From de8b82ca8c4e201ad21c07ca962f5480493143eb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 18 Oct 2015 20:58:38 +0300 Subject: Fix #4179 --- system/libraries/Session/drivers/Session_database_driver.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 1d01c2923..72b39d12d 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -159,6 +159,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if (($result = $this->_db->get()->row()) === NULL) { + // PHP7 will reuse the same SessionHandler object after + // ID regeneration, so we need to explicitly set this to + // FALSE instead of relying on the default ... + $this->_row_exists = FALSE; $this->_fingerprint = md5(''); return ''; } -- cgit v1.2.3-24-g4f1b From 874096c1f652f25b7f3e89e8c6b45b13c8a5e0e8 Mon Sep 17 00:00:00 2001 From: sskaje Date: Sat, 14 Nov 2015 11:55:36 +0800 Subject: add unix socket support to redis session driver --- .../Session/drivers/Session_redis_driver.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index b098cc441..f74067978 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -85,10 +85,24 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } + elseif (strpos($this->_config['save_path'], 'unix://') === 0 && preg_match('#(?:unix://)?([^:?]+)(\?.+)?#', $this->_config['save_path'], $matches)) + { + isset($matches[2]) OR $matches[2] = ''; // Just to avoid undefined index notices below + $this->_config['save_path'] = array( + 'type' => 'unix', + 'path' => $matches[1], + 'password' => preg_match('#auth=([^\s&]+)#', $matches[2], $match) ? $match[1] : NULL, + 'database' => preg_match('#database=(\d+)#', $matches[2], $match) ? (int) $match[1] : NULL, + 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[2], $match) ? (float) $match[1] : NULL + ); + + preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; + } elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) { isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below $this->_config['save_path'] = array( + 'type' => 'tcp', 'host' => $matches[1], 'port' => empty($matches[2]) ? NULL : $matches[2], 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, @@ -128,7 +142,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } $redis = new Redis(); - if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) + if ($this->_config['save_path']['type'] == 'unix' && !$redis->connect($this->_config['save_path']['path'])) + { + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + } + else if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } -- cgit v1.2.3-24-g4f1b From 9703a0bbac81477365da7012a6a47d71c547cf96 Mon Sep 17 00:00:00 2001 From: kemeng Date: Mon, 16 Nov 2015 18:35:43 +0800 Subject: fixed a typo in unix socket parameter; change coding style to match CI; fix an elseif --- .../libraries/Session/drivers/Session_redis_driver.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index f74067978..fe82ca917 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -85,7 +85,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } - elseif (strpos($this->_config['save_path'], 'unix://') === 0 && preg_match('#(?:unix://)?([^:?]+)(\?.+)?#', $this->_config['save_path'], $matches)) + elseif (preg_match('#^unix://([^\?]+)(\?.+)?$#', $this->_config['save_path'], $matches)) { isset($matches[2]) OR $matches[2] = ''; // Just to avoid undefined index notices below $this->_config['save_path'] = array( @@ -96,7 +96,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[2], $match) ? (float) $match[1] : NULL ); - preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; + preg_match('#prefix=([^\s&]+)#', $matches[2], $match) && $this->_key_prefix = $match[1]; } elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) { @@ -142,15 +142,19 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } $redis = new Redis(); - if ($this->_config['save_path']['type'] == 'unix' && !$redis->connect($this->_config['save_path']['path'])) + if ($this->_config['save_path']['type'] == 'unix') { - log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + if (! $redis->connect($this->_config['save_path']['path'])) + { + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + } } - else if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) + elseif (! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } - elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + + if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) { log_message('error', 'Session: Unable to authenticate to Redis instance.'); } -- cgit v1.2.3-24-g4f1b From 47c37de5ec5f673b9db13a3c0f4d899fd651d703 Mon Sep 17 00:00:00 2001 From: kemeng Date: Mon, 16 Nov 2015 18:52:37 +0800 Subject: Spaces around ! . Changelog entry in 3.1.0. --- system/libraries/Session/drivers/Session_redis_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index fe82ca917..44ffddc4b 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -144,12 +144,12 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $redis = new Redis(); if ($this->_config['save_path']['type'] == 'unix') { - if (! $redis->connect($this->_config['save_path']['path'])) + if ( ! $redis->connect($this->_config['save_path']['path'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } } - elseif (! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) + elseif ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } -- cgit v1.2.3-24-g4f1b From e9e4ab00991343ba94f9542c1a6f18a42b559257 Mon Sep 17 00:00:00 2001 From: kemeng Date: Mon, 16 Nov 2015 20:03:24 +0800 Subject: do not try to auth/select db on redis connect failure --- .../Session/drivers/Session_redis_driver.php | 28 +++++++++++++--------- 1 file changed, 17 insertions(+), 11 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 44ffddc4b..8f9bcce24 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -141,31 +141,37 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return FALSE; } + $connected = TRUE; $redis = new Redis(); if ($this->_config['save_path']['type'] == 'unix') { if ( ! $redis->connect($this->_config['save_path']['path'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + $connected = FALSE; } } elseif ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + $connected = FALSE; } - if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + if ($connected) { - log_message('error', 'Session: Unable to authenticate to Redis instance.'); - } - elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) - { - log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); - } - else - { - $this->_redis = $redis; - return TRUE; + if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + { + log_message('error', 'Session: Unable to authenticate to Redis instance.'); + } + elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + { + log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + } + else + { + $this->_redis = $redis; + return TRUE; + } } return FALSE; -- cgit v1.2.3-24-g4f1b From 0f6e5bc4d356680bae470f05ccb9e115dd57422e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 16 Nov 2015 16:17:07 +0200 Subject: [ci skip] Polish changes from PR #4240 --- .../Session/drivers/Session_redis_driver.php | 71 ++++++++++------------ 1 file changed, 33 insertions(+), 38 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 8f9bcce24..4fa6c28b3 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -85,41 +85,39 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } - elseif (preg_match('#^unix://([^\?]+)(\?.+)?$#', $this->_config['save_path'], $matches)) + elseif (preg_match('#^unix://([^\?]+)(?\?.+)?$#', $this->_config['save_path'], $matches)) { - isset($matches[2]) OR $matches[2] = ''; // Just to avoid undefined index notices below - $this->_config['save_path'] = array( - 'type' => 'unix', - 'path' => $matches[1], - 'password' => preg_match('#auth=([^\s&]+)#', $matches[2], $match) ? $match[1] : NULL, - 'database' => preg_match('#database=(\d+)#', $matches[2], $match) ? (int) $match[1] : NULL, - 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[2], $match) ? (float) $match[1] : NULL - ); - - preg_match('#prefix=([^\s&]+)#', $matches[2], $match) && $this->_key_prefix = $match[1]; + $save_path = array('path' => $matches[1]); } - elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?\?.+)?#', $this->_config['save_path'], $matches)) { - isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below - $this->_config['save_path'] = array( - 'type' => 'tcp', + $save_path = array( 'host' => $matches[1], - 'port' => empty($matches[2]) ? NULL : $matches[2], - 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, - 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL, - 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL + 'port' => empty($matches[2]) ? NULL : $matches[2] ); - - preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; } else { log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']); } - if ($this->_config['match_ip'] === TRUE) + if (isset($save_path)) { - $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + if (isset($matches['options'])) + { + $save_path['password'] = preg_match('#auth=([^\s&]+)#', $matches['options'], $match) ? $match[1] : NULL; + $save_path['database'] = preg_match('#database=(\d+)#', $matches['options'], $match) ? (int) $match[1] : NULL; + $save_path['timeout'] = preg_match('#timeout=(\d+\.\d+)#', $matches['options'], $match) ? (float) $match[1] : NULL; + + preg_match('#prefix=([^\s&]+)#', $matches['options'], $match) && $this->_key_prefix = $match[1]; + } + + $this->_config['save_path'] = $save_path; + + if ($this->_config['match_ip'] === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } } } @@ -141,23 +139,16 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return FALSE; } - $connected = TRUE; $redis = new Redis(); - if ($this->_config['save_path']['type'] == 'unix') - { - if ( ! $redis->connect($this->_config['save_path']['path'])) - { - log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); - $connected = FALSE; - } - } - elseif ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) - { - log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); - $connected = FALSE; - } + $connected = isset($this->_config['save_path']['path']) + ? $redis->connect($this->_config['save_path']['path']) + : $redis->connect( + $this->_config['save_path']['host'], + $this->_config['save_path']['port'], + $this->_config['save_path']['timeout'] + ); - if ($connected) + if ($connected) { if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) { @@ -173,6 +164,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return TRUE; } } + else + { + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + } return FALSE; } -- cgit v1.2.3-24-g4f1b From 8df6efd402180a6361b4dd619f5535d6c2bed334 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Dec 2015 17:55:55 +0200 Subject: Fix #4039 --- system/libraries/Session/drivers/Session_files_driver.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 45da91c46..173b43710 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -183,6 +183,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return ''; } } + // We shouldn't need this, but apparently we do ... + // See https://github.com/bcit-ci/CodeIgniter/issues/4039 + elseif ($this->_file_handler === FALSE) + { + return FALSE; + } else { rewind($this->_file_handle); -- cgit v1.2.3-24-g4f1b From af849696d43f5c3b68962af1ae5096151a6d9f1a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 12 Dec 2015 14:07:39 +0200 Subject: [ci skip] Proper error handling for Sessions on PHP 5 This was actually a PHP bug, see https://wiki.php.net/rfc/session.user.return-value Also related: #4039 --- system/libraries/Session/Session_driver.php | 23 +++++++++ .../Session/drivers/Session_database_driver.php | 49 +++++++++++------- .../Session/drivers/Session_files_driver.php | 59 +++++++++++++--------- .../Session/drivers/Session_memcached_driver.php | 45 +++++++++-------- .../Session/drivers/Session_redis_driver.php | 35 +++++++------ 5 files changed, 133 insertions(+), 78 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 47376da5b..64b4bb511 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -74,6 +74,18 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected $_session_id; + /** + * Success and failure return values + * + * Necessary due to a bug in all PHP 5 versions where return values + * from userspace handlers are not handled properly. PHP 7 fixes the + * bug, so we need to return different values depending on the version. + * + * @see https://wiki.php.net/rfc/session.user.return-value + * @var mixed + */ + protected $_success, $_failure; + // ------------------------------------------------------------------------ /** @@ -85,6 +97,17 @@ abstract class CI_Session_driver implements SessionHandlerInterface { public function __construct(&$params) { $this->_config =& $params; + + if (is_php('7')) + { + $this->_success = TRUE; + $this->_failure = FALSE; + } + else + { + $this->_success = 0; + $this->_failure = -1; + } } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 72b39d12d..40a358fb8 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -125,9 +125,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function open($save_path, $name) { - return empty($this->_db->conn_id) - ? (bool) $this->_db->db_connect() - : TRUE; + if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) + { + return $this->_failure; + } + + return $this->_success; } // ------------------------------------------------------------------------ @@ -201,7 +204,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_failure; } $this->_row_exists = FALSE; @@ -209,7 +212,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock === FALSE) { - return FALSE; + return $this->_failure; } if ($this->_row_exists === FALSE) @@ -224,10 +227,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->insert($this->_config['save_path'], $insert_data)) { $this->_fingerprint = md5($session_data); - return $this->_row_exists = TRUE; + $this->_row_exists = TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } $this->_db->where('id', $session_id); @@ -247,10 +251,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->update($this->_config['save_path'], $update_data)) { $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -264,9 +268,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function close() { - return ($this->_lock) - ? $this->_release_lock() - : TRUE; + return ($this->_lock && ! $this->_release_lock()) + ? $this->_failure + : $this->_success; } // ------------------------------------------------------------------------ @@ -289,12 +293,19 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - return $this->_db->delete($this->_config['save_path']) - ? ($this->close() && $this->_cookie_destroy()) - : FALSE; + if ( ! $this->_db->delete($this->_config['save_path'])) + { + return $this->_failure; + } + } + + if ($this->close()) + { + $this->_cookie_destroy(); + return $this->_success; } - return ($this->close() && $this->_cookie_destroy()); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -309,7 +320,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function gc($maxlifetime) { - return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); + return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) + ? $this->_success + : $this->_failure; } // ------------------------------------------------------------------------ @@ -390,4 +403,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } -} +} \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 173b43710..f0f055f87 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -129,7 +129,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle .$name // we'll use the session cookie name as a prefix to avoid collisions .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -156,13 +156,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return FALSE; + return $this->_failure; } } elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return FALSE; + return $this->_failure; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +170,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return FALSE; + return $this->_failure; } // Needed by write() to detect session_regenerate_id() calls @@ -187,7 +187,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // See https://github.com/bcit-ci/CodeIgniter/issues/4039 elseif ($this->_file_handler === FALSE) { - return FALSE; + return $this->_failure; } else { @@ -226,18 +226,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // and we need to close the old handle and open a new one if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) { - return FALSE; + return $this->_failure; } if ( ! is_resource($this->_file_handle)) { - return FALSE; + return $this->_failure; } elseif ($this->_fingerprint === md5($session_data)) { - return ($this->_file_new) - ? TRUE - : touch($this->_file_path.$session_id); + return ( ! $this->_file_new && ! touch($this->_file_path.$session_id)) + ? $this->_failure + : $this->_success; } if ( ! $this->_file_new) @@ -260,12 +260,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { $this->_fingerprint = md5(substr($session_data, 0, $written)); log_message('error', 'Session: Unable to write data.'); - return FALSE; + return $this->_failure; } } $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -285,10 +285,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle fclose($this->_file_handle); $this->_file_handle = $this->_file_new = $this->_session_id = NULL; - return TRUE; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -305,19 +304,31 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -335,7 +346,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); - return FALSE; + return $this->_failure; } $ts = time() - $maxlifetime; @@ -362,7 +373,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle closedir($directory); - return TRUE; + return $this->_success; } -} +} \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 97b860588..760239dfb 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return FALSE; + return $this->_failure; } foreach ($matches as $match) @@ -142,10 +142,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return FALSE; + return $this->_failure; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -188,14 +188,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! isset($this->_memcached)) { - return FALSE; + return $this->_failure; } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_failure; } $this->_fingerprint = md5(''); @@ -210,16 +210,18 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']); + return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']) + ? $this->_success + : $this->_failure; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -238,14 +240,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); if ( ! $this->_memcached->quit()) { - return FALSE; + return $this->_failure; } $this->_memcached = NULL; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -263,10 +265,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_memcached, $this->_lock_key)) { $this->_memcached->delete($this->_key_prefix.$session_id); - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -282,7 +285,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa public function gc($maxlifetime) { // Not necessary, Memcached takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -299,7 +302,9 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_lock_key)) { - return $this->_memcached->replace($this->_lock_key, time(), 300); + return ($this->_memcached->replace($this->_lock_key, time(), 300)) + ? $this->_success + : $this->_failure; } // 30 attempts to obtain a lock, in case another request already has it @@ -316,7 +321,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ( ! $this->_memcached->set($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return FALSE; + return $this->_failure; } $this->_lock_key = $lock_key; @@ -327,11 +332,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($attempt === 30) { log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); - return FALSE; + return $this->_failure; } $this->_lock = TRUE; - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index b098cc441..e8915306f 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -124,7 +124,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return FALSE; + return $this->_failure; } $redis = new Redis(); @@ -143,10 +143,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle else { $this->_redis = $redis; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -171,7 +171,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $session_data; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -189,14 +189,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! isset($this->_redis)) { - return FALSE; + return $this->_failure; } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_failure; } $this->_fingerprint = md5(''); @@ -211,16 +211,18 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_failure; } - return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']); + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_failure; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -242,7 +244,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); if ( ! $this->_redis->close()) { - return FALSE; + return $this->_failure; } } } @@ -252,10 +254,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } $this->_redis = NULL; - return TRUE; + return $this->_success; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -277,10 +279,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -296,7 +299,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function gc($maxlifetime) { // Not necessary, Redis takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 2d6d9ab0bfeb546d8c9d7924af7ccc095f798e41 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Dec 2015 12:32:50 +0200 Subject: Really fix #4039 A typo from 8df6efd402180a6361b4dd619f5535d6c2bed334 --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f0f055f87..1a943d5c9 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -185,7 +185,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } // We shouldn't need this, but apparently we do ... // See https://github.com/bcit-ci/CodeIgniter/issues/4039 - elseif ($this->_file_handler === FALSE) + elseif ($this->_file_handle === FALSE) { return $this->_failure; } -- cgit v1.2.3-24-g4f1b From bb71dbadb7441a97a09e1e6d90fbddc884af67d1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Dec 2015 13:00:52 +0200 Subject: Fix logical errors from af849696d43f5c3b68962af1ae5096151a6d9f1a --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 40a358fb8..f2adacb6b 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -299,7 +299,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } } - if ($this->close()) + if ($this->close() === $this->_success) { $this->_cookie_destroy(); return $this->_success; diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 1a943d5c9..c540996a7 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -224,7 +224,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the two IDs don't match, we have a session_regenerate_id() call // and we need to close the old handle and open a new one - if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + if ($session_id !== $this->_session_id && ($this->close() === $this->_failure OR $this->read($session_id) === $this->_failure)) { return $this->_failure; } @@ -302,7 +302,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function destroy($session_id) { - if ($this->close()) + if ($this->close() === $this->_success) { if (file_exists($this->_file_path.$session_id)) { diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index e8915306f..b60ef6b34 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -242,7 +242,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); - if ( ! $this->_redis->close()) + if ($this->_redis->close() === $this->_failure) { return $this->_failure; } -- cgit v1.2.3-24-g4f1b From 79b8a086187f199bb708bd56477850fbf1dd9e91 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 7 Jan 2016 13:55:21 +0200 Subject: Fix #4362 --- system/libraries/Session/drivers/Session_memcached_driver.php | 5 ++++- system/libraries/Session/drivers/Session_redis_driver.php | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 760239dfb..9d7ab1172 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -300,7 +300,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { return ($this->_memcached->replace($this->_lock_key, time(), 300)) ? $this->_success diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index b60ef6b34..a31c45372 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -314,7 +314,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { return $this->_redis->setTimeout($this->_lock_key, 300); } -- cgit v1.2.3-24-g4f1b From fd5fe1a64c03ae7204a7e72d936215f7a61d8c30 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 11:58:40 +0200 Subject: Fix #4374 --- system/libraries/Session/drivers/Session_database_driver.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index f2adacb6b..8c4555481 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -147,6 +147,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_get_lock($session_id) !== FALSE) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; @@ -199,6 +202,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function write($session_id, $session_data) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + // Was the ID regenerated? if ($session_id !== $this->_session_id) { @@ -287,6 +293,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_lock) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + $this->_db->where('id', $session_id); if ($this->_config['match_ip']) { @@ -320,6 +329,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function gc($maxlifetime) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) ? $this->_success : $this->_failure; -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/libraries/Session/Session.php | 4 ++-- system/libraries/Session/SessionHandlerInterface.php | 4 ++-- system/libraries/Session/Session_driver.php | 4 ++-- system/libraries/Session/drivers/Session_database_driver.php | 4 ++-- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- system/libraries/Session/drivers/Session_redis_driver.php | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 05a470d86..28c93434d 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 2.0.0 diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index 9dab5ac07..90bae937a 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 64b4bb511..6d66e274b 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 8c4555481..5523655d2 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index c540996a7..f9dc426aa 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 9d7ab1172..cf52caac4 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index a31c45372..6a90a7405 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/libraries/Session/Session.php | 4 ++-- system/libraries/Session/SessionHandlerInterface.php | 4 ++-- system/libraries/Session/Session_driver.php | 4 ++-- system/libraries/Session/drivers/Session_database_driver.php | 4 ++-- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- system/libraries/Session/drivers/Session_redis_driver.php | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 28c93434d..1e81ec53f 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session { diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index 90bae937a..ea825a066 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ interface SessionHandlerInterface { diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 6d66e274b..02d984cdf 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ abstract class CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 5523655d2..b3191e060 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f9dc426aa..5ac1dcd36 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index cf52caac4..b2feb56f1 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 6a90a7405..047760554 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/libraries/Session/Session.php | 2 +- system/libraries/Session/SessionHandlerInterface.php | 2 +- system/libraries/Session/Session_driver.php | 2 +- system/libraries/Session/drivers/Session_database_driver.php | 2 +- system/libraries/Session/drivers/Session_files_driver.php | 2 +- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 1e81ec53f..b93c00c15 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index ea825a066..b3533dd1e 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 02d984cdf..98fc897e3 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index b3191e060..3ba9d3d36 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5ac1dcd36..119bf6572 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index b2feb56f1..d017dfb2f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 047760554..46b8fa1c2 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From 4dc17cf59142b3d3d80e9b3cdba77e7db0d2b75c Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Wed, 3 Feb 2016 11:41:34 +0000 Subject: If attempting to write an empty session to Redis, a key will not actually be created, so when the driver tries to set the expiration timeout on the key, 0 is returned, triggering a warning from session_write_close Signed-off-by: Jonty Sewell --- system/libraries/Session/drivers/Session_redis_driver.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index c7c574202..aa8459bef 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -240,9 +240,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_failure; } - return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) - ? $this->_success - : $this->_failure; + if($this->_fingerprint === md5('')) + { + // A blank session will not be written to redis, so a timeout cannot be set on it + return $this->_success; + } else { + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_failure; + } } return $this->_failure; -- cgit v1.2.3-24-g4f1b From 880036d5cea0021258c43c0d0fba0e6fd9d04b69 Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Fri, 5 Feb 2016 09:27:47 +0000 Subject: Revert previous changes - fixing the source of the problem rather than working around it Signed-off-by: Jonty Sewell --- system/libraries/Session/drivers/Session_redis_driver.php | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index aa8459bef..c7c574202 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -240,15 +240,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_failure; } - if($this->_fingerprint === md5('')) - { - // A blank session will not be written to redis, so a timeout cannot be set on it - return $this->_success; - } else { - return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) - ? $this->_success - : $this->_failure; - } + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_failure; } return $this->_failure; -- cgit v1.2.3-24-g4f1b From 74f846890d69e6f5ff5f0bb4268539803242d015 Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Fri, 5 Feb 2016 09:39:05 +0000 Subject: Add a flag to determine whether the redis key currently exists, and if not, force creation of it at write-time Signed-off-by: Jonty Sewell --- .../Session/drivers/Session_redis_driver.php | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index c7c574202..e62a3c597 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -69,6 +69,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected $_lock_key; + /** + * Key exists flag + * + * @var boolean + */ + protected $_key_exists = FALSE; + // ------------------------------------------------------------------------ /** @@ -189,7 +196,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; - $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $session_data = $this->_redis->get($this->_key_prefix.$session_id); + + if ($session_data === FALSE) + { + // The session ID does not exist in redis yet, so set a flag to create it + $this->_key_exists = FALSE; + $session_data = ''; + } + $this->_fingerprint = md5($session_data); return $session_data; } @@ -229,7 +244,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if (isset($this->_lock_key)) { $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { -- cgit v1.2.3-24-g4f1b From a7f9ea28aa40bd036de1cee7a4ec4ab63235fd12 Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Fri, 5 Feb 2016 10:33:00 +0000 Subject: Set the _key_exists flag to TRUE when the key does in fact exist. Set it to FALSE if the ID is being regenerated, and set it to TRUE once it's been written. Signed-off-by: Jonty Sewell --- system/libraries/Session/drivers/Session_redis_driver.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index e62a3c597..be5b37e81 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -72,7 +72,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle /** * Key exists flag * - * @var boolean + * @var bool */ protected $_key_exists = FALSE; @@ -204,6 +204,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_key_exists = FALSE; $session_data = ''; } + else + { + $this->_key_exists = TRUE; + } $this->_fingerprint = md5($session_data); return $session_data; @@ -237,7 +241,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_failure; } - $this->_fingerprint = md5(''); + $this->_key_exists = FALSE; $this->_session_id = $session_id; } @@ -249,6 +253,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; return $this->_success; } -- cgit v1.2.3-24-g4f1b From 0f19fd0550e95354e8512c28ff19799aa913c0f9 Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Fri, 5 Feb 2016 10:38:43 +0000 Subject: Setting the flag to FALSE is unnecessary since it defaults to FALSE, therefore this block of code can be reduced to a single statement Signed-off-by: Jonty Sewell --- system/libraries/Session/drivers/Session_redis_driver.php | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index be5b37e81..c4483e439 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -198,16 +198,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $session_data = $this->_redis->get($this->_key_prefix.$session_id); - if ($session_data === FALSE) - { - // The session ID does not exist in redis yet, so set a flag to create it - $this->_key_exists = FALSE; - $session_data = ''; - } - else - { - $this->_key_exists = TRUE; - } + is_string($session_data) && $this->_key_exists = TRUE; $this->_fingerprint = md5($session_data); return $session_data; -- cgit v1.2.3-24-g4f1b From c07ae0888377fb434ce70d0817746962722ea3b1 Mon Sep 17 00:00:00 2001 From: Jonty Sewell Date: Fri, 5 Feb 2016 12:34:01 +0000 Subject: Fix regression on PHP7 when regenerating the session (#4362) --- system/libraries/Session/drivers/Session_redis_driver.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index c4483e439..dc4328644 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -198,7 +198,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $session_data = $this->_redis->get($this->_key_prefix.$session_id); - is_string($session_data) && $this->_key_exists = TRUE; + is_string($session_data) + ? $this->_key_exists = TRUE + : $session_data = ''; $this->_fingerprint = md5($session_data); return $session_data; -- cgit v1.2.3-24-g4f1b From 173cf413d38be042b40c2e519041ecaafb6a0919 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 5 Feb 2016 14:36:50 +0200 Subject: Merge pull request #4424 from jonty-comp/develop [ci skip] Fix PHP session_write_close() warning when writing a new session to Redis --- .../Session/drivers/Session_redis_driver.php | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 46b8fa1c2..ad95309da 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -69,6 +69,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected $_lock_key; + /** + * Key exists flag + * + * @var bool + */ + protected $_key_exists = FALSE; + // ------------------------------------------------------------------------ /** @@ -166,7 +173,12 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; - $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $session_data = $this->_redis->get($this->_key_prefix.$session_id); + + is_string($session_data) + ? $this->_key_exists = TRUE + : $session_data = ''; + $this->_fingerprint = md5($session_data); return $session_data; } @@ -199,18 +211,19 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_failure; } - $this->_fingerprint = md5(''); + $this->_key_exists = FALSE; $this->_session_id = $session_id; } if (isset($this->_lock_key)) { $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; return $this->_success; } -- cgit v1.2.3-24-g4f1b From c4de3c2f93cb6d2af65b325ae2812fccad7e98b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 07:41:43 +0200 Subject: [ci skip] Fix Memcached session lock handling and error checking around replace() usage --- .../Session/drivers/Session_memcached_driver.php | 26 ++++++++++++++-------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index d017dfb2f..e9246443c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -204,10 +204,16 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_lock_key)) { + $key = $this->_key_prefix.$session_id; + $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) + + if ( + $this->_memcached->replace($key, $session_data, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) { $this->_fingerprint = $fingerprint; return $this->_success; @@ -305,9 +311,12 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // correct session ID. if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return ($this->_memcached->replace($this->_lock_key, time(), 300)) - ? $this->_success - : $this->_failure; + if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) + { + return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + ? $this->_memcached->set($this->_lock_key, time(), 300) + : FALSE; + } } // 30 attempts to obtain a lock, in case another request already has it @@ -324,7 +333,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ( ! $this->_memcached->set($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return $this->_failure; + return FALSE; } $this->_lock_key = $lock_key; @@ -335,11 +344,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($attempt === 30) { log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); - return $this->_failure; + return FALSE; } $this->_lock = TRUE; - return $this->_success; + return TRUE; } // ------------------------------------------------------------------------ @@ -367,5 +376,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } - -} +} \ No newline at end of file -- cgit v1.2.3-24-g4f1b From a54a2b90bf057d7883ea7506d78a1073478ea4cf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 19:55:39 +0200 Subject: Fix a bug where CI_Session_memcached_driver doesn't write empty sessions Related: #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index e9246443c..ab3b1d97c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -209,7 +209,6 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) @@ -222,9 +221,13 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_failure; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']) - ? $this->_success - : $this->_failure; + if ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; + } } return $this->_failure; -- cgit v1.2.3-24-g4f1b From 8215e2fcf828964b232e9f48befac4f08fa11187 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 11 Feb 2016 20:30:43 +0200 Subject: [ci skip] Fix Memcached replace() result code checks in CI_Session Related #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index ab3b1d97c..875e72255 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -211,7 +211,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) ) { $this->_fingerprint = $fingerprint; @@ -316,7 +316,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) { - return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? $this->_memcached->set($this->_lock_key, time(), 300) : FALSE; } -- cgit v1.2.3-24-g4f1b From 7230d5dea1e2fa6b242df2b840ad2dc54f0306b0 Mon Sep 17 00:00:00 2001 From: versalle88 Date: Tue, 23 Feb 2016 11:44:35 -0500 Subject: Changed calls to class_exists to ignore __autoload() to match other calls --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index b93c00c15..c6413c102 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FAlSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From 17c52eaef97a58545004b49141689ef612c9456c Mon Sep 17 00:00:00 2001 From: versalle88 Date: Tue, 23 Feb 2016 11:46:08 -0500 Subject: Changed calls to class_exists to ignore __autoload() to match other calls --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index c6413c102..77c56ae70 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class, FAlSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From 1e4e75421ec0fd00b75de1b34ca60d84b300e050 Mon Sep 17 00:00:00 2001 From: versalle88 Date: Tue, 23 Feb 2016 11:47:45 -0500 Subject: Removed --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 77c56ae70..b93c00c15 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From 82d5c231d55aa290a2739d01055a9b8e6c8243a6 Mon Sep 17 00:00:00 2001 From: versalle88 Date: Tue, 23 Feb 2016 11:48:04 -0500 Subject: Fixed typo --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index b93c00c15..77c56ae70 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From 738b9e30404a56a8e2e8053f024550232b72ea09 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 24 Feb 2016 12:14:10 +0200 Subject: Merge pull request #4480 from versalle88/develop Changed class_exists() calls to ignore __autoload() --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index b93c00c15..77c56ae70 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From b89f5d3ddfc897f0afc4f15a0993f8f1b2b56b88 Mon Sep 17 00:00:00 2001 From: roastduck Date: Sun, 28 Feb 2016 10:18:19 +0800 Subject: clean current lock key in redis session driver set $this->_lock_key to NULL after close Signed-off-by: roastduck --- system/libraries/Session/drivers/Session_redis_driver.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index dc4328644..5081bd5d4 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -278,6 +278,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + $this->_lock_key = NULL; if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From 7f0f73ba81ad712f2553e2f7ef5d0a50f16e119e Mon Sep 17 00:00:00 2001 From: __RD Date: Mon, 29 Feb 2016 22:56:29 +0800 Subject: delete lock directly -> call _release_lock() --- system/libraries/Session/drivers/Session_redis_driver.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 5081bd5d4..3b648d183 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -277,8 +277,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); - $this->_lock_key = NULL; + $this->_release_lock($this->_lock_key); if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From 9a15344bc610b2c6a3a1a0a0b73db2fe0eba987a Mon Sep 17 00:00:00 2001 From: __RD Date: Mon, 29 Feb 2016 22:58:23 +0800 Subject: fix typo --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 3b648d183..c0c20a7ca 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -277,7 +277,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - $this->_release_lock($this->_lock_key); + $this->_release_lock(); if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From f06858c3df09fd33c80f9fc415b6c63b3430869c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:35:12 +0200 Subject: Merge pull request #4491 from roastduck/develop [ci skip] Clean current lock key on close() in redis session driver --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ad95309da..7b7951f5d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -254,7 +254,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + $this->_release_lock(); if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From 215922144082eb4b613e2418ba552776d23ea1db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:38:51 +0200 Subject: [ci skip] Apply #4491 to Memcached driver --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 875e72255..4bd63991f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -246,7 +246,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached)) { - isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + $this->_release_lock(); if ( ! $this->_memcached->quit()) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 13:59:20 +0200 Subject: Improve ext/session error messages --- system/libraries/Session/Session_driver.php | 20 ++++++++++++++++++++ .../Session/drivers/Session_database_driver.php | 21 ++++++++++----------- .../Session/drivers/Session_memcached_driver.php | 20 ++++++++++---------- .../Session/drivers/Session_redis_driver.php | 22 +++++++++++----------- 4 files changed, 51 insertions(+), 32 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 98fc897e3..55ddb25e0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -168,4 +168,24 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } + // ------------------------------------------------------------------------ + + /** + * Fail + * + * Drivers other than the 'files' one don't (need to) use the + * session.save_path INI setting, but that leads to confusing + * error messages emitted by PHP when open() or write() fail, + * as the message contains session.save_path ... + * To work around the problem, the drivers will call this method + * so that the INI is set just in time for the error message to + * be properly generated. + * + * @return mixed + */ + protected function _fail() + { + ini_set('session.save_path', config_item('sess_save_path')); + return $this->_failure; + } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 3ba9d3d36..da0331220 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -127,7 +127,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) { - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if (($result = $this->_db->get()->row()) === NULL) + if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to @@ -210,7 +210,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_row_exists = FALSE; @@ -218,7 +218,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock === FALSE) { - return $this->_failure; + return $this->_fail(); } if ($this->_row_exists === FALSE) @@ -237,7 +237,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } $this->_db->where('id', $session_id); @@ -260,7 +260,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -275,7 +275,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function close() { return ($this->_lock && ! $this->_release_lock()) - ? $this->_failure + ? $this->_fail() : $this->_success; } @@ -304,7 +304,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ( ! $this->_db->delete($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } } @@ -314,7 +314,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -334,7 +334,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) ? $this->_success - : $this->_failure; + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -414,5 +414,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } - } \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 4bd63991f..88eb4b3a6 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return $this->_failure; + return $this->_fail(); } foreach ($matches as $match) @@ -142,7 +142,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -188,14 +188,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! isset($this->_memcached)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_fingerprint = md5(''); @@ -218,7 +218,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } if ( @@ -230,7 +230,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa } } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -249,14 +249,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return $this->_failure; + return $this->_fail(); } $this->_memcached = NULL; return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -278,7 +278,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 7b7951f5d..cc242dd3d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -131,7 +131,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } $redis = new Redis(); @@ -153,7 +153,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -183,7 +183,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -201,14 +201,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! isset($this->_redis)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_key_exists = FALSE; @@ -227,15 +227,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) ? $this->_success - : $this->_failure; + : $this->_fail(); } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -255,9 +255,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_failure) + if ($this->_redis->close() === $this->_fail()) { - return $this->_failure; + return $this->_fail(); } } } @@ -296,7 +296,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 7bdd4950da2226859b00042ce9e8b2b9797129a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 14:01:09 +0200 Subject: Fix a logical error from last commit --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index da0331220..317bd7d4d 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to -- cgit v1.2.3-24-g4f1b From f56068bfd34e3ebc1325b049bf33901d855c7321 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 11:11:53 +0200 Subject: Revert an unintended change from a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index cc242dd3d..e4e09fe0d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -255,7 +255,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_fail()) + if ($this->_redis->close() === $this->_failure) { return $this->_fail(); } -- cgit v1.2.3-24-g4f1b From 2c10f60586faf59b9380608c5a9bf01ff2522483 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Mar 2016 14:39:02 +0200 Subject: Add __isset() to CI_Session --- system/libraries/Session/Session.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 77c56ae70..c9d2e8adc 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -583,6 +583,24 @@ class CI_Session { // ------------------------------------------------------------------------ + /** + * __isset() + * + * @param string $key 'session_id' or a session data key + * @return bool + */ + public function __isset($key) + { + if ($key === 'session_id') + { + return (session_status() === PHP_SESSION_ACTIVE); + } + + return isset($_SESSION[$key]); + } + + // ------------------------------------------------------------------------ + /** * __set() * -- cgit v1.2.3-24-g4f1b From 85dfc2a6f76ca95e803535c25877e2aa1c05c38b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 1 Apr 2016 22:54:15 +0300 Subject: [ci skip] Add some 'debug' log messages to CI_Session --- system/libraries/Session/Session.php | 1 + system/libraries/Session/drivers/Session_database_driver.php | 5 ++++- system/libraries/Session/drivers/Session_files_driver.php | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index c9d2e8adc..1bdc6e5cc 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -91,6 +91,7 @@ class CI_Session { // Note: BC workaround elseif (config_item('sess_use_database')) { + log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".'); $this->_driver = 'database'; } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 317bd7d4d..cb152f91f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -109,7 +109,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } // Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future. - isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); + if ( ! isset($this->_config['save_path']) && ($this->_config['save_path'] = config_item('sess_table_name'))) + { + log_message('debug', 'Session: "sess_save_path" is empty; using BC fallback to "sess_table_name".'); + } } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 119bf6572..57c3777a2 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -95,6 +95,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } else { + log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } } -- cgit v1.2.3-24-g4f1b From cadcef85a218595b5999442d669086bdb5628947 Mon Sep 17 00:00:00 2001 From: Kasim Tan Date: Thu, 19 May 2016 12:06:07 -0700 Subject: Fixed PHPDoc parameter name and type discrepancies --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index c9d2e8adc..dde84a775 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -729,7 +729,7 @@ class CI_Session { * * Legacy CI_Session compatibility method * - * @param mixed $data Session data key(s) + * @param mixed $key Session data key(s) * @return void */ public function unset_userdata($key) -- cgit v1.2.3-24-g4f1b From e13fa9fdb3f2e311bd7331e49b26889f24bc81cb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 May 2016 17:30:07 +0300 Subject: Merge pull request #4638 from kasimtan/phpdoc_fixes [ci skip] Fixed PHPDoc parameter name and type discrepancies --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 1bdc6e5cc..3b391a8ef 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -730,7 +730,7 @@ class CI_Session { * * Legacy CI_Session compatibility method * - * @param mixed $data Session data key(s) + * @param mixed $key Session data key(s) * @return void */ public function unset_userdata($key) -- cgit v1.2.3-24-g4f1b From d680779debb08d1e50fb234ceb63a75b1a2710ed Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 May 2016 10:28:04 +0300 Subject: [ci skip] Fix a minor Redis Session bug --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index e4e09fe0d..8db74c0ca 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -255,7 +255,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_failure) + if ($this->_redis->close() === FALSE) { return $this->_fail(); } -- cgit v1.2.3-24-g4f1b From e12fcec770d7bc03f746c291e96cc75b51475f74 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 19 Jul 2016 13:37:40 +0300 Subject: [ci skip] Fix an undefined index for 'timeout' in Redis session driver http://forum.codeigniter.com/thread-64219.html --- system/libraries/Session/drivers/Session_redis_driver.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ad14cbfdc..d3a265958 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -99,8 +99,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?\?.+)?#', $this->_config['save_path'], $matches)) { $save_path = array( - 'host' => $matches[1], - 'port' => empty($matches[2]) ? NULL : $matches[2] + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'timeout' => NULL // We always pass this to Redis::connect(), so it needs to exist ); } else -- cgit v1.2.3-24-g4f1b From 1748567f5442409d6a8c1e795f56599caff8296e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Jul 2016 15:16:38 +0300 Subject: [ci skip] Fix #3919, #4732 --- system/libraries/Session/drivers/Session_memcached_driver.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 88eb4b3a6..99b4d1baa 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -209,10 +209,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ( - $this->_memcached->replace($key, $session_data, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) - ) + if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; return $this->_success; @@ -220,8 +217,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_fail(); } - - if ( + elseif ( $this->_memcached->touch($key, $this->_config['expiration']) OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) ) -- cgit v1.2.3-24-g4f1b From a838279625becfba98ccb7635d35c67297129c42 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Jul 2016 16:40:12 +0300 Subject: Remove dead code written for PHP 5.2 --- system/libraries/Session/drivers/Session_files_driver.php | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 57c3777a2..bf4df8b20 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -149,18 +149,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - // Just using fopen() with 'c+b' mode would be perfect, but it is only - // available since PHP 5.2.6 and we have to set permissions for new files, - // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) - { - if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) - { - log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return $this->_failure; - } - } - elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) + $this->_file_new = ! file_exists($this->_file_path.$session_id); + + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'c+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); return $this->_failure; -- cgit v1.2.3-24-g4f1b From 103a4263fe8c2715f622355ee7d76114d015f242 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 3 Oct 2016 11:19:11 +0300 Subject: Fix #4823 --- .../Session/drivers/Session_files_driver.php | 27 ++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index bf4df8b20..5f05396c0 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -76,6 +76,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // ------------------------------------------------------------------------ /** @@ -98,6 +105,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } // ------------------------------------------------------------------------ @@ -187,7 +196,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -368,4 +377,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return $this->_success; } -} \ No newline at end of file + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } +} -- cgit v1.2.3-24-g4f1b From 6c6ee1a1e73b3f8a93ca031107bec35e56272a0a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 22 Oct 2016 16:33:06 +0300 Subject: Close #4830, #3649 --- system/libraries/Session/Session.php | 36 ++++++++++++++++++++-- .../Session/drivers/Session_files_driver.php | 18 +++++++++-- 2 files changed, 48 insertions(+), 6 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 3b391a8ef..5aac12f36 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -57,6 +57,7 @@ class CI_Session { protected $_driver = 'files'; protected $_config; + protected $_sid_regexp; // ------------------------------------------------------------------------ @@ -99,6 +100,7 @@ class CI_Session { // Configuration ... $this->_configure($params); + $this->_config['_sid_regexp'] = $this->_sid_regexp; $class = new $class($this->_config); if ($class instanceof SessionHandlerInterface) @@ -131,7 +133,7 @@ class CI_Session { if (isset($_COOKIE[$this->_config['cookie_name']]) && ( ! is_string($_COOKIE[$this->_config['cookie_name']]) - OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']]) + OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']]) ) ) { @@ -315,8 +317,36 @@ class CI_Session { ini_set('session.use_strict_mode', 1); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); - ini_set('session.hash_function', 1); - ini_set('session.hash_bits_per_character', 4); + + if (PHP_VERSION_ID < 70100) + { + if ((int) ini_get('session.hash_function') === 0) + { + ini_set('session.hash_function', 1); + ini_set('session.hash_bits_per_character', $bits_per_character = 4); + } + else + { + $bits_per_character = (int) ini_get('session.hash_bits_per_character'); + } + } + elseif ((int) ini_get('session.sid_length') < 40 && ($bits_per_character = (int) ini_get('session.sid_bits_per_character')) === 4) + { + ini_set('session.sid_length', 40); + } + + switch ($bits_per_character) + { + case 4: + $this->_sid_regexp = '[0-9a-f]{40,}'; + break; + case 5: + $this->_sid_regexp = '[0-9a-v]{40,}'; + break; + case 6: + $this->_sid_regexp = '[0-9a-zA-Z,-]{40,}'; + break; + } } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5f05396c0..37315d3cd 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -76,6 +76,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * Validate SID regular expression + * + * @var string + */ + protected $_sid_regexp; + /** * mbstring.func_override flag * @@ -106,6 +113,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + $this->_sid_regexp = $this->_config['_sid_regexp']; + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } @@ -352,10 +361,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $ts = time() - $maxlifetime; + $pattern = ($this->_config['match_ip'] === TRUE) + ? '[0-9a-f]{32}' + : ''; + $pattern = sprintf( - '/^%s[0-9a-f]{%d}$/', - preg_quote($this->_config['cookie_name'], '/'), - ($this->_config['match_ip'] === TRUE ? 72 : 40) + '#\A%s'.$pattern.$this->_sid_regexp.'\z#', + preg_quote($this->_config['cookie_name']) ); while (($file = readdir($directory)) !== FALSE) -- cgit v1.2.3-24-g4f1b From 2f760877c313871e5066b93b0b1aa76428c09fb6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 27 Oct 2016 16:39:12 +0300 Subject: Fix #4874 --- system/libraries/Session/Session.php | 63 ++++++++++++++++++++++++++++++------ 1 file changed, 54 insertions(+), 9 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 5aac12f36..ea7853108 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -318,35 +318,80 @@ class CI_Session { ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); + $this->_configure_sid_length(); + } + + // ------------------------------------------------------------------------ + + /** + * Configure session ID length + * + * To make life easier, we used to force SHA-1 and 4 bits per + * character on everyone. And of course, someone was unhappy. + * + * Then PHP 7.1 broke backwards-compatibility because ext/session + * is such a mess that nobody wants to touch it with a pole stick, + * and the one guy who does, nobody has the energy to argue with. + * + * So we were forced to make changes, and OF COURSE something was + * going to break and now we have this pile of shit. -- Narf + * + * @return void + */ + protected function _configure_sid_length() + { if (PHP_VERSION_ID < 70100) { - if ((int) ini_get('session.hash_function') === 0) + $hash_function = ini_get('session.hash_function'); + if (ctype_digit($hash_function)) + { + if ($hash_function !== '1') + { + ini_set('session.hash_function', 1); + $bits = 160; + } + } + elseif ( ! in_array($hash_function, hash_algos(), TRUE)) { ini_set('session.hash_function', 1); - ini_set('session.hash_bits_per_character', $bits_per_character = 4); + $bits = 160; } - else + elseif (($bits = strlen(hash($hash_function, 'dummy', false)) * 4) < 160) { - $bits_per_character = (int) ini_get('session.hash_bits_per_character'); + ini_set('session.hash_function', 1); + $bits = 160; } + + $bits_per_character = (int) ini_get('session.hash_bits_per_character'); + $sid_length = $bits * $bits_per_character; } - elseif ((int) ini_get('session.sid_length') < 40 && ($bits_per_character = (int) ini_get('session.sid_bits_per_character')) === 4) + else { - ini_set('session.sid_length', 40); + $bits_per_character = (int) ini_get('session.sid_bits_per_character'); + $sid_length = (int) ini_get('session.sid_length'); + if (($bits = $sid_length * $bits_per_character) < 160) + { + // Add as many more characters as necessary to reach at least 160 bits + $sid_length += (int) ceil((160 % $bits) / $bits_per_character); + ini_set('session.sid_length', $sid_length); + } } + // Yes, 4,5,6 are the only known possible values as of 2016-10-27 switch ($bits_per_character) { case 4: - $this->_sid_regexp = '[0-9a-f]{40,}'; + $this->_sid_regexp = '[0-9a-f]'; break; case 5: - $this->_sid_regexp = '[0-9a-v]{40,}'; + $this->_sid_regexp = '[0-9a-v]'; break; case 6: - $this->_sid_regexp = '[0-9a-zA-Z,-]{40,}'; + $this->_sid_regexp = '[0-9a-zA-Z,-]'; break; } + + $this->_sid_regexp .= '{'.$sid_length.'}'; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From dbc025b6c2c9b0b085bb79dc126bc58fb2a8c2a8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 27 Oct 2016 17:37:25 +0300 Subject: [ci skip] Another attempt at #4874 --- system/libraries/Session/Session.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index ea7853108..01989d2d7 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -348,8 +348,9 @@ class CI_Session { if ($hash_function !== '1') { ini_set('session.hash_function', 1); - $bits = 160; } + + $bits = 160; } elseif ( ! in_array($hash_function, hash_algos(), TRUE)) { @@ -363,7 +364,7 @@ class CI_Session { } $bits_per_character = (int) ini_get('session.hash_bits_per_character'); - $sid_length = $bits * $bits_per_character; + $sid_length = (int) ceil($bits / $bits_per_character); } else { -- cgit v1.2.3-24-g4f1b From e49aa1f1cb63ad90d6c2d204439f538dcc282243 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 22 Nov 2016 12:02:55 +0200 Subject: Fix #4916 --- system/libraries/Session/drivers/Session_database_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index cb152f91f..6a7282b23 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -354,7 +354,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_platform === 'mysql') { - $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + $arg = md5($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '')); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; @@ -417,4 +417,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } -} \ No newline at end of file +} -- cgit v1.2.3-24-g4f1b From 6276926c6dcdf976a5f4de34d62f501852e2f84b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 29 Nov 2016 15:30:30 +0200 Subject: Fix #4923 --- .../Session/drivers/Session_database_driver.php | 10 +++--- .../Session/drivers/Session_memcached_driver.php | 37 ++++++++++------------ .../Session/drivers/Session_redis_driver.php | 27 +++++++--------- 3 files changed, 33 insertions(+), 41 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 6a7282b23..2f5241256 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -208,8 +208,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // Prevent previous QB calls from messing with our queries $this->_db->reset_query(); + if ($this->_lock === FALSE) + { + return $this->_fail(); + } // Was the ID regenerated? - if ($session_id !== $this->_session_id) + elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { @@ -219,10 +223,6 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_row_exists = FALSE; $this->_session_id = $session_id; } - elseif ($this->_lock === FALSE) - { - return $this->_fail(); - } if ($this->_row_exists === FALSE) { diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 99b4d1baa..eb1dcd3d8 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -186,7 +186,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ public function write($session_id, $session_data) { - if ( ! isset($this->_memcached)) + if ( ! isset($this->_memcached, $this->_lock_key)) { return $this->_fail(); } @@ -202,28 +202,25 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_session_id = $session_id; } - if (isset($this->_lock_key)) - { - $key = $this->_key_prefix.$session_id; - - $this->_memcached->replace($this->_lock_key, time(), 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) - { - if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return $this->_success; - } + $key = $this->_key_prefix.$session_id; - return $this->_fail(); - } - elseif ( - $this->_memcached->touch($key, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) - ) + $this->_memcached->replace($this->_lock_key, time(), 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) { + $this->_fingerprint = $fingerprint; return $this->_success; } + + return $this->_fail(); + } + elseif ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; } return $this->_fail(); @@ -375,4 +372,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } -} \ No newline at end of file +} diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 8db74c0ca..a780100b1 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -199,7 +199,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ public function write($session_id, $session_data) { - if ( ! isset($this->_redis)) + if ( ! isset($this->_redis, $this->_lock_key)) { return $this->_fail(); } @@ -215,27 +215,22 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $this->_redis->setTimeout($this->_lock_key, 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { - $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { - if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - $this->_key_exists = TRUE; - return $this->_success; - } - - return $this->_fail(); + $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; + return $this->_success; } - return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) - ? $this->_success - : $this->_fail(); + return $this->_fail(); } - return $this->_fail(); + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 24c866628d0ce5463d7e8b4eba512fa9e7752dfd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 14 Dec 2016 16:14:13 +0200 Subject: Drop all PHP 5.3-related code --- system/libraries/Session/Session.php | 21 +------- .../libraries/Session/SessionHandlerInterface.php | 59 ---------------------- 2 files changed, 1 insertion(+), 79 deletions(-) delete mode 100644 system/libraries/Session/SessionHandlerInterface.php (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 01989d2d7..9d3bd7a2f 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -105,23 +105,7 @@ class CI_Session { $class = new $class($this->_config); if ($class instanceof SessionHandlerInterface) { - if (is_php('5.4')) - { - session_set_save_handler($class, TRUE); - } - else - { - session_set_save_handler( - array($class, 'open'), - array($class, 'close'), - array($class, 'read'), - array($class, 'write'), - array($class, 'destroy'), - array($class, 'gc') - ); - - register_shutdown_function('session_write_close'); - } + session_set_save_handler($class, TRUE); } else { @@ -190,9 +174,6 @@ class CI_Session { */ protected function _ci_load_classes($driver) { - // PHP 5.4 compatibility - interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php'); - $prefix = config_item('subclass_prefix'); if ( ! class_exists('CI_Session_driver', FALSE)) diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php deleted file mode 100644 index b3533dd1e..000000000 --- a/system/libraries/Session/SessionHandlerInterface.php +++ /dev/null @@ -1,59 +0,0 @@ - Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/libraries/Session/Session.php | 4 ++-- system/libraries/Session/Session_driver.php | 4 ++-- system/libraries/Session/drivers/Session_database_driver.php | 4 ++-- system/libraries/Session/drivers/Session_files_driver.php | 4 ++-- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- system/libraries/Session/drivers/Session_redis_driver.php | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 9d3bd7a2f..3e4865cd1 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 2.0.0 diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 55ddb25e0..f32f14ae0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 2f5241256..31f5a4663 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 37315d3cd..6016e094e 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index eb1dcd3d8..2556bf0f7 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 233b15619..5313de04c 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b