summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Session')
-rw-r--r--system/libraries/Session/Session.php12
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php8
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php10
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php34
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php44
-rw-r--r--system/libraries/Session/drivers/index.html3
-rw-r--r--system/libraries/Session/index.html3
7 files changed, 47 insertions, 67 deletions
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index de9b1e829..0549fef66 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -94,10 +94,7 @@ class CI_Session {
$this->_driver = 'database';
}
- if (($class = $this->_ci_load_classes($this->_driver)) === FALSE)
- {
- return;
- }
+ $class = $this->_ci_load_classes($this->_driver);
// Configuration ...
$this->_configure($params);
@@ -230,8 +227,7 @@ class CI_Session {
if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE))
{
- log_message('error', "Session: Configured driver '".$driver."' was not found. Aborting.");
- return FALSE;
+ throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting.");
}
}
@@ -314,7 +310,7 @@ class CI_Session {
$this->_config = $params;
// Security is king
- ini_set('session.use_trans_id', 0);
+ ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
@@ -873,7 +869,7 @@ class CI_Session {
public function set_tempdata($data, $value = NULL, $ttl = 300)
{
$this->set_userdata($data, $value);
- $this->mark_as_temp($data, $ttl);
+ $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl);
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 20cec00fd..1d01c2923 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -93,6 +93,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
throw new Exception('Configured database connection is persistent. Aborting.');
}
+ elseif ($this->_db->cache_on)
+ {
+ throw new Exception('Configured database connection has cache enabled. Aborting.');
+ }
$db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver);
if (strpos($db_driver, 'mysql') !== FALSE)
@@ -122,7 +126,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
public function open($save_path, $name)
{
return empty($this->_db->conn_id)
- ? ( ! $this->_db->autoinit && $this->_db->db_connect())
+ ? (bool) $this->_db->db_connect()
: TRUE;
}
@@ -319,7 +323,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if ($this->_platform === 'mysql')
{
$arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '');
- if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock)
+ if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock)
{
$this->_lock = $arg;
return TRUE;
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 5852277e8..45da91c46 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -299,7 +299,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
if ($this->close())
{
- return unlink($this->_file_path.$session_id) && $this->_cookie_destroy();
+ return file_exists($this->_file_path.$session_id)
+ ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy())
+ : TRUE;
}
elseif ($this->_file_path !== NULL)
{
@@ -324,7 +326,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
public function gc($maxlifetime)
{
- if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE)
+ if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE)
{
log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'.");
return FALSE;
@@ -338,7 +340,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
($this->_config['match_ip'] === TRUE ? 72 : 40)
);
- foreach ($files as $file)
+ while (($file = readdir($directory)) !== FALSE)
{
// If the filename doesn't match this pattern, it's either not a session file or is not ours
if ( ! preg_match($pattern, $file)
@@ -352,6 +354,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file);
}
+ closedir($directory);
+
return TRUE;
}
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index 600b8ca66..c7185ee44 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -204,7 +204,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if (isset($this->_lock_key))
{
- $this->_memcached->replace($this->_lock_key, time(), 5);
+ $this->_memcached->replace($this->_lock_key, time(), 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
@@ -299,34 +299,21 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if (isset($this->_lock_key))
{
- return $this->_memcached->replace($this->_lock_key, time(), 5);
+ return $this->_memcached->replace($this->_lock_key, time(), 300);
}
+ // 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->_key_prefix.$session_id.':lock';
- if ( ! ($ts = $this->_memcached->get($lock_key)))
- {
- if ( ! $this->_memcached->set($lock_key, TRUE, 5))
- {
- log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
- return FALSE;
- }
-
- $this->_lock_key = $lock_key;
- $this->_lock = TRUE;
- return TRUE;
- }
-
- // Another process has the lock, we'll try to wait for it to free itself ...
$attempt = 0;
- while ($attempt++ < 5)
+ do
{
- usleep(((time() - $ts) * 1000000) - 20000);
- if (($ts = $this->_memcached->get($lock_key)) < time())
+ if ($this->_memcached->get($lock_key))
{
+ sleep(1);
continue;
}
- if ( ! $this->_memcached->set($lock_key, time(), 5))
+ if ( ! $this->_memcached->set($lock_key, time(), 300))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -335,10 +322,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
$this->_lock_key = $lock_key;
break;
}
+ while ($attempt++ < 30);
- if ($attempt === 5)
+ if ($attempt === 30)
{
- log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.');
+ log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
return FALSE;
}
@@ -361,7 +349,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if ( ! $this->_memcached->delete($this->_lock_key) && $this->_memcached->getResultCode() !== Memcached::RES_NOTFOUND)
{
- log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id);
+ log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
return FALSE;
}
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index c3c75b3b6..1ce101daf 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -205,7 +205,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if (isset($this->_lock_key))
{
- $this->_redis->setTimeout($this->_lock_key, 5);
+ $this->_redis->setTimeout($this->_lock_key, 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
@@ -272,7 +272,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_redis, $this->_lock_key))
{
- if ($this->_redis->delete($this->_key_prefix.$session_id) !== 1)
+ if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1)
{
log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
}
@@ -313,40 +313,21 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_lock_key))
{
- return $this->_redis->setTimeout($this->_lock_key, 5);
+ return $this->_redis->setTimeout($this->_lock_key, 300);
}
+ // 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->_key_prefix.$session_id.':lock';
- if (($ttl = $this->_redis->ttl($lock_key)) < 1)
- {
- if ( ! $this->_redis->setex($lock_key, 5, time()))
- {
- log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
- return FALSE;
- }
-
- $this->_lock_key = $lock_key;
-
- if ($ttl === -1)
- {
- log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.');
- }
-
- $this->_lock = TRUE;
- return TRUE;
- }
-
- // Another process has the lock, we'll try to wait for it to free itself ...
$attempt = 0;
- while ($attempt++ < 5)
+ do
{
- usleep(($ttl * 1000000) - 20000);
if (($ttl = $this->_redis->ttl($lock_key)) > 0)
{
+ sleep(1);
continue;
}
- if ( ! $this->_redis->setex($lock_key, 5, time()))
+ if ( ! $this->_redis->setex($lock_key, 300, time()))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -355,12 +336,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
$this->_lock_key = $lock_key;
break;
}
+ while ($attempt++ < 30);
- if ($attempt === 5)
+ if ($attempt === 30)
{
- log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.');
+ log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
return FALSE;
}
+ elseif ($ttl === -1)
+ {
+ log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.');
+ }
$this->_lock = TRUE;
return TRUE;
@@ -381,7 +367,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if ( ! $this->_redis->delete($this->_lock_key))
{
- log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id);
+ log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
return FALSE;
}
diff --git a/system/libraries/Session/drivers/index.html b/system/libraries/Session/drivers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Session/drivers/index.html
+++ b/system/libraries/Session/drivers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Session/index.html b/system/libraries/Session/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Session/index.html
+++ b/system/libraries/Session/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>