + public function open($save_path, $name) + { + $this->_memcached = new Memcached(); + $this->_memcached->setOption(Memcached::OPT_BINARY_PROTOCOL, TRUE); // required for touch() usage + $server_list = array(); + foreach ($this->_memcached->getServerList() as $server) + { + $server_list[] = $server['host'].':'.$server['port']; + } + + if ( ! preg_match_all('#,?([^,:]+)\:(\d{1,5})(?:\:(\d+))?#', $this->_config['save_path'], $matches, PREG_SET_ORDER)) + { + $this->_memcached = NULL; + log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); + return FALSE; + } + + foreach ($matches as $match) + { + // If Memcached already has this server (or if the port is invalid), skip it + if (in_array($match[1].':'.$match[2], $server_list, TRUE)) + { + log_message('debug', 'Session: Memcached server pool already has '.$match[1].':'.$match[2]); + continue; + } + + if ( ! $this->_memcached->addServer($match[1], $match[2], isset($match[3]) ? $match[3] : 0)) + { + log_message('error', 'Could not add '.$match[1].':'.$match[2].' to Memcached server pool.'); + } + else + { + $server_list[] = $match[1].':'.$match[2]; + } + } + + if (empty($server_list)) + { + log_message('error', 'Session: Memcached server pool is empty.'); + return FALSE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ + public function read($session_id) + { + if (isset($this->_memcached) && $this->_get_lock($session_id)) + { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + + $session_data = (string) $this->_memcached->get($this->_key_prefix.$session_id); + $this->_fingerprint = md5($session_data); + return $session_data; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ + public function write($session_id, $session_data) + { + if ( ! isset($this->_memcached)) + { + return FALSE; + } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_fingerprint = md5(''); + $this->_session_id = $session_id; + } + + if (isset($this->_lock_key)) + { + $this->_memcached->replace($this->_lock_key, time(), 5); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) + { + $this->_fingerprint = $fingerprint; + return TRUE; + } + + return FALSE; + } + + return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Close + * + * Releases locks and closes connection. + * + * @return void + */ + public function close() + { + if (isset($this->_memcached)) + { + isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + if ( ! $this->_memcached->quit()) + { + return FALSE; + } + + $this->_memcached = NULL; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ + public function destroy($session_id) + { + if (isset($this->_memcached, $this->_lock_key)) + { + $this->_memcached->delete($this->_key_prefix.$session_id); + return $this->_cookie_destroy(); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ + public function gc($maxlifetime) + { + // Not necessary, Memcached takes care of that. + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Get lock + * + * Acquires an (emulated) lock. + * + * @param string $session_id Session ID + * @return bool + */ + protected function _get_lock($session_id) + { + if (isset($this->_lock_key)) + { + return $this->_memcached->replace($this->_lock_key, time(), 5); + } + + $lock_key = $this->_key_prefix.$session_id.':lock'; + if ( ! ($ts = $this->_memcached->get($lock_key))) + { + if ( ! $this->_memcached->set($lock_key, TRUE, 5)) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + $this->_lock = TRUE; + return TRUE; + } + + // Another process has the lock, we'll try to wait for it to free itself ... + $attempt = 0; + while ($attempt++ < 5) + { + usleep(((time() - $ts) * 1000000) - 20000); + if (($ts = $this->_memcached->get($lock_key)) < time()) + { + continue; + } + + if ( ! $this->_memcached->set($lock_key, time(), 5)) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + break; + } + + if ($attempt === 5) + { + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + return FALSE; + } + + $this->_lock = TRUE; + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ + protected function _release_lock() + { + if (isset($this->_memcached, $this->_lock_key) && $this->_lock) + { + if ( ! $this->_memcached->delete($this->_lock_key) && $this->_memcached->getResultCode() !== Memcached::RES_NOTFOUND) + { + log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = NULL; + $this->_lock = FALSE; + } + + return TRUE; + } + +} diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php deleted file mode 100644 index c95e7f23f..000000000 --- a/system/libraries/Session/drivers/Session_native.php +++ /dev/null @@ -1,257 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Native PHP session management driver - * - * This is the driver that uses the native PHP $_SESSION array through the Session driver library. - * - * @package CodeIgniter - * @subpackage Libraries - * @category Sessions - * @author EllisLab Dev Team - */ -class CI_Session_native extends CI_Session_driver { - - /** - * Initialize session driver object - * - * @return void - */ - protected function initialize() - { - // Get config parameters - $config = array(); - $prefs = array( - 'sess_cookie_name', - 'sess_expire_on_close', - 'sess_expiration', - 'sess_match_ip', - 'sess_match_useragent', - 'sess_time_to_update', - 'cookie_prefix', - 'cookie_path', - 'cookie_domain', - 'cookie_secure', - 'cookie_httponly' - ); - - foreach ($prefs as $key) - { - $config[$key] = isset($this->_parent->params[$key]) - ? $this->_parent->params[$key] - : $this->CI->config->item($key); - } - - // Set session name, if specified - if ($config['sess_cookie_name']) - { - // Differentiate name from cookie driver with '_id' suffix - $name = $config['sess_cookie_name'].'_id'; - if ($config['cookie_prefix']) - { - // Prepend cookie prefix - $name = $config['cookie_prefix'].$name; - } - session_name($name); - } - - // Set expiration, path, and domain - $expire = 7200; - $path = '/'; - $domain = ''; - $secure = (bool) $config['cookie_secure']; - $http_only = (bool) $config['cookie_httponly']; - - if ($config['sess_expiration'] !== FALSE) - { - // Default to 2 years if expiration is "0" - $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration']; - } - - if ($config['cookie_path']) - { - // Use specified path - $path = $config['cookie_path']; - } - - if ($config['cookie_domain']) - { - // Use specified domain - $domain = $config['cookie_domain']; - } - - session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only); - - // Start session - session_start(); - - // Check session expiration, ip, and agent - $now = time(); - $destroy = FALSE; - if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now)) - { - // Expired - destroy - log_message('debug', 'Session: Expired'); - $destroy = TRUE; - } - elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address']) - && $_SESSION['ip_address'] !== $this->CI->input->ip_address()) - { - // IP doesn't match - destroy - log_message('debug', 'Session: IP address mismatch'); - $destroy = TRUE; - } - elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent']) - && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50))) - { - // Agent doesn't match - destroy - log_message('debug', 'Session: User Agent string mismatch'); - $destroy = TRUE; - } - - // Destroy expired or invalid session - if ($destroy) - { - // Clear old session and start new - $this->sess_destroy(); - session_start(); - } - - // Check for update time - if ($config['sess_time_to_update'] && isset($_SESSION['last_activity']) - && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) - { - // Changing the session ID amidst a series of AJAX calls causes problems - if ( ! $this->CI->input->is_ajax_request()) - { - // Regenerate ID, but don't destroy session - log_message('debug', 'Session: Regenerate ID'); - $this->sess_regenerate(FALSE); - } - } - - // Set activity time - $_SESSION['last_activity'] = $now; - - // Set matching values as required - if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address'])) - { - // Store user IP address - $_SESSION['ip_address'] = $this->CI->input->ip_address(); - } - - if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent'])) - { - // Store user agent string - $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50)); - } - - // Make session ID available - $_SESSION['session_id'] = session_id(); - } - - // ------------------------------------------------------------------------ - - /** - * Save the session data - * - * @return void - */ - public function sess_save() - { - // Nothing to do - changes to $_SESSION are automatically saved - } - - // ------------------------------------------------------------------------ - - /** - * Destroy the current session - * - * @return void - */ - public function sess_destroy() - { - // Cleanup session - $_SESSION = array(); - $name = session_name(); - if (isset($_COOKIE[$name])) - { - // Clear session cookie - $params = session_get_cookie_params(); - setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); - unset($_COOKIE[$name]); - } - session_destroy(); - } - - // ------------------------------------------------------------------------ - - /** - * Regenerate the current session - * - * Regenerate the session id - * - * @param bool Destroy session data flag (default: FALSE) - * @return void - */ - public function sess_regenerate($destroy = FALSE) - { - // Just regenerate id, passing destroy flag - session_regenerate_id($destroy); - $_SESSION['session_id'] = session_id(); - } - - // ------------------------------------------------------------------------ - - /** - * Get a reference to user data array - * - * @return array Reference to userdata - */ - public function &get_userdata() - { - // Just return reference to $_SESSION - return $_SESSION; - } - -} - -/* End of file Session_native.php */ -/* Location: ./system/libraries/Session/drivers/Session_native.php */
\ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php new file mode 100644 index 000000000..c53975ae4 --- /dev/null +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -0,0 +1,395 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * CodeIgniter Session Redis Driver + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html + */ +class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { + + /** + * phpRedis instance + * + * @var resource + */ + protected $_redis; + + /** + * Key prefix + * + * @var string + */ + protected $_key_prefix = 'ci_session:'; + + /** + * Lock key + * + * @var string + */ + protected $_lock_key; + + // ------------------------------------------------------------------------ + + /** + * Class constructor + * + * @param array $params Configuration parameters + * @return void + */ + public function __construct(&$params) + { + parent::__construct($params); + + if (empty($this->_config['save_path'])) + { + log_message('error', 'Session: No Redis save path configured.'); + } + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) + { + isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below + $this->_config['save_path'] = array( + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, + 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL, + 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL + ); + + preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; + } + else + { + log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']); + } + + if ($this->_config['match_ip'] === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } + } + + // ------------------------------------------------------------------------ + + /** + * Open + * + * Sanitizes save_path and initializes connection. + * + * @param string $save_path Server path + * @param string $name Session cookie name, unused + * @return bool + */ + public function open($save_path, $name) + { + if (empty($this->_config['save_path'])) + { + return FALSE; + } + + $redis = new Redis(); + if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) + { + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + } + elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + { + log_message('error', 'Session: Unable to authenticate to Redis instance.'); + } + elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + { + log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + } + else + { + $this->_redis = $redis; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ + public function read($session_id) + { + if (isset($this->_redis) && $this->_get_lock($session_id)) + { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + + $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $this->_fingerprint = md5($session_data); + return $session_data; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ + public function write($session_id, $session_data) + { + if ( ! isset($this->_redis)) + { + return FALSE; + } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_fingerprint = md5(''); + $this->_session_id = $session_id; + } + + if (isset($this->_lock_key)) + { + $this->_redis->setTimeout($this->_lock_key, 5); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) + { + $this->_fingerprint = $fingerprint; + return TRUE; + } + + return FALSE; + } + + return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Close + * + * Releases locks and closes connection. + * + * @return void + */ + public function close() + { + if (isset($this->_redis)) + { + try { + if ($this->_redis->ping() === '+PONG') + { + isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + if ( ! $this->_redis->close()) + { + return FALSE; + } + } + } + catch (RedisException $e) + { + log_message('error', 'Session: Got RedisException on close(): '.$e->getMessage()); + } + + $this->_redis = NULL; + return TRUE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ + public function destroy($session_id) + { + if (isset($this->_redis, $this->_lock_key)) + { + if ($this->_redis->delete($this->_key_prefix.$session_id) !== 1) + { + log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); + } + + return $this->_cookie_destroy(); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ + public function gc($maxlifetime) + { + // Not necessary, Redis takes care of that. + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Get lock + * + * Acquires an (emulated) lock. + * + * @param string $session_id Session ID + * @return bool + */ + protected function _get_lock($session_id) + { + if (isset($this->_lock_key)) + { + return $this->_redis->setTimeout($this->_lock_key, 5); + } + + $lock_key = $this->_key_prefix.$session_id.':lock'; + if (($ttl = $this->_redis->ttl($lock_key)) < 1) + { + if ( ! $this->_redis->setex($lock_key, 5, time())) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + + if ($ttl === -1) + { + log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.'); + } + + $this->_lock = TRUE; + return TRUE; + } + + // Another process has the lock, we'll try to wait for it to free itself ... + $attempt = 0; + while ($attempt++ < 5) + { + usleep(($ttl * 1000000) - 20000); + if (($ttl = $this->_redis->ttl($lock_key)) > 0) + { + continue; + } + + if ( ! $this->_redis->setex($lock_key, 5, time())) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + break; + } + + if ($attempt === 5) + { + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + return FALSE; + } + + $this->_lock = TRUE; + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ + protected function _release_lock() + { + if (isset($this->_redis, $this->_lock_key) && $this->_lock) + { + if ( ! $this->_redis->delete($this->_lock_key)) + { + log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = NULL; + $this->_lock = FALSE; + } + + return TRUE; + } + +} |