diff options
Diffstat (limited to 'system/libraries/Session.php')
| -rw-r--r-- | system/libraries/Session.php | 53 |
1 files changed, 28 insertions, 25 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 4d6aa0ce8..af38dc366 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -149,18 +149,12 @@ class CI_Session { public $flashdata_key = 'flash'; /** - * Function to use to get the current time + * Timezone to use for the current time * * @var string */ - public $time_reference = 'time'; + public $time_reference = 'local'; - /** - * Probablity level of garbage collection of old sessions - * - * @var int - */ - public $gc_probability = 5; /** * Session data @@ -203,10 +197,10 @@ class CI_Session { // manually via the $params array above or via the config file foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) { - $this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key); + $this->$key = isset($params[$key]) ? $params[$key] : $this->CI->config->item($key); } - if ($this->encryption_key == '') + if ($this->encryption_key === '') { show_error('In order to use the Session class you are required to set an encryption key in your config file.'); } @@ -215,13 +209,13 @@ class CI_Session { $this->CI->load->helper('string'); // Do we need encryption? If so, load the encryption class - if ($this->sess_encrypt_cookie == TRUE) + if ($this->sess_encrypt_cookie === TRUE) { $this->CI->load->library('encrypt'); } // Are we using a database? If so, load it - if ($this->sess_use_database === TRUE && $this->sess_table_name != '') + if ($this->sess_use_database === TRUE && $this->sess_table_name !== '') { $this->CI->load->database(); } @@ -232,7 +226,7 @@ class CI_Session { // Set the session length. If the session expiration is // set to zero we'll set the expiration two years from now. - if ($this->sess_expiration == 0) + if ($this->sess_expiration === 0) { $this->sess_expiration = (60*60*24*365*2); } @@ -283,7 +277,7 @@ class CI_Session { } // Decrypt the cookie data - if ($this->sess_encrypt_cookie == TRUE) + if ($this->sess_encrypt_cookie === TRUE) { $session = $this->CI->encrypt->decode($session); } @@ -320,14 +314,14 @@ class CI_Session { } // Does the IP match? - if ($this->sess_match_ip == TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) + if ($this->sess_match_ip === TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) { $this->sess_destroy(); return FALSE; } // Does the User Agent Match? - if ($this->sess_match_useragent == TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) + if ($this->sess_match_useragent === TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) { $this->sess_destroy(); return FALSE; @@ -338,12 +332,12 @@ class CI_Session { { $this->CI->db->where('session_id', $session['session_id']); - if ($this->sess_match_ip == TRUE) + if ($this->sess_match_ip === TRUE) { $this->CI->db->where('ip_address', $session['ip_address']); } - if ($this->sess_match_useragent == TRUE) + if ($this->sess_match_useragent === TRUE) { $this->CI->db->where('user_agent', $session['user_agent']); } @@ -359,7 +353,7 @@ class CI_Session { // Is there custom data? If so, add it to the main session array $row = $query->row(); - if (isset($row->user_data) && $row->user_data != '') + if ( ! empty($row->user_data)) { $custom_data = $this->_unserialize($row->user_data); @@ -786,9 +780,15 @@ class CI_Session { */ protected function _get_time() { - return (strtolower($this->time_reference) === 'gmt') - ? mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y')) - : time(); + if ($this->time_reference === 'local' OR $this->time_reference === date_default_timezone_get()) + { + return time(); + } + + $datetime = new DateTime('now', new DateTimeZone($this->time_reference)); + sscanf($datetime->format('j-n-Y G:i:s'), '%d-%d-%d %d:%d:%d', $day, $month, $year, $hour, $minute, $second); + + return mktime($hour, $minute, $second, $month, $day, $year); } // -------------------------------------------------------------------- @@ -809,7 +809,7 @@ class CI_Session { // Serialize the userdata for the cookie $cookie_data = $this->_serialize($cookie_data); - if ($this->sess_encrypt_cookie == TRUE) + if ($this->sess_encrypt_cookie === TRUE) { $cookie_data = $this->CI->encrypt->encode($cookie_data); } @@ -929,13 +929,16 @@ class CI_Session { */ protected function _sess_gc() { - if ($this->sess_use_database != TRUE) + if ($this->sess_use_database !== TRUE) { return; } + $probability = ini_get('session.gc_probability'); + $divisor = ini_get('session.gc_divisor'); + srand(time()); - if ((rand() % 100) < $this->gc_probability) + if ((mt_rand(0, $divisor) / $divisor) < $probability) { $expire = $this->now - $this->sess_expiration; |