From 47a47fb9fafdb26206d01d846d8013f6e883eb37 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 31 May 2014 16:08:30 +0300 Subject: Initial version of new Session library --- .../Session/drivers/Session_files_driver.php | 276 +++++++++++++++++++++ 1 file changed, 276 insertions(+) create mode 100644 system/libraries/Session/drivers/Session_files_driver.php (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php new file mode 100644 index 000000000..4acbcf6c5 --- /dev/null +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -0,0 +1,276 @@ +_save_path)) + { + $this->_save_path = rtrim($this->_save_path, '/\\'); + ini_set('session.save_path', $this->_save_path); + } + else + { + $this->_save_path = rtrim(ini_get('session.save_path'), '/\\'); + } + } + + // ------------------------------------------------------------------------ + + public function open($save_path, $name) + { + if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) + { + log_message('error', "Session: Configured save path '".$this->_save_path."' is not a directory, doesn't exist or cannot be created."); + return FALSE; + } + + $this->_save_path = $save_path; + $this->_file_path = $this->_save_path.DIRECTORY_SEPARATOR + .$name // we'll use the session cookie name as a prefix to avoid collisions + .($this->_match_ip ? md5($_SERVER['REMOTE_ADDR']) : ''); + + return TRUE; + } + + // ------------------------------------------------------------------------ + + public function read($session_id) + { + // This might seem weird, but PHP 5.6 introduces session_reset(), + // which re-reads session data + if ($this->_file_handle === NULL) + { + $this->_file_path .= $session_id; + + // Just using fopen() with 'c+b' mode would be perfect, but it is only + // available since PHP 5.2.6 and we have to set permissions for new files, + // so we'd have to hack around this ... + if (($this->_file_new = ! file_exists($this->_file_path)) === TRUE) + { + if (($this->_file_handle = fopen($this->_file_path, 'w+b')) === FALSE) + { + log_message('error', "Session: File '".$this->_file_path."' doesn't exist and cannot be created."); + return FALSE; + } + } + elseif (($this->_file_handle = fopen($this->_file_path, 'r+b')) === FALSE) + { + log_message('error', "Session: Unable to open file '".$this->_file_path."'."); + return FALSE; + } + + if (flock($this->_file_handle, LOCK_EX) === FALSE) + { + log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path."'."); + fclose($this->_file_handle); + $this->_file_handle = NULL; + return FALSE; + } + + if ($this->_file_new) + { + chmod($this->_file_path, 0600); + $this->_fingerprint = md5(''); + return ''; + } + } + else + { + rewind($this->_file_handle); + } + + $session_data = ''; + for ($read = 0, $length = filesize($this->_file_path); $read < $length; $read += strlen($buffer)) + { + if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) + { + break; + } + + $session_data .= $buffer; + } + + $this->_fingerprint = md5($session_data); + return $session_data; + } + + public function write($session_id, $session_data) + { + if ( ! is_resource($this->_file_handle)) + { + return FALSE; + } + elseif ($this->_fingerprint === md5($session_data)) + { + return ($this->_file_new) + ? TRUE + : touch($this->_file_path); + } + + if ( ! $this->_file_new) + { + ftruncate($this->_file_handle, 0); + rewind($this->_file_handle); + } + + for ($written = 0, $length = strlen($session_data); $written < $length; $written += $result) + { + if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + { + break; + } + } + + if ( ! is_int($result)) + { + $this->_fingerprint = md5(substr($session_data, 0, $written)); + log_message('error', 'Session: Unable to write data.'); + return FALSE; + } + + $this->_fingerprint = md5($session_data); + return TRUE; + } + + // ------------------------------------------------------------------------ + + public function close() + { + if (is_resource($this->_file_handle)) + { + flock($this->_file_handle, LOCK_UN); + fclose($this->_file_handle); + + $this->_file_handle = $this->_file_new = NULL; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function destroy($session_id) + { + if ($this->close()) + { + return unlink($this->_file_path) && $this->_cookie_destroy(); + } + elseif ($this->_file_path !== NULL) + { + clearstatcache(); + return file_exists($this->_file_path) + ? (unlink($this->_file_path) && $this->_cookie_destroy()) + : TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function gc($maxlifetime) + { + if ( ! is_dir($this->_save_path) OR ($files = scandir($this->_save_path)) === FALSE) + { + log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_save_path."'."); + return FALSE; + } + + $ts = time() - $maxlifetime; + + foreach ($files as $file) + { + // If the filename doesn't match this pattern, it's either not a session file or is not ours + if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) + OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) + OR ($mtime = filemtime($file)) === FALSE + OR $mtime > $ts) + { + continue; + } + + unlink($this->_save_path.DIRECTORY_SEPARATOR.$file); + } + + return TRUE; + } + +} + +/* End of file Session_files_driver.php */ +/* Location: ./system/libraries/Session/drivers/Session_files_driver.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 5995e08ed0d5cf89747911443be06a26e410154f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Jun 2014 15:33:51 +0300 Subject: #3073: Fix an undefined variable error --- .../Session/drivers/Session_files_driver.php | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 4acbcf6c5..f95edcf2c 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -187,19 +187,22 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle rewind($this->_file_handle); } - for ($written = 0, $length = strlen($session_data); $written < $length; $written += $result) + if (($length = strlen($session_data)) > 0) { - if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + for ($written = 0; $written < $length; $written += $result) { - break; + if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + { + break; + } } - } - if ( ! is_int($result)) - { - $this->_fingerprint = md5(substr($session_data, 0, $written)); - log_message('error', 'Session: Unable to write data.'); - return FALSE; + if ( ! is_int($result)) + { + $this->_fingerprint = md5(substr($session_data, 0, $written)); + log_message('error', 'Session: Unable to write data.'); + return FALSE; + } } $this->_fingerprint = md5($session_data); -- cgit v1.2.3-24-g4f1b From 85f0c558ca2f47453ce7e8ae767451f5c0045479 Mon Sep 17 00:00:00 2001 From: Marcos SF Filho Date: Mon, 11 Aug 2014 10:11:57 -0300 Subject: Added file path for file GC --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f95edcf2c..7779e9beb 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($file)) === FALSE + OR ($mtime = filemtime($this->_save_path.DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From dfb39bec5faf77e806e55f3ee9d2138e57d55010 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Oct 2014 01:50:14 +0300 Subject: feature/session (#3073): Refactor configuration & fix cookie expiry times --- .../Session/drivers/Session_files_driver.php | 26 +++++++++++----------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 7779e9beb..a4f1b9f2f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -77,14 +77,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { parent::__construct($params); - if (isset($this->_save_path)) + if (isset($this->_config['save_path'])) { - $this->_save_path = rtrim($this->_save_path, '/\\'); - ini_set('session.save_path', $this->_save_path); + $this->_config['save_path'] = rtrim($this->_config['save_path'], '/\\'); + ini_set('session.save_path', $this->_config['save_path']); } else { - $this->_save_path = rtrim(ini_get('session.save_path'), '/\\'); + $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } } @@ -94,14 +94,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) { - log_message('error', "Session: Configured save path '".$this->_save_path."' is not a directory, doesn't exist or cannot be created."); + log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); return FALSE; } - $this->_save_path = $save_path; - $this->_file_path = $this->_save_path.DIRECTORY_SEPARATOR + $this->_config['save_path'] = $save_path; + $this->_file_path = $this->_config['save_path'].DIRECTORY_SEPARATOR .$name // we'll use the session cookie name as a prefix to avoid collisions - .($this->_match_ip ? md5($_SERVER['REMOTE_ADDR']) : ''); + .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); return TRUE; } @@ -248,9 +248,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle public function gc($maxlifetime) { - if ( ! is_dir($this->_save_path) OR ($files = scandir($this->_save_path)) === FALSE) + if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) { - log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_save_path."'."); + log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); return FALSE; } @@ -260,14 +260,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) - OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($this->_save_path.DIRECTORY_SEPARATOR.$file)) === FALSE + OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) + OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; } - unlink($this->_save_path.DIRECTORY_SEPARATOR.$file); + unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file); } return TRUE; -- cgit v1.2.3-24-g4f1b From c5519ce166943b744bbea75a87831132aced4247 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 26 Oct 2014 11:57:20 +0200 Subject: #3073 (feature/session): Fix a GC issue with the files driver --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index a4f1b9f2f..ff1553f84 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE + OR ($mtime = fileatime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From cd489611cf2d4e7ba7f5afb370a4b8a01f71c5bc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 27 Oct 2014 16:09:01 +0200 Subject: Revert "#3073 (feature/session): Fix a GC issue with the files driver" This reverts commit c5519ce166943b744bbea75a87831132aced4247. --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index ff1553f84..a4f1b9f2f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) - OR ($mtime = fileatime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE + OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From 7474a6799b44e4988b6a7a4adcc2901ec0b993b4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 31 Oct 2014 23:35:32 +0200 Subject: #3073 (feature/session): Fix session_regenerate_id() issues --- .../Session/drivers/Session_files_driver.php | 40 +++++++++++++--------- 1 file changed, 24 insertions(+), 16 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index ff1553f84..3d6fa6322 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -114,36 +114,37 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - $this->_file_path .= $session_id; - // Just using fopen() with 'c+b' mode would be perfect, but it is only // available since PHP 5.2.6 and we have to set permissions for new files, // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path)) === TRUE) + if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) { - if (($this->_file_handle = fopen($this->_file_path, 'w+b')) === FALSE) + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { - log_message('error', "Session: File '".$this->_file_path."' doesn't exist and cannot be created."); + log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); return FALSE; } } - elseif (($this->_file_handle = fopen($this->_file_path, 'r+b')) === FALSE) + elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { - log_message('error', "Session: Unable to open file '".$this->_file_path."'."); + log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); return FALSE; } if (flock($this->_file_handle, LOCK_EX) === FALSE) { - log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path."'."); + log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; return FALSE; } + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + if ($this->_file_new) { - chmod($this->_file_path, 0600); + chmod($this->_file_path.$session_id, 0600); $this->_fingerprint = md5(''); return ''; } @@ -154,7 +155,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -170,6 +171,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle public function write($session_id, $session_data) { + // If the two IDs don't match, we have a session_regenerate_id() call + // and we need to close the old handle and open a new one + if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + { + return FALSE; + } + if ( ! is_resource($this->_file_handle)) { return FALSE; @@ -178,7 +186,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { return ($this->_file_new) ? TRUE - : touch($this->_file_path); + : touch($this->_file_path.$session_id); } if ( ! $this->_file_new) @@ -218,11 +226,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle flock($this->_file_handle, LOCK_UN); fclose($this->_file_handle); - $this->_file_handle = $this->_file_new = NULL; + $this->_file_handle = $this->_file_new = $this->_session_id = NULL; return TRUE; } - return FALSE; + return TRUE; } // ------------------------------------------------------------------------ @@ -231,13 +239,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return unlink($this->_file_path) && $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) && $this->_cookie_destroy(); } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path) - ? (unlink($this->_file_path) && $this->_cookie_destroy()) + return file_exists($this->_file_path.$session_id) + ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) : TRUE; } -- cgit v1.2.3-24-g4f1b From 46f2f26d7cc43c548ea3f2978f532754b3476d5f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 11 Nov 2014 14:37:51 +0200 Subject: [ci skip] Update system/libraries/Session/ with the MIT license notice --- .../Session/drivers/Session_files_driver.php | 47 +++++++++++++--------- 1 file changed, 29 insertions(+), 18 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 973337753..b82d9f55d 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -4,36 +4,47 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author Andrey Andreev + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource - */ +*/ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Files Driver * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { -- cgit v1.2.3-24-g4f1b From bf6b11d7d9732dbc46ca0ea897cfd4023fff7844 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 12 Jan 2015 17:27:12 +0200 Subject: [ci skip] Remove PHP version from license notices and bump year --- system/libraries/Session/drivers/Session_files_driver.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index b82d9f55d..761eed46f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From 10411fc94395bdf217e8bbae61e0af3a73d37325 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 13:54:53 +0200 Subject: [ci skip] feature/session (#3073): Add missing method docblocks --- .../Session/drivers/Session_files_driver.php | 51 ++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 761eed46f..95ab7f14c 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -101,6 +101,15 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Open + * + * Sanitizes the save_path directory. + * + * @param string $save_path Path to session files' directory + * @param string $name Session cookie name, unused + * @return bool + */ public function open($save_path, $name) { if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) @@ -119,6 +128,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ public function read($session_id) { // This might seem weird, but PHP 5.6 introduces session_reset(), @@ -180,6 +197,17 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return $session_data; } + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ public function write($session_id, $session_data) { // If the two IDs don't match, we have a session_regenerate_id() call @@ -230,6 +258,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Close + * + * Releases locks and closes file descriptor. + * + * @return void + */ public function close() { if (is_resource($this->_file_handle)) @@ -246,6 +281,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ public function destroy($session_id) { if ($this->close()) @@ -265,6 +308,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ public function gc($maxlifetime) { if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- system/libraries/Session/drivers/Session_files_driver.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 95ab7f14c..04562b282 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -344,6 +344,3 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } } - -/* End of file Session_files_driver.php */ -/* Location: ./system/libraries/Session/drivers/Session_files_driver.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 5f4d01a97d9979f25ace6a7bce4dea23f630524e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Feb 2015 18:38:00 +0200 Subject: Throw exception if 'files' session path is invalid --- system/libraries/Session/drivers/Session_files_driver.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 04562b282..32aeab614 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -1,4 +1,4 @@ -_config['save_path']."' is not a directory, doesn't exist or cannot be created."); - return FALSE; + if ( ! mkdir($save_path, 0700, TRUE)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); + } + } + elseif ( ! is_writable($save_path)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process."); } $this->_config['save_path'] = $save_path; -- cgit v1.2.3-24-g4f1b From 05afe3eac1ff69aabdb34b795004acb8a386d20d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Feb 2015 19:04:37 +0200 Subject: Err ... r --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 32aeab614..ad8315d52 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -1,4 +1,4 @@ -r Date: Wed, 4 Feb 2015 01:45:59 +0100 Subject: Fixed inconsistent return types --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index ad8315d52..d3ef34acd 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -269,7 +269,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle * * Releases locks and closes file descriptor. * - * @return void + * @return bool */ public function close() { -- cgit v1.2.3-24-g4f1b From 5fa4b7266d7c61dc2482e529bd6afb9a67edadb7 Mon Sep 17 00:00:00 2001 From: Gabriel Potkány Date: Wed, 4 Feb 2015 10:46:24 +0100 Subject: Fixed return values types in session drivers --- system/libraries/Session/drivers/Session_files_driver.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index d3ef34acd..217d3f9db 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -156,13 +156,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return FALSE; + return ''; } } elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return FALSE; + return ''; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +170,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return FALSE; + return ''; } // Needed by write() to detect session_regenerate_id() calls -- cgit v1.2.3-24-g4f1b From 0dd2538900bcbf5ab34798c9fb56632fefbfdad0 Mon Sep 17 00:00:00 2001 From: Gabriel Potkány Date: Wed, 4 Feb 2015 12:15:06 +0100 Subject: Revert "Fixed return values types in session drivers" This reverts commit 5fa4b7266d7c61dc2482e529bd6afb9a67edadb7. --- system/libraries/Session/drivers/Session_files_driver.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 217d3f9db..d3ef34acd 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -156,13 +156,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return ''; + return FALSE; } } elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return ''; + return FALSE; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +170,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return ''; + return FALSE; } // Needed by write() to detect session_regenerate_id() calls -- cgit v1.2.3-24-g4f1b From 388ce59de69cc524e6869994c4d18294c089477f Mon Sep 17 00:00:00 2001 From: Tom Atkinson Date: Wed, 4 Feb 2015 17:54:52 +0100 Subject: Use session cookie name in gc check --- system/libraries/Session/drivers/Session_files_driver.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index d3ef34acd..5852277e8 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -107,7 +107,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle * Sanitizes the save_path directory. * * @param string $save_path Path to session files' directory - * @param string $name Session cookie name, unused + * @param string $name Session cookie name * @return bool */ public function open($save_path, $name) @@ -332,10 +332,16 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $ts = time() - $maxlifetime; + $pattern = sprintf( + '/^%s[0-9a-f]{%d}$/', + preg_quote($this->_config['cookie_name'], '/'), + ($this->_config['match_ip'] === TRUE ? 72 : 40) + ); + foreach ($files as $file) { // If the filename doesn't match this pattern, it's either not a session file or is not ours - if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) + if ( ! preg_match($pattern, $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) -- cgit v1.2.3-24-g4f1b From c519b26d78edb21fd189e73f0feb12690aa34f2d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Feb 2015 19:20:03 +0200 Subject: Fix #3610 --- system/libraries/Session/drivers/Session_files_driver.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5852277e8..74528e9d2 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -299,7 +299,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return unlink($this->_file_path.$session_id) && $this->_cookie_destroy(); + return file_exists($this->_file_path.$session_id) + ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) + : TRUE; } elseif ($this->_file_path !== NULL) { -- cgit v1.2.3-24-g4f1b From 2f79f9a9e8a5b167ce899609a2058c4d2f480aa8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 12:52:05 +0200 Subject: Improve Session GC for files driver Close #3701 --- system/libraries/Session/drivers/Session_files_driver.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 74528e9d2..45da91c46 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -326,7 +326,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function gc($maxlifetime) { - if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) + if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); return FALSE; @@ -340,7 +340,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle ($this->_config['match_ip'] === TRUE ? 72 : 40) ); - foreach ($files as $file) + while (($file = readdir($directory)) !== FALSE) { // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match($pattern, $file) @@ -354,6 +354,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file); } + closedir($directory); + return TRUE; } -- cgit v1.2.3-24-g4f1b From 8df6efd402180a6361b4dd619f5535d6c2bed334 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Dec 2015 17:55:55 +0200 Subject: Fix #4039 --- system/libraries/Session/drivers/Session_files_driver.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 45da91c46..173b43710 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -183,6 +183,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return ''; } } + // We shouldn't need this, but apparently we do ... + // See https://github.com/bcit-ci/CodeIgniter/issues/4039 + elseif ($this->_file_handler === FALSE) + { + return FALSE; + } else { rewind($this->_file_handle); -- cgit v1.2.3-24-g4f1b From af849696d43f5c3b68962af1ae5096151a6d9f1a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 12 Dec 2015 14:07:39 +0200 Subject: [ci skip] Proper error handling for Sessions on PHP 5 This was actually a PHP bug, see https://wiki.php.net/rfc/session.user.return-value Also related: #4039 --- .../Session/drivers/Session_files_driver.php | 59 +++++++++++++--------- 1 file changed, 35 insertions(+), 24 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 173b43710..f0f055f87 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -129,7 +129,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle .$name // we'll use the session cookie name as a prefix to avoid collisions .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -156,13 +156,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return FALSE; + return $this->_failure; } } elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return FALSE; + return $this->_failure; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +170,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return FALSE; + return $this->_failure; } // Needed by write() to detect session_regenerate_id() calls @@ -187,7 +187,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // See https://github.com/bcit-ci/CodeIgniter/issues/4039 elseif ($this->_file_handler === FALSE) { - return FALSE; + return $this->_failure; } else { @@ -226,18 +226,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // and we need to close the old handle and open a new one if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) { - return FALSE; + return $this->_failure; } if ( ! is_resource($this->_file_handle)) { - return FALSE; + return $this->_failure; } elseif ($this->_fingerprint === md5($session_data)) { - return ($this->_file_new) - ? TRUE - : touch($this->_file_path.$session_id); + return ( ! $this->_file_new && ! touch($this->_file_path.$session_id)) + ? $this->_failure + : $this->_success; } if ( ! $this->_file_new) @@ -260,12 +260,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { $this->_fingerprint = md5(substr($session_data, 0, $written)); log_message('error', 'Session: Unable to write data.'); - return FALSE; + return $this->_failure; } } $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -285,10 +285,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle fclose($this->_file_handle); $this->_file_handle = $this->_file_new = $this->_session_id = NULL; - return TRUE; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -305,19 +304,31 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -335,7 +346,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); - return FALSE; + return $this->_failure; } $ts = time() - $maxlifetime; @@ -362,7 +373,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle closedir($directory); - return TRUE; + return $this->_success; } -} +} \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 2d6d9ab0bfeb546d8c9d7924af7ccc095f798e41 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Dec 2015 12:32:50 +0200 Subject: Really fix #4039 A typo from 8df6efd402180a6361b4dd619f5535d6c2bed334 --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f0f055f87..1a943d5c9 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -185,7 +185,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } // We shouldn't need this, but apparently we do ... // See https://github.com/bcit-ci/CodeIgniter/issues/4039 - elseif ($this->_file_handler === FALSE) + elseif ($this->_file_handle === FALSE) { return $this->_failure; } -- cgit v1.2.3-24-g4f1b From bb71dbadb7441a97a09e1e6d90fbddc884af67d1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Dec 2015 13:00:52 +0200 Subject: Fix logical errors from af849696d43f5c3b68962af1ae5096151a6d9f1a --- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 1a943d5c9..c540996a7 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -224,7 +224,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the two IDs don't match, we have a session_regenerate_id() call // and we need to close the old handle and open a new one - if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + if ($session_id !== $this->_session_id && ($this->close() === $this->_failure OR $this->read($session_id) === $this->_failure)) { return $this->_failure; } @@ -302,7 +302,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function destroy($session_id) { - if ($this->close()) + if ($this->close() === $this->_success) { if (file_exists($this->_file_path.$session_id)) { -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index c540996a7..f9dc426aa 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f9dc426aa..5ac1dcd36 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5ac1dcd36..119bf6572 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From 85dfc2a6f76ca95e803535c25877e2aa1c05c38b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 1 Apr 2016 22:54:15 +0300 Subject: [ci skip] Add some 'debug' log messages to CI_Session --- system/libraries/Session/drivers/Session_files_driver.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 119bf6572..57c3777a2 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -95,6 +95,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } else { + log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } } -- cgit v1.2.3-24-g4f1b From a838279625becfba98ccb7635d35c67297129c42 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Jul 2016 16:40:12 +0300 Subject: Remove dead code written for PHP 5.2 --- system/libraries/Session/drivers/Session_files_driver.php | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 57c3777a2..bf4df8b20 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -149,18 +149,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - // Just using fopen() with 'c+b' mode would be perfect, but it is only - // available since PHP 5.2.6 and we have to set permissions for new files, - // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) - { - if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) - { - log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return $this->_failure; - } - } - elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) + $this->_file_new = ! file_exists($this->_file_path.$session_id); + + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'c+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); return $this->_failure; -- cgit v1.2.3-24-g4f1b From 103a4263fe8c2715f622355ee7d76114d015f242 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 3 Oct 2016 11:19:11 +0300 Subject: Fix #4823 --- .../Session/drivers/Session_files_driver.php | 27 ++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index bf4df8b20..5f05396c0 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -76,6 +76,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // ------------------------------------------------------------------------ /** @@ -98,6 +105,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } // ------------------------------------------------------------------------ @@ -187,7 +196,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -368,4 +377,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return $this->_success; } -} \ No newline at end of file + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } +} -- cgit v1.2.3-24-g4f1b From 6c6ee1a1e73b3f8a93ca031107bec35e56272a0a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 22 Oct 2016 16:33:06 +0300 Subject: Close #4830, #3649 --- .../libraries/Session/drivers/Session_files_driver.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5f05396c0..37315d3cd 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -76,6 +76,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * Validate SID regular expression + * + * @var string + */ + protected $_sid_regexp; + /** * mbstring.func_override flag * @@ -106,6 +113,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + $this->_sid_regexp = $this->_config['_sid_regexp']; + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } @@ -352,10 +361,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $ts = time() - $maxlifetime; + $pattern = ($this->_config['match_ip'] === TRUE) + ? '[0-9a-f]{32}' + : ''; + $pattern = sprintf( - '/^%s[0-9a-f]{%d}$/', - preg_quote($this->_config['cookie_name'], '/'), - ($this->_config['match_ip'] === TRUE ? 72 : 40) + '#\A%s'.$pattern.$this->_sid_regexp.'\z#', + preg_quote($this->_config['cookie_name']) ); while (($file = readdir($directory)) !== FALSE) -- cgit v1.2.3-24-g4f1b From da60e9bc66ec90970fbd2dfd08b0a6e66b9f5f5f Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 37315d3cd..6016e094e 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From c0c74d5201c171cd6d0cdc2133e63077ebe1a407 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:26:35 +0200 Subject: More byte-safety --- system/libraries/Session/drivers/Session_files_driver.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session/drivers/Session_files_driver.php') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 6016e094e..8860ef667 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -84,11 +84,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle protected $_sid_regexp; /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; // ------------------------------------------------------------------------ @@ -115,7 +115,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $this->_sid_regexp = $this->_config['_sid_regexp']; - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); } // ------------------------------------------------------------------------ @@ -399,7 +399,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } -- cgit v1.2.3-24-g4f1b