summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Session')
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php14
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php6
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php5
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php7
4 files changed, 25 insertions, 7 deletions
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 40a358fb8..8c4555481 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -147,6 +147,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if ($this->_get_lock($session_id) !== FALSE)
{
+ // Prevent previous QB calls from messing with our queries
+ $this->_db->reset_query();
+
// Needed by write() to detect session_regenerate_id() calls
$this->_session_id = $session_id;
@@ -199,6 +202,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function write($session_id, $session_data)
{
+ // Prevent previous QB calls from messing with our queries
+ $this->_db->reset_query();
+
// Was the ID regenerated?
if ($session_id !== $this->_session_id)
{
@@ -287,6 +293,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if ($this->_lock)
{
+ // Prevent previous QB calls from messing with our queries
+ $this->_db->reset_query();
+
$this->_db->where('id', $session_id);
if ($this->_config['match_ip'])
{
@@ -299,7 +308,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
}
}
- if ($this->close())
+ if ($this->close() === $this->_success)
{
$this->_cookie_destroy();
return $this->_success;
@@ -320,6 +329,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function gc($maxlifetime)
{
+ // Prevent previous QB calls from messing with our queries
+ $this->_db->reset_query();
+
return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)))
? $this->_success
: $this->_failure;
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index f0f055f87..c540996a7 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -185,7 +185,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
}
// We shouldn't need this, but apparently we do ...
// See https://github.com/bcit-ci/CodeIgniter/issues/4039
- elseif ($this->_file_handler === FALSE)
+ elseif ($this->_file_handle === FALSE)
{
return $this->_failure;
}
@@ -224,7 +224,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
// If the two IDs don't match, we have a session_regenerate_id() call
// and we need to close the old handle and open a new one
- if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE))
+ if ($session_id !== $this->_session_id && ($this->close() === $this->_failure OR $this->read($session_id) === $this->_failure))
{
return $this->_failure;
}
@@ -302,7 +302,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
public function destroy($session_id)
{
- if ($this->close())
+ if ($this->close() === $this->_success)
{
if (file_exists($this->_file_path.$session_id))
{
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index 760239dfb..9d7ab1172 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -300,7 +300,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
*/
protected function _get_lock($session_id)
{
- if (isset($this->_lock_key))
+ // PHP 7 reuses the SessionHandler object on regeneration,
+ // so we need to check here if the lock key is for the
+ // correct session ID.
+ if ($this->_lock_key === $this->_key_prefix.$session_id.':lock')
{
return ($this->_memcached->replace($this->_lock_key, time(), 300))
? $this->_success
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index 2395df1b5..fede625eb 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -265,7 +265,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if ($this->_redis->ping() === '+PONG')
{
isset($this->_lock_key) && $this->_redis->delete($this->_lock_key);
- if ( ! $this->_redis->close())
+ if ($this->_redis->close() === $this->_failure)
{
return $this->_failure;
}
@@ -337,7 +337,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
*/
protected function _get_lock($session_id)
{
- if (isset($this->_lock_key))
+ // PHP 7 reuses the SessionHandler object on regeneration,
+ // so we need to check here if the lock key is for the
+ // correct session ID.
+ if ($this->_lock_key === $this->_key_prefix.$session_id.':lock')
{
return $this->_redis->setTimeout($this->_lock_key, 300);
}