From c4de3c2f93cb6d2af65b325ae2812fccad7e98b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 07:41:43 +0200 Subject: [ci skip] Fix Memcached session lock handling and error checking around replace() usage --- .../Session/drivers/Session_memcached_driver.php | 26 ++++++++++++++-------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index d017dfb2f..e9246443c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -204,10 +204,16 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_lock_key)) { + $key = $this->_key_prefix.$session_id; + $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) + + if ( + $this->_memcached->replace($key, $session_data, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) { $this->_fingerprint = $fingerprint; return $this->_success; @@ -305,9 +311,12 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // correct session ID. if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return ($this->_memcached->replace($this->_lock_key, time(), 300)) - ? $this->_success - : $this->_failure; + if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) + { + return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + ? $this->_memcached->set($this->_lock_key, time(), 300) + : FALSE; + } } // 30 attempts to obtain a lock, in case another request already has it @@ -324,7 +333,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ( ! $this->_memcached->set($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return $this->_failure; + return FALSE; } $this->_lock_key = $lock_key; @@ -335,11 +344,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($attempt === 30) { log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); - return $this->_failure; + return FALSE; } $this->_lock = TRUE; - return $this->_success; + return TRUE; } // ------------------------------------------------------------------------ @@ -367,5 +376,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } - -} +} \ No newline at end of file -- cgit v1.2.3-24-g4f1b From a54a2b90bf057d7883ea7506d78a1073478ea4cf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 19:55:39 +0200 Subject: Fix a bug where CI_Session_memcached_driver doesn't write empty sessions Related: #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index e9246443c..ab3b1d97c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -209,7 +209,6 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) @@ -222,9 +221,13 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_failure; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']) - ? $this->_success - : $this->_failure; + if ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; + } } return $this->_failure; -- cgit v1.2.3-24-g4f1b From 8215e2fcf828964b232e9f48befac4f08fa11187 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 11 Feb 2016 20:30:43 +0200 Subject: [ci skip] Fix Memcached replace() result code checks in CI_Session Related #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index ab3b1d97c..875e72255 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -211,7 +211,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) ) { $this->_fingerprint = $fingerprint; @@ -316,7 +316,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) { - return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? $this->_memcached->set($this->_lock_key, time(), 300) : FALSE; } -- cgit v1.2.3-24-g4f1b From 738b9e30404a56a8e2e8053f024550232b72ea09 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 24 Feb 2016 12:14:10 +0200 Subject: Merge pull request #4480 from versalle88/develop Changed class_exists() calls to ignore __autoload() --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index b93c00c15..77c56ae70 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From f06858c3df09fd33c80f9fc415b6c63b3430869c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:35:12 +0200 Subject: Merge pull request #4491 from roastduck/develop [ci skip] Clean current lock key on close() in redis session driver --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ad95309da..7b7951f5d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -254,7 +254,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + $this->_release_lock(); if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From 215922144082eb4b613e2418ba552776d23ea1db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:38:51 +0200 Subject: [ci skip] Apply #4491 to Memcached driver --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 875e72255..4bd63991f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -246,7 +246,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached)) { - isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + $this->_release_lock(); if ( ! $this->_memcached->quit()) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 13:59:20 +0200 Subject: Improve ext/session error messages --- system/libraries/Session/Session_driver.php | 20 ++++++++++++++++++++ .../Session/drivers/Session_database_driver.php | 21 ++++++++++----------- .../Session/drivers/Session_memcached_driver.php | 20 ++++++++++---------- .../Session/drivers/Session_redis_driver.php | 22 +++++++++++----------- 4 files changed, 51 insertions(+), 32 deletions(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 98fc897e3..55ddb25e0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -168,4 +168,24 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } + // ------------------------------------------------------------------------ + + /** + * Fail + * + * Drivers other than the 'files' one don't (need to) use the + * session.save_path INI setting, but that leads to confusing + * error messages emitted by PHP when open() or write() fail, + * as the message contains session.save_path ... + * To work around the problem, the drivers will call this method + * so that the INI is set just in time for the error message to + * be properly generated. + * + * @return mixed + */ + protected function _fail() + { + ini_set('session.save_path', config_item('sess_save_path')); + return $this->_failure; + } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 3ba9d3d36..da0331220 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -127,7 +127,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) { - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if (($result = $this->_db->get()->row()) === NULL) + if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to @@ -210,7 +210,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_row_exists = FALSE; @@ -218,7 +218,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock === FALSE) { - return $this->_failure; + return $this->_fail(); } if ($this->_row_exists === FALSE) @@ -237,7 +237,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } $this->_db->where('id', $session_id); @@ -260,7 +260,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -275,7 +275,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function close() { return ($this->_lock && ! $this->_release_lock()) - ? $this->_failure + ? $this->_fail() : $this->_success; } @@ -304,7 +304,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ( ! $this->_db->delete($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } } @@ -314,7 +314,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -334,7 +334,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) ? $this->_success - : $this->_failure; + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -414,5 +414,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } - } \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 4bd63991f..88eb4b3a6 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return $this->_failure; + return $this->_fail(); } foreach ($matches as $match) @@ -142,7 +142,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -188,14 +188,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! isset($this->_memcached)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_fingerprint = md5(''); @@ -218,7 +218,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } if ( @@ -230,7 +230,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa } } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -249,14 +249,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return $this->_failure; + return $this->_fail(); } $this->_memcached = NULL; return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -278,7 +278,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 7b7951f5d..cc242dd3d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -131,7 +131,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } $redis = new Redis(); @@ -153,7 +153,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -183,7 +183,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -201,14 +201,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! isset($this->_redis)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_key_exists = FALSE; @@ -227,15 +227,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) ? $this->_success - : $this->_failure; + : $this->_fail(); } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -255,9 +255,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_failure) + if ($this->_redis->close() === $this->_fail()) { - return $this->_failure; + return $this->_fail(); } } } @@ -296,7 +296,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 7bdd4950da2226859b00042ce9e8b2b9797129a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 14:01:09 +0200 Subject: Fix a logical error from last commit --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index da0331220..317bd7d4d 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to -- cgit v1.2.3-24-g4f1b From f56068bfd34e3ebc1325b049bf33901d855c7321 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 11:11:53 +0200 Subject: Revert an unintended change from a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index cc242dd3d..e4e09fe0d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -255,7 +255,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_fail()) + if ($this->_redis->close() === $this->_failure) { return $this->_fail(); } -- cgit v1.2.3-24-g4f1b