Merge pull request #823 from narfbg/develop-session

Improve the Session library
author: Phil Sturgeon <email@philsturgeon.co.uk> 2011-12-27 13:37:40 +0100
committer: Phil Sturgeon <email@philsturgeon.co.uk> 2011-12-27 13:37:40 +0100
commit: d459cbb96d9c9703ef6c62756240b7c612835e5c (patch)
tree: 24ec66d67ce477cc5c960adb017b0966c6b39ba8 /system
parent: fcb8ee8695fca74f1175750eb38473ec08a4b483 (diff)
parent: 85f018f7cfd7596f06c600e83f0fc9bb2e6efdbf (diff)
1 files changed, 66 insertions, 100 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 08d2ba4ba..137b037b8 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -1,13 +1,13 @@
-<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  * CodeIgniter
  *
  * An open source application development framework for PHP 5.1.6 or newer
  *
  * NOTICE OF LICENSE
- * 
+ *
  * Licensed under the Open Software License version 3.0
- * 
+ *
  * This source file is subject to the Open Software License (OSL 3.0) that is
  * bundled with this package in the files license.txt / license.rst.  It is
  * also available through the world wide web at this URL:
@@ -38,26 +38,26 @@
  */
 class CI_Session {
 
-	var $sess_encrypt_cookie		= FALSE;
-	var $sess_use_database			= FALSE;
-	var $sess_table_name			= '';
-	var $sess_expiration			= 7200;
-	var $sess_expire_on_close		= FALSE;
-	var $sess_match_ip				= FALSE;
-	var $sess_match_useragent		= TRUE;
-	var $sess_cookie_name			= 'ci_session';
-	var $cookie_prefix				= '';
-	var $cookie_path				= '';
-	var $cookie_domain				= '';
-	var $cookie_secure				= FALSE;
-	var $sess_time_to_update		= 300;
-	var $encryption_key				= '';
-	var $flashdata_key				= 'flash';
-	var $time_reference				= 'time';
-	var $gc_probability				= 5;
-	var $userdata					= array();
-	var $CI;
-	var $now;
+	public $sess_encrypt_cookie		= FALSE;
+	public $sess_use_database		= FALSE;
+	public $sess_table_name			= '';
+	public $sess_expiration			= 7200;
+	public $sess_expire_on_close		= FALSE;
+	public $sess_match_ip			= FALSE;
+	public $sess_match_useragent		= TRUE;
+	public $sess_cookie_name		= 'ci_session';
+	public $cookie_prefix			= '';
+	public $cookie_path			= '';
+	public $cookie_domain			= '';
+	public $cookie_secure			= FALSE;
+	public $sess_time_to_update		= 300;
+	public $encryption_key			= '';
+	public $flashdata_key			= 'flash';
+	public $time_reference			= 'time';
+	public $gc_probability			= 5;
+	public $userdata			= array();
+	public $CI;
+	public $now;
 
 	/**
 	 * Session Constructor
@@ -109,7 +109,7 @@ class CI_Session {
 		{
 			$this->sess_expiration = (60*60*24*365*2);
 		}
-		
+
 		// Set the cookie name
 		$this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name;
 
@@ -141,10 +141,9 @@ class CI_Session {
 	/**
 	 * Fetch the current session data if it exists
 	 *
-	 * @access	public
 	 * @return	bool
 	 */
-	function sess_read()
+	public function sess_read()
 	{
 		// Fetch the cookie
 		$session = $this->CI->input->cookie($this->sess_cookie_name);
@@ -194,14 +193,14 @@ class CI_Session {
 		}
 
 		// Does the IP Match?
-		if ($this->sess_match_ip == TRUE AND $session['ip_address'] != $this->CI->input->ip_address())
+		if ($this->sess_match_ip == TRUE AND $session['ip_address'] !== $this->CI->input->ip_address())
 		{
 			$this->sess_destroy();
 			return FALSE;
 		}
 
 		// Does the User Agent Match?
-		if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 120)))
+		if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120)))
 		{
 			$this->sess_destroy();
 			return FALSE;
@@ -225,7 +224,7 @@ class CI_Session {
 			$query = $this->CI->db->get($this->sess_table_name);
 
 			// No result?  Kill it!
-			if ($query->num_rows() == 0)
+			if ($query->num_rows() === 0)
 			{
 				$this->sess_destroy();
 				return FALSE;
@@ -259,10 +258,9 @@ class CI_Session {
 	/**
 	 * Write the session data
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function sess_write()
+	public function sess_write()
 	{
 		// Are we saving custom data to the DB?  If not, all we do is update the cookie
 		if ($this->sess_use_database === FALSE)
@@ -311,16 +309,16 @@ class CI_Session {
 	/**
 	 * Create a new session
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function sess_create()
+	public function sess_create()
 	{
 		$sessid = '';
-		while (strlen($sessid) < 32)
+		do
 		{
 			$sessid .= mt_rand(0, mt_getrandmax());
 		}
+		while (strlen($sessid) < 32);
 
 		// To make the session ID even more secure we'll combine it with the user's IP
 		$sessid .= $this->CI->input->ip_address();
@@ -349,10 +347,9 @@ class CI_Session {
 	/**
 	 * Update an existing session
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function sess_update()
+	public function sess_update()
 	{
 		// We only update the session every five minutes by default
 		if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now)
@@ -364,19 +361,17 @@ class CI_Session {
 		// update in the database if we need it
 		$old_sessid = $this->userdata['session_id'];
 		$new_sessid = '';
-		while (strlen($new_sessid) < 32)
+		do
 		{
 			$new_sessid .= mt_rand(0, mt_getrandmax());
 		}
+		while (strlen($new_sessid) < 32);
 
 		// To make the session ID even more secure we'll combine it with the user's IP
 		$new_sessid .= $this->CI->input->ip_address();
 
-		// Turn it into a hash
-		$new_sessid = md5(uniqid($new_sessid, TRUE));
-
-		// Update the session data in the session data array
-		$this->userdata['session_id'] = $new_sessid;
+		// Turn it into a hash and update the session data array
+		$this->userdata['session_id'] = $new_sessid = md5(uniqid($new_sessid, TRUE));
 		$this->userdata['last_activity'] = $this->now;
 
 		// _set_cookie() will handle this for us if we aren't using database sessions
@@ -405,10 +400,9 @@ class CI_Session {
 	/**
 	 * Destroy the current session
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function sess_destroy()
+	public function sess_destroy()
 	{
 		// Kill the session DB row
 		if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id']))
@@ -433,11 +427,10 @@ class CI_Session {
 	/**
 	 * Fetch a specific item from the session array
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	string
 	 */
-	function userdata($item)
+	public function userdata($item)
 	{
 		return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item];
 	}
@@ -447,10 +440,9 @@ class CI_Session {
 	/**
 	 * Fetch all session data
 	 *
-	 * @access	public
 	 * @return	array
 	 */
-	function all_userdata()
+	public function all_userdata()
 	{
 		return $this->userdata;
 	}
@@ -460,12 +452,11 @@ class CI_Session {
 	/**
 	 * Add or change data in the "userdata" array
 	 *
-	 * @access	public
 	 * @param	mixed
 	 * @param	string
 	 * @return	void
 	 */
-	function set_userdata($newdata = array(), $newval = '')
+	public function set_userdata($newdata = array(), $newval = '')
 	{
 		if (is_string($newdata))
 		{
@@ -488,10 +479,9 @@ class CI_Session {
 	/**
 	 * Delete a session variable from the "userdata" array
 	 *
-	 * @access	array
 	 * @return	void
 	 */
-	function unset_userdata($newdata = array())
+	public function unset_userdata($newdata = array())
 	{
 		if (is_string($newdata))
 		{
@@ -515,12 +505,11 @@ class CI_Session {
 	 * Add or change flashdata, only available
 	 * until the next request
 	 *
-	 * @access	public
 	 * @param	mixed
 	 * @param	string
 	 * @return	void
 	 */
-	function set_flashdata($newdata = array(), $newval = '')
+	public function set_flashdata($newdata = array(), $newval = '')
 	{
 		if (is_string($newdata))
 		{
@@ -531,8 +520,7 @@ class CI_Session {
 		{
 			foreach ($newdata as $key => $val)
 			{
-				$flashdata_key = $this->flashdata_key.':new:'.$key;
-				$this->set_userdata($flashdata_key, $val);
+				$this->set_userdata($this->flashdata_key.':new:'.$key, $val);
 			}
 		}
 	}
@@ -542,21 +530,18 @@ class CI_Session {
 	/**
 	 * Keeps existing flashdata available to next request.
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	void
 	 */
-	function keep_flashdata($key)
+	public function keep_flashdata($key)
 	{
 		// 'old' flashdata gets removed.  Here we mark all
 		// flashdata as 'new' to preserve it from _flashdata_sweep()
 		// Note the function will return FALSE if the $key
 		// provided cannot be found
-		$old_flashdata_key = $this->flashdata_key.':old:'.$key;
-		$value = $this->userdata($old_flashdata_key);
+		$value = $this->userdata($this->flashdata_key.':old:'.$key);
 
-		$new_flashdata_key = $this->flashdata_key.':new:'.$key;
-		$this->set_userdata($new_flashdata_key, $value);
+		$this->set_userdata($this->flashdata_key.':new:'.$key, $value);
 	}
 
 	// ------------------------------------------------------------------------
@@ -564,14 +549,12 @@ class CI_Session {
 	/**
 	 * Fetch a specific flashdata item from the session array
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	string
 	 */
-	function flashdata($key)
+	public function flashdata($key)
 	{
-		$flashdata_key = $this->flashdata_key.':old:'.$key;
-		return $this->userdata($flashdata_key);
+		return $this->userdata($this->flashdata_key.':old:'.$key);
 	}
 
 	// ------------------------------------------------------------------------
@@ -580,10 +563,9 @@ class CI_Session {
 	 * Identifies flashdata as 'old' for removal
 	 * when _flashdata_sweep() runs.
 	 *
-	 * @access	private
 	 * @return	void
 	 */
-	function _flashdata_mark()
+	protected function _flashdata_mark()
 	{
 		$userdata = $this->all_userdata();
 		foreach ($userdata as $name => $value)
@@ -591,8 +573,7 @@ class CI_Session {
 			$parts = explode(':new:', $name);
 			if (is_array($parts) && count($parts) === 2)
 			{
-				$new_name = $this->flashdata_key.':old:'.$parts[1];
-				$this->set_userdata($new_name, $value);
+				$this->set_userdata($this->flashdata_key.':old:'.$parts[1], $value);
 				$this->unset_userdata($name);
 			}
 		}
@@ -603,11 +584,10 @@ class CI_Session {
 	/**
 	 * Removes all flashdata marked as 'old'
 	 *
-	 * @access	private
 	 * @return	void
 	 */
 
-	function _flashdata_sweep()
+	protected function _flashdata_sweep()
 	{
 		$userdata = $this->all_userdata();
 		foreach ($userdata as $key => $value)
@@ -625,22 +605,17 @@ class CI_Session {
 	/**
 	 * Get the "now" time
 	 *
-	 * @access	private
 	 * @return	string
 	 */
-	function _get_time()
+	protected function _get_time()
 	{
-		if (strtolower($this->time_reference) == 'gmt')
+		if (strtolower($this->time_reference) === 'gmt')
 		{
 			$now = time();
-			$time = mktime(gmdate("H", $now), gmdate("i", $now), gmdate("s", $now), gmdate("m", $now), gmdate("d", $now), gmdate("Y", $now));
-		}
-		else
-		{
-			$time = time();
+			return mktime(gmdate('H', $now), gmdate('i', $now), gmdate('s', $now), gmdate('m', $now), gmdate('d', $now), gmdate('Y', $now));
 		}
 
-		return $time;
+		return time();
 	}
 
 	// --------------------------------------------------------------------
@@ -648,10 +623,9 @@ class CI_Session {
 	/**
 	 * Write the session cookie
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function _set_cookie($cookie_data = NULL)
+	protected function _set_cookie($cookie_data = NULL)
 	{
 		if (is_null($cookie_data))
 		{
@@ -692,32 +666,27 @@ class CI_Session {
 	 * This function first converts any slashes found in the array to a temporary
 	 * marker, so when it gets unserialized the slashes will be preserved
 	 *
-	 * @access	private
 	 * @param	array
 	 * @return	string
 	 */
-	function _serialize($data)
+	protected function _serialize($data)
 	{
 		if (is_array($data))
 		{
 			array_walk_recursive($data, array(&$this, '_escape_slashes'));
 		}
-		else
+		elseif (is_string($data))
 		{
-			if (is_string($data))
-			{
-				$data = str_replace('\\', '{{slash}}', $data);
-			}
+			$data = str_replace('\\', '{{slash}}', $data);
 		}
 		return serialize($data);
 	}
-	
+
 	/**
 	 * Escape slashes
 	 *
 	 * This function converts any slashes found into a temporary marker
 	 *
-	 * @access	private
 	 */
 	function _escape_slashes(&$val, $key)
 	{
@@ -735,11 +704,10 @@ class CI_Session {
 	 * This function unserializes a data string, then converts any
 	 * temporary slash markers back to actual slashes
 	 *
-	 * @access	private
 	 * @param	array
 	 * @return	string
 	 */
-	function _unserialize($data)
+	protected function _unserialize($data)
 	{
 		$data = @unserialize(strip_slashes($data));
 
@@ -751,15 +719,14 @@ class CI_Session {
 
 		return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data;
 	}
-	
+
 	/**
 	 * Unescape slashes
 	 *
 	 * This function converts any slash markers back into actual slashes
 	 *
-	 * @access	private
 	 */
-	function _unescape_slashes(&$val, $key)
+	protected function _unescape_slashes(&$val, $key)
 	{
 		if (is_string($val))
 		{
@@ -775,10 +742,9 @@ class CI_Session {
 	 * This deletes expired session rows from database
 	 * if the probability percentage is met
 	 *
-	 * @access	public
 	 * @return	void
 	 */
-	function _sess_gc()
+	protected function _sess_gc()
 	{
 		if ($this->sess_use_database != TRUE)
 		{
@@ -802,4 +768,4 @@ class CI_Session {
 // END Session Class
 
 /* End of file Session.php */
-/* Location: ./system/libraries/Session.php */
-\ No newline at end of file
+/* Location: ./system/libraries/Session.php */
author	Phil Sturgeon <email@philsturgeon.co.uk>	2011-12-27 13:37:40 +0100
committer	Phil Sturgeon <email@philsturgeon.co.uk>	2011-12-27 13:37:40 +0100
commit	d459cbb96d9c9703ef6c62756240b7c612835e5c (patch)
tree	24ec66d67ce477cc5c960adb017b0966c6b39ba8 /system
parent	fcb8ee8695fca74f1175750eb38473ec08a4b483 (diff)
parent	85f018f7cfd7596f06c600e83f0fc9bb2e6efdbf (diff)