summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session/drivers/Session_cookie.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Session/drivers/Session_cookie.php')
-rwxr-xr-xsystem/libraries/Session/drivers/Session_cookie.php125
1 files changed, 69 insertions, 56 deletions
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 52eeddbc4..6d931c16c 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -37,6 +37,7 @@
* @link http://codeigniter.com/user_guide/libraries/sessions.html
*/
class CI_Session_cookie extends CI_Session_driver {
+
/**
* Whether to encrypt the session cookie
*
@@ -192,7 +193,6 @@ class CI_Session_cookie extends CI_Session_driver {
/**
* Initialize session driver object
*
- * @access protected
* @return void
*/
protected function initialize()
@@ -220,16 +220,17 @@ class CI_Session_cookie extends CI_Session_driver {
'cookie_prefix',
'encryption_key'
);
+
foreach ($prefs as $key)
{
- $this->$key = isset($this->_parent->params[$key]) ? $this->_parent->params[$key] :
- $this->CI->config->item($key);
+ $this->$key = isset($this->_parent->params[$key])
+ ? $this->_parent->params[$key]
+ : $this->CI->config->item($key);
}
if ($this->encryption_key === '')
{
- show_error('In order to use the Cookie Session driver you are required to set an encryption key '.
- 'in your config file.');
+ show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.');
}
// Load the string helper so we can use the strip_slashes() function
@@ -280,6 +281,8 @@ class CI_Session_cookie extends CI_Session_driver {
$this->_sess_gc();
}
+ // ------------------------------------------------------------------------
+
/**
* Write the session data
*
@@ -298,6 +301,8 @@ class CI_Session_cookie extends CI_Session_driver {
$this->_set_cookie();
}
+ // ------------------------------------------------------------------------
+
/**
* Destroy the current session
*
@@ -320,15 +325,17 @@ class CI_Session_cookie extends CI_Session_driver {
$this->userdata = array();
}
+ // ------------------------------------------------------------------------
+
/**
* Regenerate the current session
*
* Regenerate the session id
*
- * @param boolean Destroy session data flag (default: false)
+ * @param bool Destroy session data flag (default: false)
* @return void
*/
- public function sess_regenerate($destroy = false)
+ public function sess_regenerate($destroy = FALSE)
{
// Check destroy flag
if ($destroy)
@@ -344,21 +351,23 @@ class CI_Session_cookie extends CI_Session_driver {
}
}
+ // ------------------------------------------------------------------------
+
/**
* Get a reference to user data array
*
- * @return array - Reference to userdata
+ * @return array Reference to userdata
*/
public function &get_userdata()
{
- // Return reference to array
return $this->userdata;
}
+ // ------------------------------------------------------------------------
+
/**
* Fetch the current session data if it exists
*
- * @access protected
* @return bool
*/
protected function _sess_read()
@@ -389,8 +398,7 @@ class CI_Session_cookie extends CI_Session_driver {
// Does the md5 hash match? This is to prevent manipulation of session data in userspace
if ($hash !== md5($session.$this->encryption_key))
{
- log_message('error', 'The session cookie data did not match what was expected. '.
- 'This could be a possible hacking attempt.');
+ log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.');
$this->sess_destroy();
return FALSE;
}
@@ -400,8 +408,7 @@ class CI_Session_cookie extends CI_Session_driver {
$session = $this->_unserialize($session);
// Is the session data we unserialized an array with the correct format?
- if ( ! is_array($session) || ! isset($session['session_id'], $session['ip_address'], $session['user_agent'],
- $session['last_activity']))
+ if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity']))
{
$this->sess_destroy();
return FALSE;
@@ -423,7 +430,7 @@ class CI_Session_cookie extends CI_Session_driver {
// Does the User Agent Match?
if ($this->sess_match_useragent === TRUE &&
- trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120)))
+ trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120)))
{
$this->sess_destroy();
return FALSE;
@@ -482,10 +489,11 @@ class CI_Session_cookie extends CI_Session_driver {
return TRUE;
}
+ // ------------------------------------------------------------------------
+
/**
* Create a new session
*
- * @access protected
* @return void
*/
protected function _sess_create()
@@ -509,11 +517,12 @@ class CI_Session_cookie extends CI_Session_driver {
$this->_set_cookie();
}
+ // ------------------------------------------------------------------------
+
/**
* Update an existing session
*
- * @access protected
- * @param boolean Force update flag (default: false)
+ * @param bool Force update flag (default: false)
* @return void
*/
protected function _sess_update($force = FALSE)
@@ -551,6 +560,8 @@ class CI_Session_cookie extends CI_Session_driver {
$this->_set_cookie();
}
+ // ------------------------------------------------------------------------
+
/**
* Update database with current data
*
@@ -559,6 +570,8 @@ class CI_Session_cookie extends CI_Session_driver {
* so it's guaranteed to update even when a fatal error
* occurs. The first call makes the update and clears the
* dirty flag so it won't happen twice.
+ *
+ * @return void
*/
public function _update_db()
{
@@ -595,6 +608,8 @@ class CI_Session_cookie extends CI_Session_driver {
}
}
+ // ------------------------------------------------------------------------
+
/**
* Generate a new session id
*
@@ -616,15 +631,16 @@ class CI_Session_cookie extends CI_Session_driver {
return md5(uniqid($new_sessid, TRUE));
}
+ // ------------------------------------------------------------------------
+
/**
* Get the "now" time
*
- * @access protected
* @return int Time
*/
protected function _get_time()
{
- if ($this->time_reference === 'local' || $this->time_reference === date_default_timezone_get())
+ if ($this->time_reference === 'local' OR $this->time_reference === date_default_timezone_get())
{
return time();
}
@@ -635,36 +651,27 @@ class CI_Session_cookie extends CI_Session_driver {
return mktime($hour, $minute, $second, $month, $day, $year);
}
+ // ------------------------------------------------------------------------
+
/**
* Write the session cookie
*
- * @access protected
* @return void
*/
protected function _set_cookie()
{
// Get userdata (only defaults if database)
- if ($this->sess_use_database === TRUE)
- {
- $cookie_data = array_intersect_key($this->userdata, $this->defaults);
- }
- else
- {
- $cookie_data = $this->userdata;
- }
+ $cookie_data = ($this->sess_use_database === TRUE)
+ ? array_intersect_key($this->userdata, $this->defaults)
+ : $this->userdata;
// Serialize the userdata for the cookie
$cookie_data = $this->_serialize($cookie_data);
- if ($this->sess_encrypt_cookie === TRUE)
- {
- $cookie_data = $this->CI->encrypt->encode($cookie_data);
- }
- else
- {
+ $cookie_data = ($this->sess_encrypt_cookie === TRUE)
+ ? $this->CI->encrypt->encode($cookie_data)
// if encryption is not used, we provide an md5 hash to prevent userside tampering
- $cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
- }
+ : $cookie_data.md5($cookie_data.$this->encryption_key);
$expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
@@ -673,35 +680,35 @@ class CI_Session_cookie extends CI_Session_driver {
$this->cookie_secure, $this->cookie_httponly);
}
+ // ------------------------------------------------------------------------
+
/**
* Set a cookie with the system
*
* This abstraction of the setcookie call allows overriding for unit testing
*
- * @access protected
- * @param string Cookie name
- * @param string Cookie value
- * @param int Expiration time
- * @param string Cookie path
- * @param string Cookie domain
- * @param bool Secure connection flag
- * @param bool HTTP protocol only flag
- * @return void
- */
- protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = false,
- $httponly = false)
+ * @param string Cookie name
+ * @param string Cookie value
+ * @param int Expiration time
+ * @param string Cookie path
+ * @param string Cookie domain
+ * @param bool Secure connection flag
+ * @param bool HTTP protocol only flag
+ * @return void
+ */
+ protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = FALSE, $httponly = FALSE)
{
- // Set the cookie
setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
}
+ // ------------------------------------------------------------------------
+
/**
* Serialize an array
*
* This function first converts any slashes found in the array to a temporary
* marker, so when it gets unserialized the slashes will be preserved
*
- * @access protected
* @param mixed Data to serialize
* @return string Serialized data
*/
@@ -715,15 +722,17 @@ class CI_Session_cookie extends CI_Session_driver {
{
$data = str_replace('\\', '{{slash}}', $data);
}
+
return serialize($data);
}
+ // ------------------------------------------------------------------------
+
/**
* Escape slashes
*
* This function converts any slashes found into a temporary marker
*
- * @access protected
* @param string Value
* @param string Key
* @return void
@@ -736,13 +745,14 @@ class CI_Session_cookie extends CI_Session_driver {
}
}
+ // ------------------------------------------------------------------------
+
/**
* Unserialize
*
* This function unserializes a data string, then converts any
* temporary slash markers back to actual slashes
*
- * @access protected
* @param mixed Data to unserialize
* @return mixed Unserialized data
*/
@@ -759,12 +769,13 @@ class CI_Session_cookie extends CI_Session_driver {
return is_string($data) ? str_replace('{{slash}}', '\\', $data) : $data;
}
+ // ------------------------------------------------------------------------
+
/**
* Unescape slashes
*
* This function converts any slash markers back into actual slashes
*
- * @access protected
* @param string Value
* @param string Key
* @return void
@@ -777,13 +788,14 @@ class CI_Session_cookie extends CI_Session_driver {
}
}
+ // ------------------------------------------------------------------------
+
/**
* Garbage collection
*
* This deletes expired session rows from database
* if the probability percentage is met
*
- * @access protected
* @return void
*/
protected function _sess_gc()
@@ -805,7 +817,8 @@ class CI_Session_cookie extends CI_Session_driver {
log_message('debug', 'Session garbage collection performed.');
}
}
+
}
/* End of file Session_cookie.php */
-/* Location: ./system/libraries/Session/drivers/Session_cookie.php */
+/* Location: ./system/libraries/Session/drivers/Session_cookie.php */ \ No newline at end of file
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-08 01:17:56 +0200