summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Session')
-rwxr-xr-xsystem/libraries/Session/Session.php36
-rwxr-xr-xsystem/libraries/Session/drivers/Session_cookie.php41
-rwxr-xr-xsystem/libraries/Session/drivers/Session_native.php5
3 files changed, 70 insertions, 12 deletions
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index fec9b5b31..96e65f154 100755
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -18,12 +18,13 @@
*
* @package CodeIgniter
* @author EllisLab Dev Team
- * @copyright Copyright (c) 2006 - 2012 EllisLab, Inc.
+ * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
* @since Version 2.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* CodeIgniter Session Class
@@ -51,10 +52,29 @@
*/
class CI_Session extends CI_Driver_Library {
+ /**
+ * Initialization parameters
+ *
+ * @var array
+ */
public $params = array();
+
+ /**
+ * Current driver in use
+ *
+ * @var string
+ */
protected $current = NULL;
+
+ /**
+ * User data
+ *
+ * @var array
+ */
protected $userdata = array();
+ // ------------------------------------------------------------------------
+
const FLASHDATA_KEY = 'flash';
const FLASHDATA_NEW = ':new:';
const FLASHDATA_OLD = ':old:';
@@ -62,6 +82,8 @@ class CI_Session extends CI_Driver_Library {
const EXPIRATION_KEY = '__expirations';
const TEMP_EXP_DEF = 300;
+ // ------------------------------------------------------------------------
+
/**
* CI_Session constructor
*
@@ -506,7 +528,7 @@ class CI_Session extends CI_Driver_Library {
foreach ($this->all_userdata() as $name => $value)
{
$parts = explode(self::FLASHDATA_NEW, $name);
- if (is_array($parts) && count($parts) === 2)
+ if (count($parts) === 2)
{
$new_name = self::FLASHDATA_KEY.self::FLASHDATA_OLD.$parts[1];
$this->set_userdata($new_name, $value);
@@ -595,8 +617,16 @@ class CI_Session extends CI_Driver_Library {
*/
abstract class CI_Session_driver extends CI_Driver {
+ /**
+ * CI Singleton
+ *
+ * @see get_instance()
+ * @var object
+ */
protected $CI;
+ // ------------------------------------------------------------------------
+
/**
* Constructor
*
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 2f1bf3531..3c4848265 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -9,7 +9,7 @@
* Licensed under the Open Software License version 3.0
*
* This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst. It is
+ * bundled with this package in the files license.txt / license.rst. It is
* also available through the world wide web at this URL:
* http://opensource.org/licenses/OSL-3.0
* If you did not receive a copy of the license and are unable to obtain it
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Cookie-based session management driver
@@ -540,11 +541,25 @@ class CI_Session_cookie extends CI_Session_driver {
// Check for database
if ($this->sess_use_database === TRUE)
{
+ $this->CI->db->where('session_id', $old_sessid);
+
+ if ($this->sess_match_ip === TRUE)
+ {
+ $this->CI->db->where('ip_address', $this->CI->input->ip_address());
+ }
+
+ if ($this->sess_match_useragent === TRUE)
+ {
+ $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120)));
+ }
+
// Update the session ID and last_activity field in the DB
- $this->CI->db->update($this->sess_table_name, array(
- 'last_activity' => $this->now,
- 'session_id' => $this->userdata['session_id']
- ), array('session_id' => $old_sessid));
+ $this->CI->db->update($this->sess_table_name,
+ array(
+ 'last_activity' => $this->now,
+ 'session_id' => $this->userdata['session_id']
+ )
+ );
}
// Write the cookie
@@ -590,7 +605,19 @@ class CI_Session_cookie extends CI_Session_driver {
// Run the update query
// Any time we change the session id, it gets updated immediately,
// so our where clause below is always safe
- $this->CI->db->update($this->sess_table_name, $set, array('session_id' => $this->userdata['session_id']));
+ $this->CI->db->where('session_id', $this->userdata['session_id']);
+
+ if ($this->sess_match_ip === TRUE)
+ {
+ $this->CI->db->where('ip_address', $this->CI->input->ip_address());
+ }
+
+ if ($this->sess_match_useragent === TRUE)
+ {
+ $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120)));
+ }
+
+ $this->CI->db->update($this->sess_table_name, $set);
// Clear dirty flag to prevent double updates
$this->data_dirty = FALSE;
diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php
index a837b89f6..3e700ad5d 100755
--- a/system/libraries/Session/drivers/Session_native.php
+++ b/system/libraries/Session/drivers/Session_native.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -9,7 +9,7 @@
* Licensed under the Open Software License version 3.0
*
* This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst. It is
+ * bundled with this package in the files license.txt / license.rst. It is
* also available through the world wide web at this URL:
* http://opensource.org/licenses/OSL-3.0
* If you did not receive a copy of the license and are unable to obtain it
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Native PHP session management driver