From 47a47fb9fafdb26206d01d846d8013f6e883eb37 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 31 May 2014 16:08:30 +0300 Subject: Initial version of new Session library --- system/libraries/Session/Session.php | 846 ++++++++++----------- .../libraries/Session/SessionHandlerInterface.php | 51 ++ system/libraries/Session/Session_driver.php | 202 +++++ .../libraries/Session/drivers/Session_cookie.php | 805 -------------------- .../Session/drivers/Session_database_driver.php | 317 ++++++++ .../Session/drivers/Session_files_driver.php | 276 +++++++ .../libraries/Session/drivers/Session_native.php | 246 ------ 7 files changed, 1255 insertions(+), 1488 deletions(-) create mode 100644 system/libraries/Session/SessionHandlerInterface.php create mode 100644 system/libraries/Session/Session_driver.php delete mode 100644 system/libraries/Session/drivers/Session_cookie.php create mode 100644 system/libraries/Session/drivers/Session_database_driver.php create mode 100644 system/libraries/Session/drivers/Session_files_driver.php delete mode 100644 system/libraries/Session/drivers/Session_native.php (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 905352bb3..0d444e8ca 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -29,729 +29,701 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Class * - * The user interface defined by EllisLabs, now with puggable drivers to manage different storage mechanisms. - * By default, the cookie session driver will load, but the 'sess_driver' config/param item (see above) can be - * used to specify the 'native' driver, or any other you might create. - * Once loaded, this driver setup is a drop-in replacement for the former CI_Session library, taking its place as the - * 'session' member of the global controller framework (e.g.: $CI->session or $this->session). - * In keeping with the CI_Driver methodology, multiple drivers may be loaded, although this might be a bit confusing. - * The CI_Session library class keeps track of the most recently loaded driver as "current" to call for driver methods. - * Ideally, one driver is loaded and all calls go directly through the main library interface. However, any methods - * called through the specific driver will switch the "current" driver to itself before invoking the library method - * (which will then call back into the driver for low-level operations). So, alternation between two drivers can be - * achieved by specifying which driver to use for each call (e.g.: $this->session->native->set_userdata('foo', 'bar'); - * $this->session->cookie->userdata('foo'); $this->session->native->unset_userdata('foo');). Notice in the previous - * example that the _native_ userdata value 'foo' would be set to 'bar', which would NOT be returned by the call for - * the _cookie_ userdata 'foo', nor would the _cookie_ value be unset by the call to unset the _native_ 'foo' value. - * * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author EllisLab Dev Team + * @author Andrey Andreev * @link http://codeigniter.com/user_guide/libraries/sessions.html */ -class CI_Session extends CI_Driver_Library { - - /** - * Initialization parameters - * - * @var array - */ - public $params = array(); - - /** - * Valid drivers list - * - * @var array - */ - public $valid_drivers = array('native', 'cookie'); +class CI_Session { - /** - * Current driver in use - * - * @var string - */ - public $current = NULL; - - /** - * User data - * - * @var array - */ - protected $userdata = array(); - - // ------------------------------------------------------------------------ - - const FLASHDATA_KEY = 'flash'; - const FLASHDATA_NEW = ':new:'; - const FLASHDATA_OLD = ':old:'; - const FLASHDATA_EXP = ':exp:'; - const EXPIRATION_KEY = '__expirations'; - const TEMP_EXP_DEF = 300; + protected $_driver = 'files'; // ------------------------------------------------------------------------ /** - * CI_Session constructor - * - * The constructor loads the configured driver ('sess_driver' in config.php or as a parameter), running - * routines in its constructor, and manages flashdata aging. + * Class constructor * - * @param array Configuration parameters + * @param array $params Configuration parameters * @return void */ public function __construct(array $params = array()) { - $_config =& get_instance()->config; // No sessions under CLI if (is_cli()) { + log_message('debug', 'Session: Initialization under CLI aborted.'); return; } - - log_message('debug', 'CI_Session Class Initialized'); - - // Add possible extra entries to our valid drivers list - $drivers = isset($params['sess_valid_drivers']) ? $params['sess_valid_drivers'] : $_config->item('sess_valid_drivers'); - if ( ! empty($drivers)) + elseif ((bool) ini_get('session.auto_start')) { - $drivers = array_map('strtolower', (array) $drivers); - $this->valid_drivers = array_merge($this->valid_drivers, array_diff($drivers, $this->valid_drivers)); + log_message('error', 'Session: session.auto_start is enabled in php.ini. Aborting.'); + return; + } + elseif ( ! empty($params['driver'])) + { + $this->_driver = $params['driver']; + unset($params['driver']); } - // Get driver to load - $driver = isset($params['sess_driver']) ? $params['sess_driver'] : $_config->item('sess_driver'); - if ( ! $driver) + if (($class = $this->_ci_load_classes($this->_driver)) === FALSE) { - log_message('debug', "Session: No driver name is configured, defaulting to 'cookie'."); - $driver = 'cookie'; + return; } - if ( ! in_array($driver, $this->valid_drivers)) + $class = new $class($params); + if ($class instanceof SessionHandlerInterface) { - log_message('error', 'Session: Configured driver name is not valid, aborting.'); + if (is_php('5.4')) + { + session_set_save_handler($class, TRUE); + } + else + { + session_set_save_handler( + array($class, 'open'), + array($class, 'close'), + array($class, 'read'), + array($class, 'write'), + array($class, 'destroy'), + array($class, 'gc') + ); + + register_shutdown_function('session_write_close'); + } + } + else + { + log_message('error', "Session: Driver '".$this->_driver."' doesn't implement SessionHandlerInterface. Aborting."); return; } - // Save a copy of parameters in case drivers need access - $this->params = $params; + session_start(); + $this->_ci_init_vars(); - // Load driver and get array reference - $this->load_driver($driver); + log_message('debug', "Session: Class initialized using '".$this->_driver."' driver."); + } - // Delete 'old' flashdata (from last request) - $this->_flashdata_sweep(); + // ------------------------------------------------------------------------ - // Mark all new flashdata as old (data will be deleted before next request) - $this->_flashdata_mark(); + protected function _ci_load_classes($driver) + { + // PHP 5.4 compatibility + interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php'); - // Delete expired tempdata - $this->_tempdata_sweep(); + $prefix = config_item('subclass_prefix'); - log_message('debug', 'CI_Session routines successfully run'); - } + if ( ! class_exists('CI_Session_driver', FALSE)) + { + if (file_exists($file_path = APPPATH.'libraries/Session/Session_driver.php') OR file_exists($file_path = BASEPATH.'libraries/Session/Session_driver.php')) + { + require_once($file_path); + } - // ------------------------------------------------------------------------ + if (file_exists($file_path = APPPATH.'libraries/Session/'.$prefix.'Session_driver.php')) + { + require_once($file_path); + } + } - /** - * Loads session storage driver - * - * @param string Driver classname - * @return object Loaded driver object - */ - public function load_driver($driver) - { - // Save reference to most recently loaded driver as library default and sync userdata - $this->current = parent::load_driver($driver); - $this->userdata =& $this->current->get_userdata(); - return $this->current; - } + $class = 'Session_'.$driver.'_driver'; - // ------------------------------------------------------------------------ + if ( ! class_exists('CI_'.$class, FALSE)) + { + if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php')) + { + require_once($file_path); + } - /** - * Select default session storage driver - * - * @param string Driver name - * @return void - */ - public function select_driver($driver) - { - // Validate driver name - $prefix = (string) get_instance()->config->item('subclass_prefix'); - $child = strtolower(str_replace(array('CI_', $prefix, $this->lib_name.'_'), '', $driver)); - if (in_array($child, array_map('strtolower', $this->valid_drivers))) + if ( ! class_exists('CI_'.$class, FALSE)) + { + log_message('error', "Session: Configured driver '".$driver."' was not found. Aborting."); + return FALSE; + } + } + + if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { - // See if driver is loaded - if (isset($this->$child)) + require_once($file_path); + if (class_exists($prefix.$class, FALSE)) { - // See if driver is already current - if ($this->$child !== $this->current) - { - // Make driver current and sync userdata - $this->current = $this->$child; - $this->userdata =& $this->current->get_userdata(); - } + return $prefix.$class; } else { - // Load new driver - $this->load_driver($child); + log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.'); } } + + return 'CI_'.$class; } // ------------------------------------------------------------------------ /** - * Destroy the current session + * Handle temporary variables + * + * Clears old "flash" data, marks the new one for deletion and handles + * "temp" data deletion. * * @return void */ - public function sess_destroy() + protected function _ci_init_vars() { - // Just call destroy on driver - $this->current->sess_destroy(); - } + if ( ! empty($_SESSION['__ci_vars'])) + { + $current_time = time(); - // ------------------------------------------------------------------------ + foreach ($_SESSION['__ci_vars'] as $key => &$value) + { + if ($value === 'new') + { + $_SESSION['__ci_vars'][$key] = 'old'; + } + // Hacky, but 'old' will (implicitly) always be less than time() ;) + // DO NOT move this above the 'new' check! + elseif ($value < $current_time) + { + unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]); + } + } - /** - * Regenerate the current session - * - * @param bool Destroy session data flag (default: false) - * @return void - */ - public function sess_regenerate($destroy = FALSE) - { - // Call regenerate on driver and resync userdata - $this->current->sess_regenerate($destroy); - $this->userdata =& $this->current->get_userdata(); + if (empty($_SESSION['__ci_vars'])) + { + unset($_SESSION['__ci_vars']); + } + } } // ------------------------------------------------------------------------ /** - * Fetch a specific item from the session array + * Mark as flash * - * @param string Item key - * @return string Item value or NULL if not found + * @param mixed $key Session data key(s) + * @return bool */ - public function userdata($item = NULL) + public function mark_as_flash($key) { - if (isset($item)) + if (is_array($key)) { - return isset($this->userdata[$item]) ? $this->userdata[$item] : NULL; - } + for ($i = 0, $c = count($key); $i < $c; $i++) + { + if ( ! isset($_SESSION[$key[$i]])) + { + return FALSE; + } + } - return isset($this->userdata) ? $this->userdata : array(); - } + $new = array_fill_keys($key, 'new'); - // ------------------------------------------------------------------------ + $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars']) + ? array_merge($_SESSION['__ci_vars'], $new) + : $new; - /** - * Fetch all session data - * - * @deprecated 3.0.0 Use userdata() with no parameters instead - * @return array User data array - */ - public function all_userdata() - { - return isset($this->userdata) ? $this->userdata : array(); + return TRUE; + } + + if ( ! isset($_SESSION[$key])) + { + return FALSE; + } + + $_SESSION['__ci_vars'][$key] = 'new'; + return TRUE; } // ------------------------------------------------------------------------ /** - * Add or change data in the "userdata" array + * Get flash keys * - * @param mixed Item name or array of items - * @param string Item value or empty string - * @return void + * @return array */ - public function set_userdata($newdata, $newval = '') + public function get_flash_keys() { - // Wrap params as array if singular - if (is_string($newdata)) + if ( ! isset($_SESSION['__ci_vars'])) { - $newdata = array($newdata => $newval); + return array(); } - // Set each name/value pair - if (count($newdata) > 0) + $keys = array(); + foreach (array_keys($_SESSION['__ci_vars']) as $key) { - foreach ($newdata as $key => $val) - { - $this->userdata[$key] = $val; - } + is_int($_SESSION['__ci_vars'][$key]) OR $keys[] = $key; } - // Tell driver data changed - $this->current->sess_save(); + return $keys; } // ------------------------------------------------------------------------ /** - * Delete a session variable from the "userdata" array + * Unmark flash * - * @param mixed Item name or array of item names + * @param mixed $key Session data key(s) * @return void */ - public function unset_userdata($newdata) + public function unmark_flash($key) { - // Wrap single name as array - if (is_string($newdata)) + if (empty($_SESSION['__ci_vars'])) { - $newdata = array($newdata => ''); + return; } - // Unset each item name - if (count($newdata) > 0) + is_array($key) OR $key = array($key); + + foreach ($key as $k) { - foreach (array_keys($newdata) as $key) + if (isset($_SESSION['__ci_vars'][$k]) && ! is_int($_SESSION['__ci_vars'][$k])) { - unset($this->userdata[$key]); + unset($_SESSION['__ci_vars'][$k]); } } - // Tell driver data changed - $this->current->sess_save(); + if (empty($_SESSION['__ci_vars'])) + { + unset($_SESSION['__ci_vars']); + } } // ------------------------------------------------------------------------ /** - * Determine if an item exists + * Mark as temp * - * @param string Item name + * @param mixed $key Session data key(s) + * @param int $ttl Time-to-live in seconds * @return bool */ - public function has_userdata($item) + public function mark_as_temp($key, $ttl = 300) { - return isset($this->userdata[$item]); + $ttl += time(); + + if (is_array($key)) + { + $temp = array(); + + foreach ($key as $k => $v) + { + // Do we have a key => ttl pair, or just a key? + if (is_int($k)) + { + $k = $v; + $v = $ttl; + } + else + { + $v += time(); + } + + if ( ! isset($_SESSION[$k])) + { + return FALSE; + } + + $temp[$k] = $ts; + } + + $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars']) + ? array_merge($_SESSION['__ci_vars'], $temp) + : $temp; + + return TRUE; + } + + if ( ! isset($_SESSION[$key])) + { + return FALSE; + } + + $_SESSION['__ci_vars'][$key] = $ttl; + return TRUE; } // ------------------------------------------------------------------------ /** - * Add or change flashdata, only available until the next request + * Get temp keys * - * @param mixed Item name or array of items - * @param string Item value or empty string - * @return void + * @return array */ - public function set_flashdata($newdata, $newval = '') + public function get_temp_keys() { - // Wrap item as array if singular - if (is_string($newdata)) + if ( ! isset($_SESSION['__ci_vars'])) { - $newdata = array($newdata => $newval); + return array(); } - // Prepend each key name and set value - if (count($newdata) > 0) + $keys = array(); + foreach (array_keys($_SESSION['__ci_vars']) as $key) { - foreach ($newdata as $key => $val) - { - $flashdata_key = self::FLASHDATA_KEY.self::FLASHDATA_NEW.$key; - $this->set_userdata($flashdata_key, $val); - } + is_int($_SESSION['__ci_vars'][$key]) && $keys[] = $key; } + + return $keys; } // ------------------------------------------------------------------------ /** - * Keeps existing flashdata available to next request. + * Unmark flash * - * @param mixed Item key(s) + * @param mixed $key Session data key(s) * @return void */ - public function keep_flashdata($key) + public function unmark_temp($key) { + if (empty($_SESSION['__ci_vars'])) + { + return; + } - if (is_array($key)) + is_array($key) OR $key = array($key); + + foreach ($key as $k) { - foreach ($key as $k) + if (isset($_SESSION['__ci_vars'][$k]) && is_int($_SESSION['__ci_vars'][$k])) { - $this->keep_flashdata($k); + unset($_SESSION['__ci_vars'][$k]); } - - return; } - // 'old' flashdata gets removed. Here we mark all flashdata as 'new' to preserve it from _flashdata_sweep() - // Note the function will return NULL if the $key provided cannot be found - $old_flashdata_key = self::FLASHDATA_KEY.self::FLASHDATA_OLD.$key; - $value = $this->userdata($old_flashdata_key); - - $new_flashdata_key = self::FLASHDATA_KEY.self::FLASHDATA_NEW.$key; - $this->set_userdata($new_flashdata_key, $value); + if (empty($_SESSION['__ci_vars'])) + { + unset($_SESSION['__ci_vars']); + } } // ------------------------------------------------------------------------ /** - * Fetch a specific flashdata item from the session array + * __get() * - * @param string Item key - * @return string + * @param string $key 'session_id' or a session data key + * @return mixed */ - public function flashdata($key = NULL) + public function __get($key) { - if (isset($key)) + // Note: Keep this order the same, just in case somebody wants to + // use 'session_id' as a session data key, for whatever reason + if (isset($_SESSION[$key])) { - return $this->userdata(self::FLASHDATA_KEY.self::FLASHDATA_OLD.$key); + return $_SESSION[$key]; } - - // Get our flashdata items from userdata - $out = array(); - foreach ($this->userdata() as $key => $val) + elseif ($key === 'session_id') { - if (strpos($key, self::FLASHDATA_KEY.self::FLASHDATA_OLD) !== FALSE) - { - $key = str_replace(self::FLASHDATA_KEY.self::FLASHDATA_OLD, '', $key); - $out[$key] = $val; - } + return session_id(); } - return $out; + return NULL; } // ------------------------------------------------------------------------ /** - * Add or change tempdata, only available until expiration + * __set() * - * @param mixed Item name or array of items - * @param string Item value or empty string - * @param int Item lifetime in seconds or 0 for default + * @param string $key Session data key + * @param mixed $value Session data value * @return void */ - public function set_tempdata($newdata, $newval = '', $expire = 0) + public function __set($key, $value) { - // Set expiration time - $expire = time() + ($expire ? $expire : self::TEMP_EXP_DEF); - - // Wrap item as array if singular - if (is_string($newdata)) - { - $newdata = array($newdata => $newval); - } - - // Get or create expiration list - $expirations = $this->userdata(self::EXPIRATION_KEY); - if ( ! $expirations) - { - $expirations = array(); - } + $_SESSION[$key] = $value; + } - // Prepend each key name and set value - if (count($newdata) > 0) - { - foreach ($newdata as $key => $val) - { - $tempdata_key = self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key; - $expirations[$tempdata_key] = $expire; - $this->set_userdata($tempdata_key, $val); - } - } + // ------------------------------------------------------------------------ - // Update expiration list - $this->set_userdata(self::EXPIRATION_KEY, $expirations); + /** + * Session destroy + * + * Legacy CI_Session compatibility method + * + * @return void + */ + public function sess_destroy() + { + session_destroy(); } // ------------------------------------------------------------------------ /** - * Delete a temporary session variable from the "userdata" array + * Session regenerate + * + * Legacy CI_Session compatibility method * - * @param mixed Item name or array of item names + * @param bool $destroy Destroy old session data flag * @return void */ - public function unset_tempdata($newdata) + public function sess_regenerate($destroy = FALSE) { - // Get expirations list - $expirations = $this->userdata(self::EXPIRATION_KEY); - if (empty($expirations)) - { - // Nothing to do - return; - } - - // Wrap single name as array - if (is_string($newdata)) - { - $newdata = array($newdata => ''); - } + session_regenerate_id($destroy); + } - // Prepend each item name and unset - if (count($newdata) > 0) - { - foreach (array_keys($newdata) as $key) - { - $tempdata_key = self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key; - unset($expirations[$tempdata_key]); - $this->unset_userdata($tempdata_key); - } - } + // ------------------------------------------------------------------------ - // Update expiration list - $this->set_userdata(self::EXPIRATION_KEY, $expirations); + /** + * Get userdata reference + * + * Legacy CI_Session compatibility method + * + * @returns array + */ + public function &get_userdata() + { + return $_SESSION; } // ------------------------------------------------------------------------ /** - * Fetch a specific tempdata item from the session array + * Userdata (fetch) * - * @param string Item key - * @return string + * Legacy CI_Session compatibility method + * + * @param string $key Session data key + * @return mixed Session data value or NULL if not found */ - public function tempdata($key = NULL) + public function userdata($key = NULL) { if (isset($key)) { - return $this->userdata(self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key); + return isset($_SESSION[$key]) ? $_SESSION[$key] : NULL; } - - // Get our tempdata items from userdata - $out = array(); - foreach ($this->userdata() as $key => $val) + elseif (empty($_SESSION)) { - if (strpos($key, self::FLASHDATA_KEY.self::FLASHDATA_EXP) !== FALSE) - { - $key = str_replace(self::FLASHDATA_KEY.self::FLASHDATA_EXP, '', $key); - $out[$key] = $val; - } + return array(); } - return $out; - } + $userdata = array(); + $_exclude = array_merge( + array('__ci_f', '__ci_t'), + $this->get_flash_keys(), + $this->get_temp_keys() + ); - // ------------------------------------------------------------------------ - - /** - * Identifies flashdata as 'old' for removal - * when _flashdata_sweep() runs. - * - * @return void - */ - protected function _flashdata_mark() - { - foreach ($this->userdata() as $name => $value) + foreach (array_keys($_SESSION) as $key) { - $parts = explode(self::FLASHDATA_NEW, $name); - if (count($parts) === 2) + if ( ! in_array($key, $_exclude, TRUE)) { - $this->set_userdata(self::FLASHDATA_KEY.self::FLASHDATA_OLD.$parts[1], $value); - $this->unset_userdata($name); + $userdata[$key] = $_SESSION[$key]; } } + + return $userdata; } // ------------------------------------------------------------------------ /** - * Removes all flashdata marked as 'old' + * Set userdata * + * Legacy CI_Session compatibility method + * + * @param mixed $data Session data key or an associative array + * @param mixed $value Value to store * @return void */ - protected function _flashdata_sweep() + public function set_userdata($data, $value = NULL) { - $userdata = $this->userdata(); - foreach (array_keys($userdata) as $key) + if (is_array($data)) { - if (strpos($key, self::FLASHDATA_OLD)) + foreach ($data as $key => &$value) { - $this->unset_userdata($key); + $_SESSION[$key] = $value; } + + return; } + + $_SESSION[$data] = $value; } // ------------------------------------------------------------------------ /** - * Removes all expired tempdata + * Unset userdata + * + * Legacy CI_Session compatibility method * + * @param mixed $data Session data key(s) * @return void */ - protected function _tempdata_sweep() + public function unset_userdata($key) { - // Get expirations list - $expirations = $this->userdata(self::EXPIRATION_KEY); - if (empty($expirations)) - { - // Nothing to do - return; - } - - // Unset expired elements - $now = time(); - $userdata = $this->userdata(); - foreach (array_keys($userdata) as $key) + if (is_array($key)) { - if (strpos($key, self::FLASHDATA_EXP) && $expirations[$key] < $now) + foreach ($key as $k) { - unset($expirations[$key]); - $this->unset_userdata($key); + unset($_SESSION[$key]); } + + return; } - // Update expiration list - $this->set_userdata(self::EXPIRATION_KEY, $expirations); + unset($_SESSION[$key]); } -} - -// ------------------------------------------------------------------------ - -/** - * CI_Session_driver Class - * - * Extend this class to make a new CI_Session driver. - * A CI_Session driver basically manages an array of name/value pairs with some sort of storage mechanism. - * To make a new driver, derive from (extend) CI_Session_driver. Overload the initialize method and read or create - * session data. Then implement a save handler to write changed data to storage (sess_save), a destroy handler - * to remove deleted data (sess_destroy), and an access handler to expose the data (get_userdata). - * Put your driver in the libraries/Session/drivers folder anywhere in the loader paths. This includes the - * application directory, the system directory, or any path you add with $CI->load->add_package_path(). - * Your driver must be named CI_Session_, and your filename must be Session_.php, - * preferably also capitalized. (e.g.: CI_Session_foo in libraries/Session/drivers/Session_foo.php) - * Then specify the driver by setting 'sess_driver' in your config file or as a parameter when loading the CI_Session - * object. (e.g.: $config['sess_driver'] = 'foo'; OR $CI->load->driver('session', array('sess_driver' => 'foo')); ) - * Already provided are the Native driver, which manages the native PHP $_SESSION array, and - * the Cookie driver, which manages the data in a browser cookie, with optional extra storage in a database table. - * - * @package CodeIgniter - * @subpackage Libraries - * @category Sessions - * @author EllisLab Dev Team - */ -abstract class CI_Session_driver extends CI_Driver { - - /** - * CI Singleton - * - * @see get_instance() - * @var object - */ - protected $CI; - // ------------------------------------------------------------------------ /** - * Constructor + * All userdata (fetch) * - * Gets the CI singleton, so that individual drivers - * don't have to do it separately. + * Legacy CI_Session compatibility method * - * @return void + * @return array $_SESSION, excluding flash data items */ - public function __construct() + public function all_userdata() { - $this->CI =& get_instance(); + return $this->userdata(); } // ------------------------------------------------------------------------ /** - * Decorate + * Has userdata * - * Decorates the child with the parent driver lib's methods and properties + * Legacy CI_Session compatibility method * - * @param object Parent library object - * @return void + * @param string $key Session data key + * @return bool */ - public function decorate($parent) + public function has_userdata($key) { - // Call base class decorate first - parent::decorate($parent); - - // Call initialize method now that driver has access to $this->_parent - $this->initialize(); + return isset($_SESSION[$key]); } // ------------------------------------------------------------------------ /** - * __call magic method + * Flashdata (fetch) * - * Handles access to the parent driver library's methods + * Legacy CI_Session compatibility method * - * @param string Library method name - * @param array Method arguments (default: none) - * @return mixed + * @param string $key Session data key + * @return mixed Session data value or NULL if not found */ - public function __call($method, $args = array()) + public function flashdata($key = NULL) { - // Make sure the parent library uses this driver - $this->_parent->select_driver(get_class($this)); - return parent::__call($method, $args); + if (isset($key)) + { + return isset($_SESSION['__ci_f'], $_SESSION['__ci_f'][$key], $_SESSION[$key]) + ? $_SESSION[$key] + : NULL; + } + + $flashdata = array(); + + if ( ! empty($_SESSION['__ci_f'])) + { + foreach (array_keys($_SESSION['__ci_f']) as $key) + { + $flashdata[$key] = $_SESSION[$key]; + } + } + + return $flashdata; } // ------------------------------------------------------------------------ /** - * Initialize driver + * Set flashdata * + * Legacy CI_Session compatibiliy method + * + * @param mixed $data Session data key or an associative array + * @param mixed $value Value to store * @return void */ - protected function initialize() + public function set_flashdata($data, $value = NULL) { - // Overload this method to implement initialization + $this->set_userdata($data, $value); + $this->mark_as_flash($data); } // ------------------------------------------------------------------------ /** - * Save the session data + * Keep flashdata * - * Data in the array has changed - perform any storage synchronization - * necessary. The child class MUST implement this abstract method! + * Legacy CI_Session compatibility method * + * @param mixed $key Session data key(s) * @return void */ - abstract public function sess_save(); + public function keep_flashdata($key) + { + $this->mark_as_flash($key); + } // ------------------------------------------------------------------------ /** - * Destroy the current session + * Temp data (fetch) * - * Clean up storage for this session - it has been terminated. - * The child class MUST implement this abstract method! + * Legacy CI_Session compatibility method * - * @return void + * @param string $key Session data key + * @return mixed Session data value or NULL if not found */ - abstract public function sess_destroy(); + public function tempdata($key = NULL) + { + if (isset($key)) + { + return isset($_SESSION['__ci_t'], $_SESSION['__ci_t'][$key], $_SESSION[$key]) + ? $_SESSION[$key] + : NULL; + } + + $tempdata = array(); + + if ( ! empty($_SESSION['__ci_t'])) + { + foreach (array_keys($_SESSION['__ci_t']) as $key) + { + $tempdata[$key] = $_SESSION[$key]; + } + } + + return $tempdata; + } // ------------------------------------------------------------------------ /** - * Regenerate the current session + * Set tempdata * - * Regenerate the session ID. - * The child class MUST implement this abstract method! + * Legacy CI_Session compatibility method * - * @param bool Destroy session data flag (default: false) + * @param mixed $data Session data key or an associative array of items + * @param mixed $value Value to store + * @param int $ttl Time-to-live in seconds * @return void */ - abstract public function sess_regenerate($destroy = FALSE); + public function set_tempdata($data, $value = NULL, $ttl = 300) + { + $this->set_userdata($data, $value); + $this->mark_as_temp($data, $ttl); + } // ------------------------------------------------------------------------ /** - * Get a reference to user data array + * Unset tempdata * - * Give array access to the main CI_Session object. - * The child class MUST implement this abstract method! + * Legacy CI_Session compatibility method * - * @return array Reference to userdata + * @param mixed $data Session data key(s) + * @return void */ - abstract public function &get_userdata(); + public function unset_tempdata($key) + { + $this->unmark_temp($key); + } } diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php new file mode 100644 index 000000000..7473ff8ec --- /dev/null +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -0,0 +1,51 @@ + &$value) + { + $key = (strncmp($key, 'sess_', 5) === 0) + ? substr($key, 4) + : '_'.$key; + + property_exists($this, $key) && $this->$key = $value; + } + + isset($this->_expiration) OR $this->_expiration = (int) config_item('sess_expiration'); + isset($this->_cookie_name) OR $this->_cookie_name = config_item('sess_cookie_name'); + isset($this->_cookie_domain) OR $this->_cookie_domain = config_item('cookie_domain'); + isset($this->_cookie_path) OR $this->_cookie_path = config_item('cookie_path'); + isset($this->_cookie_secure) OR $this->_cookie_secure = config_item('cookie_secure'); + isset($this->_cookie_httponly) OR $this->_cookie_httponly = config_item('cookie_httponly'); + isset($this->_match_ip) OR $this->_match_ip = config_item('sess_match_ip'); + + // Pass our configuration to php.ini, when appropriate + ini_set('session.name', $this->_cookie_name); + isset($this->_cookie_domain) && ini_set('session.cookie_domain', $this->_cookie_domain); + isset($this->_cookie_path) && ini_set('session.cookie_path', $this->_cookie_path); + isset($this->_cookie_secure) && ini_set('session.cookie_secure', $this->_cookie_secure); + isset($this->_cookie_httponly) && ini_set('session.cookie_httponly', $this->_cookie_httponly); + + if ($this->_expiration) + { + ini_set('session.gc_maxlifetime', $this->_expiration); + } + + // Security is king + ini_set('session.use_trans_id', 0); + ini_set('session.use_strict_mode', 1); + ini_set('session.use_cookies', 1); + ini_set('session.use_only_cookies', 1); + ini_set('session.hash_function', 1); + ini_set('session.hash_bits_per_character', 4); + + // Work-around for PHP bug #66827 (https://bugs.php.net/bug.php?id=66827) + // + // The session ID sanitizer doesn't check for the value type and blindly does + // an implicit cast to string, which triggers an 'Array to string' E_NOTICE. + if (isset($_COOKIE[$this->_cookie_name]) && ! is_string($_COOKIE[$this->_cookie_name])) + { + unset($_COOKIE[$this->_cookie_name]); + } + +/* + Need to test if this is necessary for a custom driver or if it's only + relevant to PHP's own files handler. + + https://bugs.php.net/bug.php?id=65475 + do this after session is started: + if (is_php('5.5.2') && ! is_php('5.5.4')) + { + $session_id = session_id(); + if ($_COOKIE[$this->_cookie_name] !== $session_id && file_exists(teh file)) + { + unlink(); + } + + setcookie( + $this->_cookie_name, + $session_id, + $this->_expiration + ? time() + $this->_expiration + : 0, + $this->_cookie_path, + $this->_cookie_domain, + $this->_cookie_secure, + $this->_cookie_httponly + ); + } +*/ + } + + // ------------------------------------------------------------------------ + + protected function _cookie_destroy() + { + return setcookie( + $this->_cookie_name, + NULL, + 1, + $this->_cookie_path, + $this->_cookie_domain, + $this->_cookie_secure, + $this->_cookie_httponly + ); + } + +} + +/* End of file Session_driver.php */ +/* Location: ./system/libraries/Session/Session_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php deleted file mode 100644 index 566c40bd8..000000000 --- a/system/libraries/Session/drivers/Session_cookie.php +++ /dev/null @@ -1,805 +0,0 @@ - NULL, - 'ip_address' => NULL, - 'user_agent' => NULL, - 'last_activity' => NULL - ); - - /** - * Data needs DB update flag - * - * @var bool - */ - protected $data_dirty = FALSE; - - /** - * Standardize newlines flag - * - * @var bool - */ - protected $_standardize_newlines; - - // ------------------------------------------------------------------------ - - /** - * Initialize session driver object - * - * @return void - */ - protected function initialize() - { - // Set all the session preferences, which can either be set - // manually via the $params array or via the config file - $prefs = array( - 'sess_encrypt_cookie', - 'sess_use_database', - 'sess_table_name', - 'sess_expiration', - 'sess_expire_on_close', - 'sess_match_ip', - 'sess_match_useragent', - 'sess_cookie_name', - 'cookie_path', - 'cookie_domain', - 'cookie_secure', - 'cookie_httponly', - 'sess_time_to_update', - 'time_reference', - 'cookie_prefix', - 'encryption_key', - ); - - $this->_standardize_newlines = (bool) config_item('standardize_newlines'); - - foreach ($prefs as $key) - { - $this->$key = isset($this->_parent->params[$key]) - ? $this->_parent->params[$key] - : $this->CI->config->item($key); - } - - if (empty($this->encryption_key)) - { - show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.'); - } - - // Do we need encryption? If so, load the encryption class - if ($this->sess_encrypt_cookie === TRUE) - { - $this->CI->load->library('encryption'); - } - - // Check for database - if ($this->sess_use_database === TRUE && $this->sess_table_name !== '') - { - // Load database driver - $this->CI->load->database(); - - // Register shutdown function - register_shutdown_function(array($this, '_update_db')); - } - - // Set the "now" time. Can either be GMT or server time, based on the config prefs. - // We use this to set the "last activity" time - $this->now = $this->_get_time(); - - // Set the session length. If the session expiration is - // set to zero we'll set the expiration two years from now. - if ($this->sess_expiration === 0) - { - $this->sess_expiration = (60*60*24*365*2); - } - - // Set the cookie name - $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; - - // Run the Session routine. If a session doesn't exist we'll - // create a new one. If it does, we'll update it. - if ( ! $this->_sess_read()) - { - $this->_sess_create(); - } - else - { - $this->_sess_update(); - } - - // Delete expired sessions if necessary - $this->_sess_gc(); - } - - // ------------------------------------------------------------------------ - - /** - * Write the session data - * - * @return void - */ - public function sess_save() - { - // Check for database - if ($this->sess_use_database === TRUE) - { - // Mark custom data as dirty so we know to update the DB - $this->data_dirty = TRUE; - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Destroy the current session - * - * @return void - */ - public function sess_destroy() - { - // Kill the session DB row - if ($this->sess_use_database === TRUE && isset($this->userdata['session_id'])) - { - $this->CI->db->delete($this->sess_table_name, array('session_id' => $this->userdata['session_id'])); - $this->data_dirty = FALSE; - } - - // Kill the cookie - $this->_setcookie($this->sess_cookie_name, '', ($this->now - 31500000), - $this->cookie_path, $this->cookie_domain, 0); - - // Kill session data - $this->userdata = array(); - } - - // ------------------------------------------------------------------------ - - /** - * Regenerate the current session - * - * Regenerate the session id - * - * @param bool Destroy session data flag (default: false) - * @return void - */ - public function sess_regenerate($destroy = FALSE) - { - // Check destroy flag - if ($destroy) - { - // Destroy old session and create new one - $this->sess_destroy(); - $this->_sess_create(); - } - else - { - // Just force an update to recreate the id - $this->_sess_update(TRUE); - } - } - - // ------------------------------------------------------------------------ - - /** - * Get a reference to user data array - * - * @return array Reference to userdata - */ - public function &get_userdata() - { - return $this->userdata; - } - - // ------------------------------------------------------------------------ - - /** - * Fetch the current session data if it exists - * - * @return bool - */ - protected function _sess_read() - { - // Fetch the cookie - $session = $this->CI->input->cookie($this->sess_cookie_name); - - // No cookie? Goodbye cruel world!... - if ($session === NULL) - { - log_message('debug', 'A session cookie was not found.'); - return FALSE; - } - - if ($this->sess_encrypt_cookie === TRUE) - { - $session = $this->CI->encryption->decrypt($session); - if ($session === FALSE) - { - log_message('error', 'Session: Unable to decrypt the session cookie, possibly due to a HMAC mismatch.'); - return FALSE; - } - } - else - { - if (($len = strlen($session) - 40) <= 0) - { - log_message('error', 'Session: The session cookie was not signed.'); - return FALSE; - } - - // Check cookie authentication - $hmac = substr($session, $len); - $session = substr($session, 0, $len); - - // Time-attack-safe comparison - $hmac_check = hash_hmac('sha1', $session, $this->encryption_key); - $diff = 0; - for ($i = 0; $i < 40; $i++) - { - $diff |= ord($hmac[$i]) ^ ord($hmac_check[$i]); - } - - if ($diff !== 0) - { - log_message('error', 'Session: HMAC mismatch. The session cookie data did not match what was expected.'); - $this->sess_destroy(); - return FALSE; - } - } - - // Unserialize the session array - $session = @unserialize($session); - - // Is the session data we unserialized an array with the correct format? - if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) - { - log_message('debug', 'Session: Wrong cookie data format'); - $this->sess_destroy(); - return FALSE; - } - - // Is the session current? - if (($session['last_activity'] + $this->sess_expiration) < $this->now OR $session['last_activity'] > $this->now) - { - log_message('debug', 'Session: Expired'); - $this->sess_destroy(); - return FALSE; - } - - // Does the IP match? - if ($this->sess_match_ip === TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) - { - log_message('debug', 'Session: IP address mismatch'); - $this->sess_destroy(); - return FALSE; - } - - // Does the User Agent Match? - if ($this->sess_match_useragent === TRUE && - trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) - { - log_message('debug', 'Session: User Agent string mismatch'); - $this->sess_destroy(); - return FALSE; - } - - // Is there a corresponding session in the DB? - if ($this->sess_use_database === TRUE) - { - $this->CI->db->where('session_id', $session['session_id']); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $session['ip_address']); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', $session['user_agent']); - } - - // Is caching in effect? Turn it off - $db_cache = $this->CI->db->cache_on; - $this->CI->db->cache_off(); - - $query = $this->CI->db->limit(1)->get($this->sess_table_name); - - // Was caching in effect? - if ($db_cache) - { - // Turn it back on - $this->CI->db->cache_on(); - } - - // No result? Kill it! - if (empty($query) OR $query->num_rows() === 0) - { - log_message('debug', 'Session: No match found in our database'); - $this->sess_destroy(); - return FALSE; - } - - // Is there custom data? If so, add it to the main session array - $row = $query->row(); - if ( ! empty($row->user_data)) - { - $custom_data = unserialize(trim($row->user_data)); - - if (is_array($custom_data)) - { - $session = $session + $custom_data; - } - } - } - - // Session is valid! - $this->userdata = $session; - return TRUE; - } - - // ------------------------------------------------------------------------ - - /** - * Create a new session - * - * @return void - */ - protected function _sess_create() - { - // Initialize userdata - $this->userdata = array( - 'session_id' => $this->_make_sess_id(), - 'ip_address' => $this->CI->input->ip_address(), - 'user_agent' => trim(substr($this->CI->input->user_agent(), 0, 120)), - 'last_activity' => $this->now, - ); - - log_message('debug', 'Session: Creating new session ('.$this->userdata['session_id'].')'); - - // Check for database - if ($this->sess_use_database === TRUE) - { - // Add empty user_data field and save the data to the DB - $this->CI->db->set('user_data', '')->insert($this->sess_table_name, $this->userdata); - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Update an existing session - * - * @param bool Force update flag (default: false) - * @return void - */ - protected function _sess_update($force = FALSE) - { - // We only update the session every five minutes by default (unless forced) - if ( ! $force && ($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now) - { - return; - } - - // Update last activity to now - $this->userdata['last_activity'] = $this->now; - - // Save the old session id so we know which DB record to update - $old_sessid = $this->userdata['session_id']; - - // Changing the session ID during an AJAX call causes problems - if ( ! $this->CI->input->is_ajax_request()) - { - // Get new id - $this->userdata['session_id'] = $this->_make_sess_id(); - - log_message('debug', 'Session: Regenerate ID'); - } - - // Check for database - if ($this->sess_use_database === TRUE) - { - $this->CI->db->where('session_id', $old_sessid); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $this->CI->input->ip_address()); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); - } - - // Update the session ID and last_activity field in the DB - $this->CI->db->update($this->sess_table_name, - array( - 'last_activity' => $this->now, - 'session_id' => $this->userdata['session_id'] - ) - ); - } - - // Write the cookie - $this->_set_cookie(); - } - - // ------------------------------------------------------------------------ - - /** - * Update database with current data - * - * This gets called from the shutdown function and also - * registered with PHP to run at the end of the request - * so it's guaranteed to update even when a fatal error - * occurs. The first call makes the update and clears the - * dirty flag so it won't happen twice. - * - * @return void - */ - public function _update_db() - { - // Check for database and dirty flag and unsaved - if ($this->sess_use_database === TRUE && $this->data_dirty === TRUE) - { - // Set up activity and data fields to be set - // If we don't find custom data, user_data will remain an empty string - $set = array( - 'last_activity' => $this->userdata['last_activity'], - 'user_data' => '' - ); - - // Get the custom userdata, leaving out the defaults - // (which get stored in the cookie) - $userdata = array_diff_key($this->userdata, $this->defaults); - - // Did we find any custom data? - if ( ! empty($userdata)) - { - // Serialize the custom data array so we can store it - $set['user_data'] = serialize($userdata); - } - - // Reset query builder values. - $this->CI->db->reset_query(); - - // Run the update query - // Any time we change the session id, it gets updated immediately, - // so our where clause below is always safe - $this->CI->db->where('session_id', $this->userdata['session_id']); - - if ($this->sess_match_ip === TRUE) - { - $this->CI->db->where('ip_address', $this->CI->input->ip_address()); - } - - if ($this->sess_match_useragent === TRUE) - { - $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); - } - - $this->CI->db->update($this->sess_table_name, $set); - - // Clear dirty flag to prevent double updates - $this->data_dirty = FALSE; - - log_message('debug', 'CI_Session Data Saved To DB'); - } - } - - // ------------------------------------------------------------------------ - - /** - * Generate a new session id - * - * @return string Hashed session id - */ - protected function _make_sess_id() - { - $new_sessid = ''; - do - { - $new_sessid .= mt_rand(); - } - while (strlen($new_sessid) < 32); - - // To make the session ID even more secure we'll combine it with the user's IP - $new_sessid .= $this->CI->input->ip_address(); - - // Turn it into a hash and return - return md5(uniqid($new_sessid, TRUE)); - } - - // ------------------------------------------------------------------------ - - /** - * Get the "now" time - * - * @return int Time - */ - protected function _get_time() - { - if ($this->time_reference === 'local' OR $this->time_reference === date_default_timezone_get()) - { - return time(); - } - - $datetime = new DateTime('now', new DateTimeZone($this->time_reference)); - sscanf($datetime->format('j-n-Y G:i:s'), '%d-%d-%d %d:%d:%d', $day, $month, $year, $hour, $minute, $second); - - return mktime($hour, $minute, $second, $month, $day, $year); - } - - // ------------------------------------------------------------------------ - - /** - * Write the session cookie - * - * @return void - */ - protected function _set_cookie() - { - // Get userdata (only defaults if database) - $cookie_data = ($this->sess_use_database === TRUE) - ? array_intersect_key($this->userdata, $this->defaults) - : $this->userdata; - - // The Input class will do this and since we use HMAC verification, - // unless we standardize here as well, the hash won't match. - if ($this->_standardize_newlines) - { - foreach (array_keys($this->userdata) as $key) - { - $this->userdata[$key] = preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $this->userdata[$key]); - } - } - - // Serialize the userdata for the cookie - $cookie_data = serialize($cookie_data); - - if ($this->sess_encrypt_cookie === TRUE) - { - $cookie_data = $this->CI->encryption->encrypt($cookie_data); - } - else - { - // Require message authentication - $cookie_data .= hash_hmac('sha1', $cookie_data, $this->encryption_key); - } - - $expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time(); - - // Set the cookie - $this->_setcookie($this->sess_cookie_name, $cookie_data, $expire, $this->cookie_path, $this->cookie_domain, - $this->cookie_secure, $this->cookie_httponly); - } - - // ------------------------------------------------------------------------ - - /** - * Set a cookie with the system - * - * This abstraction of the setcookie call allows overriding for unit testing - * - * @param string Cookie name - * @param string Cookie value - * @param int Expiration time - * @param string Cookie path - * @param string Cookie domain - * @param bool Secure connection flag - * @param bool HTTP protocol only flag - * @return void - */ - protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = FALSE, $httponly = FALSE) - { - setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); - } - - // ------------------------------------------------------------------------ - - /** - * Garbage collection - * - * This deletes expired session rows from database - * if the probability percentage is met - * - * @return void - */ - protected function _sess_gc() - { - if ($this->sess_use_database !== TRUE) - { - return; - } - - $probability = ini_get('session.gc_probability'); - $divisor = ini_get('session.gc_divisor'); - - if (mt_rand(1, $divisor) <= $probability) - { - $expire = $this->now - $this->sess_expiration; - $this->CI->db->delete($this->sess_table_name, 'last_activity < '.$expire); - - log_message('debug', 'Session garbage collection performed.'); - } - } - -} - -/* End of file Session_cookie.php */ -/* Location: ./system/libraries/Session/drivers/Session_cookie.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php new file mode 100644 index 000000000..24847456c --- /dev/null +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -0,0 +1,317 @@ +db) OR $CI->load->database(); + $this->_db =& $CI->db; + + if ( ! $this->_db instanceof CI_DB_query_builder) + { + throw new Exception('Query Builder not enabled for the configured database. Aborting.'); + } + elseif ($this->_db->pconnect) + { + throw new Exception('Configured database connection is persistent. Aborting.'); + } + + $db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver); + if (strpos($db_driver, 'mysql') !== FALSE) + { + $this->_lock_type = 'mysql'; + } + elseif (in_array($db_driver, array('postgre', 'pdo_pgsql'), TRUE)) + { + $this->_lock_type = 'postgre'; + } + elseif (extension_loaded('sysvsem')) + { + $this->_lock_type = 'semaphore'; + } + + isset($this->_table) OR $this->_table = config_item('sess_table_name'); + } + + // ------------------------------------------------------------------------ + + public function open($save_path, $name) + { + return empty($this->_db->conn_id) + ? ( ! $this->_db->autoinit && $this->_db->db_connect()) + : TRUE; + } + + // ------------------------------------------------------------------------ + + public function read($session_id) + { + $this->_session_id = $session_id; + if (($this->_lock = $this->_get_lock()) !== FALSE) + { + $this->_db + ->select('data') + ->from($this->_table) + ->where('id', $session_id); + + if ($this->_match_ip) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + if (($result = $this->_db->get()->row()) === NULL) + { + $this->_fingerprint = md5(''); + return ''; + } + + $this->_fingerprint = md5(rtrim($result->data)); + $this->_row_exists = TRUE; + return $result->data; + } + + $this->_fingerprint = md5(''); + return ''; + } + + public function write($session_id, $session_data) + { + if ($this->_lock === FALSE) + { + return FALSE; + } + + if ($this->_row_exists === FALSE) + { + if ($this->_db->insert($this->_table, array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => $session_data))) + { + $this->_fingerprint = md5($session_data); + return $this->_row_exists = TRUE; + } + + return FALSE; + } + + $this->_db->where('id', $session_id); + if ($this->_match_ip) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + $update_data = ($this->_fingerprint === md5($session_data)) + ? array('timestamp' => time()) + : array('timestamp' => time(), 'data' => $session_data); + + if ($this->_db->update($this->_table, $update_data)) + { + $this->_fingerprint = md5($session_data); + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function close() + { + return ($this->_lock) + ? $this->_release_lock() + : TRUE; + } + + // ------------------------------------------------------------------------ + + public function destroy($session_id) + { + if ($this->_lock) + { + $this->_db->where('id', $session_id); + if ($this->_match_ip) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } + + return $this->_db->delete($this->_table) + ? ($this->close() && $this->_cookie_destroy()) + : FALSE; + } + + return ($this->close() && $this->_cookie_destroy()); + } + + // ------------------------------------------------------------------------ + + public function gc($maxlifetime) + { + return $this->_db->delete($this->_table, 'timestamp < '.(time() - $maxlifetime)); + } + + // ------------------------------------------------------------------------ + + protected function _get_lock() + { + $arg = $this->_session_id + .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + + if ($this->_lock_driver === 'mysql') + { + return (bool) $this->_db + ->query("SELECT GET_LOCK('".$session_id."', 10) AS ci_session_lock") + ->row() + ->ci_session_lock; + } + elseif ($this->_lock_driver === 'postgre') + { + return (bool) $this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')'); + } + elseif ($this->_lock_driver === 'semaphore') + { + if (($this->_sem = sem_get($arg, 1, 0644)) === FALSE) + { + return FALSE; + } + + if ( ! sem_acquire($this->_sem)) + { + sem_remove($this->_sem); + return FALSE; + } + + return TRUE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + protected function _release_lock() + { + if ($this->_lock_driver === 'mysql') + { + $arg = $this->_session_id + .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + + return (bool) $this->_db + ->query("SELECT RELEASE_LOCK('".$arg."') AS ci_session_lock") + ->row() + ->ci_session_lock; + } + elseif ($this->_lock_driver === 'postgre') + { + $arg = "hashtext('".$this->_session_id."')" + .($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + + return (bool) $this->_db->simple_query('SELECT pg_advisory_unlock('.$arg.')'); + } + elseif ($this->_lock_driver === 'semaphore') + { + sem_release($this->_sem); + sem_remove($this->_sem); + } + + return TRUE; + } + +} + +/* End of file Session_database_driver.php */ +/* Location: ./system/libraries/Session/drivers/Session_database_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php new file mode 100644 index 000000000..4acbcf6c5 --- /dev/null +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -0,0 +1,276 @@ +_save_path)) + { + $this->_save_path = rtrim($this->_save_path, '/\\'); + ini_set('session.save_path', $this->_save_path); + } + else + { + $this->_save_path = rtrim(ini_get('session.save_path'), '/\\'); + } + } + + // ------------------------------------------------------------------------ + + public function open($save_path, $name) + { + if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) + { + log_message('error', "Session: Configured save path '".$this->_save_path."' is not a directory, doesn't exist or cannot be created."); + return FALSE; + } + + $this->_save_path = $save_path; + $this->_file_path = $this->_save_path.DIRECTORY_SEPARATOR + .$name // we'll use the session cookie name as a prefix to avoid collisions + .($this->_match_ip ? md5($_SERVER['REMOTE_ADDR']) : ''); + + return TRUE; + } + + // ------------------------------------------------------------------------ + + public function read($session_id) + { + // This might seem weird, but PHP 5.6 introduces session_reset(), + // which re-reads session data + if ($this->_file_handle === NULL) + { + $this->_file_path .= $session_id; + + // Just using fopen() with 'c+b' mode would be perfect, but it is only + // available since PHP 5.2.6 and we have to set permissions for new files, + // so we'd have to hack around this ... + if (($this->_file_new = ! file_exists($this->_file_path)) === TRUE) + { + if (($this->_file_handle = fopen($this->_file_path, 'w+b')) === FALSE) + { + log_message('error', "Session: File '".$this->_file_path."' doesn't exist and cannot be created."); + return FALSE; + } + } + elseif (($this->_file_handle = fopen($this->_file_path, 'r+b')) === FALSE) + { + log_message('error', "Session: Unable to open file '".$this->_file_path."'."); + return FALSE; + } + + if (flock($this->_file_handle, LOCK_EX) === FALSE) + { + log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path."'."); + fclose($this->_file_handle); + $this->_file_handle = NULL; + return FALSE; + } + + if ($this->_file_new) + { + chmod($this->_file_path, 0600); + $this->_fingerprint = md5(''); + return ''; + } + } + else + { + rewind($this->_file_handle); + } + + $session_data = ''; + for ($read = 0, $length = filesize($this->_file_path); $read < $length; $read += strlen($buffer)) + { + if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) + { + break; + } + + $session_data .= $buffer; + } + + $this->_fingerprint = md5($session_data); + return $session_data; + } + + public function write($session_id, $session_data) + { + if ( ! is_resource($this->_file_handle)) + { + return FALSE; + } + elseif ($this->_fingerprint === md5($session_data)) + { + return ($this->_file_new) + ? TRUE + : touch($this->_file_path); + } + + if ( ! $this->_file_new) + { + ftruncate($this->_file_handle, 0); + rewind($this->_file_handle); + } + + for ($written = 0, $length = strlen($session_data); $written < $length; $written += $result) + { + if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + { + break; + } + } + + if ( ! is_int($result)) + { + $this->_fingerprint = md5(substr($session_data, 0, $written)); + log_message('error', 'Session: Unable to write data.'); + return FALSE; + } + + $this->_fingerprint = md5($session_data); + return TRUE; + } + + // ------------------------------------------------------------------------ + + public function close() + { + if (is_resource($this->_file_handle)) + { + flock($this->_file_handle, LOCK_UN); + fclose($this->_file_handle); + + $this->_file_handle = $this->_file_new = NULL; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function destroy($session_id) + { + if ($this->close()) + { + return unlink($this->_file_path) && $this->_cookie_destroy(); + } + elseif ($this->_file_path !== NULL) + { + clearstatcache(); + return file_exists($this->_file_path) + ? (unlink($this->_file_path) && $this->_cookie_destroy()) + : TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function gc($maxlifetime) + { + if ( ! is_dir($this->_save_path) OR ($files = scandir($this->_save_path)) === FALSE) + { + log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_save_path."'."); + return FALSE; + } + + $ts = time() - $maxlifetime; + + foreach ($files as $file) + { + // If the filename doesn't match this pattern, it's either not a session file or is not ours + if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) + OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) + OR ($mtime = filemtime($file)) === FALSE + OR $mtime > $ts) + { + continue; + } + + unlink($this->_save_path.DIRECTORY_SEPARATOR.$file); + } + + return TRUE; + } + +} + +/* End of file Session_files_driver.php */ +/* Location: ./system/libraries/Session/drivers/Session_files_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php deleted file mode 100644 index 4104652b8..000000000 --- a/system/libraries/Session/drivers/Session_native.php +++ /dev/null @@ -1,246 +0,0 @@ -_parent->params[$key]) - ? $this->_parent->params[$key] - : $this->CI->config->item($key); - } - - // Set session name, if specified - if ($config['sess_cookie_name']) - { - // Differentiate name from cookie driver with '_id' suffix - $name = $config['sess_cookie_name'].'_id'; - if ($config['cookie_prefix']) - { - // Prepend cookie prefix - $name = $config['cookie_prefix'].$name; - } - session_name($name); - } - - // Set expiration, path, and domain - $expire = 7200; - $path = '/'; - $domain = ''; - $secure = (bool) $config['cookie_secure']; - $http_only = (bool) $config['cookie_httponly']; - - if ($config['sess_expiration'] !== FALSE) - { - // Default to 2 years if expiration is "0" - $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration']; - } - - if ($config['cookie_path']) - { - // Use specified path - $path = $config['cookie_path']; - } - - if ($config['cookie_domain']) - { - // Use specified domain - $domain = $config['cookie_domain']; - } - - session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only); - - // Start session - session_start(); - - // Check session expiration, ip, and agent - $now = time(); - $destroy = FALSE; - if (isset($_SESSION['last_activity']) && (($_SESSION['last_activity'] + $expire) < $now OR $_SESSION['last_activity'] > $now)) - { - // Expired - destroy - log_message('debug', 'Session: Expired'); - $destroy = TRUE; - } - elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address']) - && $_SESSION['ip_address'] !== $this->CI->input->ip_address()) - { - // IP doesn't match - destroy - log_message('debug', 'Session: IP address mismatch'); - $destroy = TRUE; - } - elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent']) - && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50))) - { - // Agent doesn't match - destroy - log_message('debug', 'Session: User Agent string mismatch'); - $destroy = TRUE; - } - - // Destroy expired or invalid session - if ($destroy) - { - // Clear old session and start new - $this->sess_destroy(); - session_start(); - } - - // Check for update time - if ($config['sess_time_to_update'] && isset($_SESSION['last_activity']) - && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) - { - // Changing the session ID amidst a series of AJAX calls causes problems - if ( ! $this->CI->input->is_ajax_request()) - { - // Regenerate ID, but don't destroy session - log_message('debug', 'Session: Regenerate ID'); - $this->sess_regenerate(FALSE); - } - } - - // Set activity time - $_SESSION['last_activity'] = $now; - - // Set matching values as required - if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address'])) - { - // Store user IP address - $_SESSION['ip_address'] = $this->CI->input->ip_address(); - } - - if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent'])) - { - // Store user agent string - $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50)); - } - - // Make session ID available - $_SESSION['session_id'] = session_id(); - } - - // ------------------------------------------------------------------------ - - /** - * Save the session data - * - * @return void - */ - public function sess_save() - { - // Nothing to do - changes to $_SESSION are automatically saved - } - - // ------------------------------------------------------------------------ - - /** - * Destroy the current session - * - * @return void - */ - public function sess_destroy() - { - // Cleanup session - $_SESSION = array(); - $name = session_name(); - if (isset($_COOKIE[$name])) - { - // Clear session cookie - $params = session_get_cookie_params(); - setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); - unset($_COOKIE[$name]); - } - session_destroy(); - } - - // ------------------------------------------------------------------------ - - /** - * Regenerate the current session - * - * Regenerate the session id - * - * @param bool Destroy session data flag (default: FALSE) - * @return void - */ - public function sess_regenerate($destroy = FALSE) - { - // Just regenerate id, passing destroy flag - session_regenerate_id($destroy); - $_SESSION['session_id'] = session_id(); - } - - // ------------------------------------------------------------------------ - - /** - * Get a reference to user data array - * - * @return array Reference to userdata - */ - public function &get_userdata() - { - // Just return reference to $_SESSION - return $_SESSION; - } - -} - -/* End of file Session_native.php */ -/* Location: ./system/libraries/Session/drivers/Session_native.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 34b1ef5c13882c4a7827be71e82503ee47d4c271 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 31 May 2014 21:23:41 +0300 Subject: [ci skip] A quick and dirty fix for allowing 'sess_driver' configuration --- system/libraries/Session/Session.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 0d444e8ca..518dc28b0 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -49,7 +49,6 @@ class CI_Session { */ public function __construct(array $params = array()) { - // No sessions under CLI if (is_cli()) { @@ -66,6 +65,11 @@ class CI_Session { $this->_driver = $params['driver']; unset($params['driver']); } + // Note: Make the autoloader pass sess_* params to this constructor + elseif (empty($params) && $driver = config_item('sess_driver')) + { + $this->_driver = $driver; + } if (($class = $this->_ci_load_classes($this->_driver)) === FALSE) { -- cgit v1.2.3-24-g4f1b From e1b9665567bbfc28bb13e5e41093901a8da99a0d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Jun 2014 10:09:56 +0300 Subject: Fix Session_database_driver locking Ref: #3073 --- .../Session/drivers/Session_database_driver.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 24847456c..2bdc4d0d5 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -116,15 +116,15 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver); if (strpos($db_driver, 'mysql') !== FALSE) { - $this->_lock_type = 'mysql'; + $this->_lock_driver = 'mysql'; } elseif (in_array($db_driver, array('postgre', 'pdo_pgsql'), TRUE)) { - $this->_lock_type = 'postgre'; + $this->_lock_driver = 'postgre'; } elseif (extension_loaded('sysvsem')) { - $this->_lock_type = 'semaphore'; + $this->_lock_driver = 'semaphore'; } isset($this->_table) OR $this->_table = config_item('sess_table_name'); @@ -248,18 +248,20 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan protected function _get_lock() { - $arg = $this->_session_id - .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); - if ($this->_lock_driver === 'mysql') { + $arg = $this->_session_id + .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); return (bool) $this->_db - ->query("SELECT GET_LOCK('".$session_id."', 10) AS ci_session_lock") + ->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock") ->row() ->ci_session_lock; } elseif ($this->_lock_driver === 'postgre') { + $arg = "hashtext('".$this->_session_id."')" + .($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + return (bool) $this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')'); } elseif ($this->_lock_driver === 'semaphore') -- cgit v1.2.3-24-g4f1b From ac4f47283a6a8ce575f59c15c1a08ad3bc2efdd9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Jun 2014 11:16:32 +0300 Subject: #3073: BC workarounds for sess_use_database, sess_expire_on_close --- system/libraries/Session/Session.php | 5 +++++ system/libraries/Session/Session_driver.php | 6 ++++++ 2 files changed, 11 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 518dc28b0..bdcde1e76 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -70,6 +70,11 @@ class CI_Session { { $this->_driver = $driver; } + // Note: BC workaround + elseif (config_item('sess_use_database')) + { + $this->_driver = 'database'; + } if (($class = $this->_ci_load_classes($this->_driver)) === FALSE) { diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index c46ca3a34..cc35b66d1 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -133,6 +133,12 @@ abstract class CI_Session_driver implements SessionHandlerInterface { if ($this->_expiration) { ini_set('session.gc_maxlifetime', $this->_expiration); + ini_set('session.cookie_lifetime', $this->_expiration); + } + // BC workaround for setting cookie lifetime + elseif (config_item('sess_expire_on_close')) + { + ini_set('session.cookie_lifetime', 0); } // Security is king -- cgit v1.2.3-24-g4f1b From 5995e08ed0d5cf89747911443be06a26e410154f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Jun 2014 15:33:51 +0300 Subject: #3073: Fix an undefined variable error --- .../Session/drivers/Session_files_driver.php | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 4acbcf6c5..f95edcf2c 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -187,19 +187,22 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle rewind($this->_file_handle); } - for ($written = 0, $length = strlen($session_data); $written < $length; $written += $result) + if (($length = strlen($session_data)) > 0) { - if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + for ($written = 0; $written < $length; $written += $result) { - break; + if (($result = fwrite($this->_file_handle, substr($session_data, $written))) === FALSE) + { + break; + } } - } - if ( ! is_int($result)) - { - $this->_fingerprint = md5(substr($session_data, 0, $written)); - log_message('error', 'Session: Unable to write data.'); - return FALSE; + if ( ! is_int($result)) + { + $this->_fingerprint = md5(substr($session_data, 0, $written)); + log_message('error', 'Session: Unable to write data.'); + return FALSE; + } } $this->_fingerprint = md5($session_data); -- cgit v1.2.3-24-g4f1b From ef41786a8a3e04d30fef757acd83c5ab888df88e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Jun 2014 21:28:13 +0300 Subject: #3073: Fix temp/flash data getters --- system/libraries/Session/Session.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index bdcde1e76..df6225e68 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -509,7 +509,7 @@ class CI_Session { $userdata = array(); $_exclude = array_merge( - array('__ci_f', '__ci_t'), + array('__ci_vars'), $this->get_flash_keys(), $this->get_temp_keys() ); @@ -619,18 +619,18 @@ class CI_Session { { if (isset($key)) { - return isset($_SESSION['__ci_f'], $_SESSION['__ci_f'][$key], $_SESSION[$key]) + return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && ! is_int($_SESSION['__ci_vars'][$key])) ? $_SESSION[$key] : NULL; } $flashdata = array(); - if ( ! empty($_SESSION['__ci_f'])) + if ( ! empty($_SESSION['__ci_vars'])) { - foreach (array_keys($_SESSION['__ci_f']) as $key) + foreach ($_SESSION['__ci_vars'] as $key => &$value) { - $flashdata[$key] = $_SESSION[$key]; + is_int($value) OR $flashdata[$key] = $_SESSION[$key]; } } @@ -683,18 +683,18 @@ class CI_Session { { if (isset($key)) { - return isset($_SESSION['__ci_t'], $_SESSION['__ci_t'][$key], $_SESSION[$key]) + return (isset($_SESSION['__ci_vars'], $_SESSION['__ci_vars'][$key], $_SESSION[$key]) && is_int($_SESSION['__ci_vars'][$key])) ? $_SESSION[$key] : NULL; } $tempdata = array(); - if ( ! empty($_SESSION['__ci_t'])) + if ( ! empty($_SESSION['__ci_vars'])) { - foreach (array_keys($_SESSION['__ci_t']) as $key) + foreach ($_SESSION['__ci_vars'] as $key => &$value) { - $tempdata[$key] = $_SESSION[$key]; + is_int($value) && $tempdata[$key] = $_SESSION[$key]; } } -- cgit v1.2.3-24-g4f1b From e86603fb4eb218077e255d76a638a3e545e2fd0c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 11 Jun 2014 14:03:36 +0300 Subject: [ci skip] A tiny optimization --- system/libraries/Session/Session.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index df6225e68..a5c9737f7 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -125,10 +125,11 @@ class CI_Session { if ( ! class_exists('CI_Session_driver', FALSE)) { - if (file_exists($file_path = APPPATH.'libraries/Session/Session_driver.php') OR file_exists($file_path = BASEPATH.'libraries/Session/Session_driver.php')) - { - require_once($file_path); - } + require_once( + file_exists(APPPATH.'libraries/Session/Session_driver.php') + ? APPPATH.'libraries/Session/Session_driver.php' + : BASEPATH.'libraries/Session/Session_driver.php' + ); if (file_exists($file_path = APPPATH.'libraries/Session/'.$prefix.'Session_driver.php')) { @@ -137,7 +138,6 @@ class CI_Session { } $class = 'Session_'.$driver.'_driver'; - if ( ! class_exists('CI_'.$class, FALSE)) { if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php')) -- cgit v1.2.3-24-g4f1b From 85f0c558ca2f47453ce7e8ae767451f5c0045479 Mon Sep 17 00:00:00 2001 From: Marcos SF Filho Date: Mon, 11 Aug 2014 10:11:57 -0300 Subject: Added file path for file GC --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index f95edcf2c..7779e9beb 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($file)) === FALSE + OR ($mtime = filemtime($this->_save_path.DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From 93d9fa77732b2538417b934a9c23293ee465a23d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Aug 2014 22:14:36 +0300 Subject: feature/session (#3073): Rework locking mechanism & add Redis driver --- system/libraries/Session/Session_driver.php | 64 ++++++++++++- .../Session/drivers/Session_database_driver.php | 104 +++++++-------------- 2 files changed, 98 insertions(+), 70 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index cc35b66d1..a3bc392ad 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -90,12 +90,19 @@ abstract class CI_Session_driver implements SessionHandlerInterface { protected $_match_ip; /** - * Data dash + * Data fingerprint * * @var bool */ protected $_fingerprint; + /** + * Lock placeholder + * + * @var mixed + */ + protected $_lock = FALSE; + // ------------------------------------------------------------------------ /** @@ -202,6 +209,61 @@ abstract class CI_Session_driver implements SessionHandlerInterface { ); } + // ------------------------------------------------------------------------ + + /** + * Get lock + * + * A default locking mechanism via semaphores, if ext/sysvsem is available. + * + * Drivers will usually override this and only fallback to it if no other + * locking mechanism is available. + * + * @param string $session_id + * @return bool + */ + protected function _get_lock($session_id) + { + if ( ! extension_loaded('sysvsem')) + { + $this->_lock = TRUE; + return TRUE; + } + + if (($this->_lock = sem_get($session_id.($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''), 1, 0644)) === FALSE) + { + return FALSE; + } + + if ( ! sem_acquire($this->_lock)) + { + sem_remove($this->_lock); + $this->_lock = FALSE; + return FALSE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + /** + * Release lock + * + * @return bool + */ + protected function _release_lock() + { + if (extension_loaded('sysvsem') && $this->_lock) + { + sem_release($this->_lock); + sem_remove($this->_lock); + $this->_lock = FALSE; + } + + return TRUE; + } + } /* End of file Session_driver.php */ diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 2bdc4d0d5..032199fc1 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -51,13 +51,6 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ protected $_table; - /** - * Session ID - * - * @var string - */ - protected $_session_id; - /** * Row exists flag * @@ -70,23 +63,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan * * @var string */ - protected $_lock_driver; - - /** - * Lock status flag - * - * @var bool - */ - protected $_lock = FALSE; - - /** - * Semaphore ID - * - * Used for locking if the database doesn't support advisory locks - * - * @var resource - */ - protected $_sem; + protected $_lock_driver = 'semaphore'; // ------------------------------------------------------------------------ @@ -122,10 +99,6 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { $this->_lock_driver = 'postgre'; } - elseif (extension_loaded('sysvsem')) - { - $this->_lock_driver = 'semaphore'; - } isset($this->_table) OR $this->_table = config_item('sess_table_name'); } @@ -143,8 +116,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function read($session_id) { - $this->_session_id = $session_id; - if (($this->_lock = $this->_get_lock()) !== FALSE) + if ($this->_get_lock() !== FALSE) { $this->_db ->select('data') @@ -246,71 +218,65 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ - protected function _get_lock() + protected function _get_lock($session_id) { if ($this->_lock_driver === 'mysql') { - $arg = $this->_session_id - .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); - return (bool) $this->_db - ->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock") - ->row() - ->ci_session_lock; - } - elseif ($this->_lock_driver === 'postgre') - { - $arg = "hashtext('".$this->_session_id."')" - .($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); - - return (bool) $this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')'); - } - elseif ($this->_lock_driver === 'semaphore') - { - if (($this->_sem = sem_get($arg, 1, 0644)) === FALSE) + $arg = $session_id.($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock) { - return FALSE; + $this->_lock = $arg; + return TRUE; } - if ( ! sem_acquire($this->_sem)) + return FALSE; + } + elseif ($this->_lock_driver === 'postgre') + { + $arg = "hashtext('".$session_id."')".($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + if ($this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')')) { - sem_remove($this->_sem); - return FALSE; + $this->_lock = $arg; + return TRUE; } - return TRUE; + return FALSE; } - return TRUE; + return parent::_get_lock($session_id); } // ------------------------------------------------------------------------ protected function _release_lock() { + if ( ! $this->_lock) + { + return TRUE; + } + if ($this->_lock_driver === 'mysql') { - $arg = $this->_session_id - .($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + if ($this->_db->query("SELECT RELEASE_LOCK('".$this->_lock."') AS ci_session_lock")->row()->ci_session_lock) + { + $this->_lock = FALSE; + return TRUE; + } - return (bool) $this->_db - ->query("SELECT RELEASE_LOCK('".$arg."') AS ci_session_lock") - ->row() - ->ci_session_lock; + return FALSE; } elseif ($this->_lock_driver === 'postgre') { - $arg = "hashtext('".$this->_session_id."')" - .($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + if ($this->_db->simple_query('SELECT pg_advisory_unlock('.$this->_lock.')')) + { + $this->_lock = FALSE; + return TRUE; + } - return (bool) $this->_db->simple_query('SELECT pg_advisory_unlock('.$arg.')'); - } - elseif ($this->_lock_driver === 'semaphore') - { - sem_release($this->_sem); - sem_remove($this->_sem); + return FALSE; } - return TRUE; + return parent::_release_lock(); } } -- cgit v1.2.3-24-g4f1b From 43f6cdba6c22290c69e795168e326fe1aa8743f6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Aug 2014 22:26:40 +0300 Subject: feature/session (#3073): Add Redis session driver Seems like I forgot to 'git add' it in previous commit. --- .../Session/drivers/Session_redis_driver.php | 311 +++++++++++++++++++++ 1 file changed, 311 insertions(+) create mode 100644 system/libraries/Session/drivers/Session_redis_driver.php (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php new file mode 100644 index 000000000..6c013a657 --- /dev/null +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -0,0 +1,311 @@ +_save_path)) + { + log_message('error', 'Session: No Redis save path configured.'); + } + elseif (preg_match('#(?:tcp://)?([^:]+)(?:\:(\d+))?(\?.+)?#', $this->_save_path, $matches)) + { + $this->_save_path = array( + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, + 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL, + 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL + ); + + preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; + } + else + { + log_message('error', 'Session: Invalid Redis save path format: '.$this->_save_path); + } + + if ($this->_match_ip === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } + } + + // ------------------------------------------------------------------------ + + public function open($save_path, $name) + { + if (empty($this->_save_path)) + { + return FALSE; + } + + $redis = new Redis(); + if ( ! $redis->connect($this->_save_path['host'], $this->_save_path['port'], $this->_save_path['timeout'])) + { + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); + } + elseif (isset($this->_save_path['password']) && ! $redis->auth($this->_save_path['password'])) + { + log_message('error', 'Session: Unable to authenticate to Redis instance.'); + } + elseif (isset($this->_save_path['database']) && ! $redis->select($this->_save_path['database'])) + { + log_message('error', 'Session: Unable to select Redis database with index '.$this->_save_path['database']); + } + else + { + $this->_redis = $redis; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function read($session_id) + { + if (isset($this->_redis) && $this->_get_lock($session_id)) + { + $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $this->_fingerprint = md5($session_data); + return $session_data; + } + + return FALSE; + } + + public function write($session_id, $session_data) + { + if (isset($this->_redis, $this->_lock_key)) + { + $this->_redis->setTimeout($this->_lock_key, 10, time()); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_expiration)) + { + $this->_fingerprint = $fingerprint; + return TRUE; + } + + return FALSE; + } + + return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_expiration); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function close() + { + if (isset($this->_redis)) + { + try { + if ($this->_redis->ping() === '+PONG') + { + isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + if ( ! $this->_redis->close()) + { + return FALSE; + } + } + } + catch (RedisException $e) + { + log_message('error', 'Session: Got RedisException on close(): '.$e->getMessage()); + } + + $this->_redis = NULL; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function destroy($session_id) + { + if (isset($this->_redis, $this->_lock_key)) + { + if ($this->_redis->delete($this->_key_prefix.$session_id) !== 1) + { + log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); + } + + return ($this->_cookie_destroy() && $this->close()); + } + + return $this->close(); + } + + // ------------------------------------------------------------------------ + + public function gc($maxlifetime) + { + // TODO: keys()/getKeys() is said to be performance-intensive, + // although it supports patterns (*, [charlist] at the very least). + // scan() seems to be recommended, but requires redis 2.8 + // Not sure if we need any of these though, as we set keys with expire times + return TRUE; + } + + // ------------------------------------------------------------------------ + + protected function _get_lock($session_id) + { + if (isset($this->_lock_key)) + { + return $this->_redis->setTimeout($this->_lock_key, 5); + } + + $lock_key = $this->_key_prefix.$session_id.':lock'; + if (($ttl = $this->_redis->ttl($lock_key)) < 1) + { + if ( ! $this->_redis->setex($lock_key, 5, time())) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + + if ($ttl === -1) + { + log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.'); + } + + $this->_lock = TRUE; + return TRUE; + } + + // Another process has the lock, we'll try to wait for it to free itself ... + $attempt = 0; + while ($attempt++ < 5) + { + usleep(($ttl * 1000000) - 20000); + if (($ttl = $this->_redis->ttl($lock_key)) > 0) + { + continue; + } + + if ( ! $this->_redis->setex($lock_key, 5, time())) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + break; + } + + if ($attempt === 5) + { + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + return FALSE; + } + + $this->_lock = TRUE; + return TRUE; + } + + // ------------------------------------------------------------------------ + + protected function _release_lock() + { + if (isset($this->_redis, $this->_lock_key) && $this->_lock) + { + if ( ! $this->_redis->delete($this->_lock_key)) + { + log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = NULL; + $this->_lock = FALSE; + } + + return TRUE; + } + +} + +/* End of file Session_redis_driver.php */ +/* Location: ./system/libraries/Session/drivers/Session_redis_driver.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 2a1f940884f50c8157594cdec66af65fa3874b39 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Aug 2014 23:52:55 +0300 Subject: feature/session (#3073): Fix an E_WARNING in CI_Session_redis_driver --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 6c013a657..d4ce5b274 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -153,7 +153,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis, $this->_lock_key)) { - $this->_redis->setTimeout($this->_lock_key, 10, time()); + $this->_redis->setTimeout($this->_lock_key, 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_expiration)) -- cgit v1.2.3-24-g4f1b From c9efaced2fd453bf4c2fcefd31ee1a9afdf8ff16 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 2 Sep 2014 15:19:01 +0300 Subject: feature/session (#3073): Add Memcached session driver --- .../Session/drivers/Session_memcached_driver.php | 287 +++++++++++++++++++++ 1 file changed, 287 insertions(+) create mode 100644 system/libraries/Session/drivers/Session_memcached_driver.php (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php new file mode 100644 index 000000000..c6ad56511 --- /dev/null +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -0,0 +1,287 @@ +_save_path)) + { + log_message('error', 'Session: No Memcached save path configured.'); + } + + if ($this->_match_ip === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } + } + + // ------------------------------------------------------------------------ + + public function open($save_path, $name) + { + $this->_memcached = new Memcached(); + $server_list = array(); + foreach ($this->_memcached->getServerList() as $server) + { + $server_list[] = $server['host'].':'.$server['port']; + } + + if ( ! preg_match_all('#,?([^,:]+)\:(\d{1,5})(?:\:(\d+))?#', $this->_save_path, $matches, PREG_SET_ORDER)) + { + $this->_memcached = NULL; + log_message('error', 'Session: Invalid Memcached save path format: '.$this->_save_path); + return FALSE; + } + + foreach ($matches as $match) + { + // If Memcached already has this server (or if the port is invalid), skip it + if (in_array($match[1].':'.$match[2], $server_list, TRUE)) + { + log_message('debug', 'Session: Memcached server pool already has '.$match[1].':'.$match[2]); + continue; + } + + if ( ! $this->_memcached->addServer($match[1], $match[2], isset($match[3]) ? $match[3] : 0)) + { + log_message('error', 'Could not add '.$match[1].':'.$match[2].' to Memcached server pool.'); + } + else + { + $server_list[] = $server['host'].':'.$server['port']; + } + } + + if (empty($server_list)) + { + log_message('error', 'Session: Memcached server pool is empty.'); + return FALSE; + } + + return TRUE; + } + + // ------------------------------------------------------------------------ + + public function read($session_id) + { + if (isset($this->_memcached) && $this->_get_lock($session_id)) + { + $session_data = (string) $this->_memcached->get($this->_key_prefix.$session_id); + $this->_fingerprint = md5($session_data); + return $session_data; + } + + return FALSE; + } + + public function write($session_id, $session_data) + { + if (isset($this->_memcached, $this->_lock_key)) + { + $this->_memcached->replace($this->_lock_key, time(), 5); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_expiration)) + { + $this->_fingerprint = $fingerprint; + return TRUE; + } + + return FALSE; + } + + return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_expiration); + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function close() + { + if (isset($this->_memcached)) + { + isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + if ( ! $this->_memcached->quit()) + { + return FALSE; + } + + $this->_memcached = NULL; + return TRUE; + } + + return FALSE; + } + + // ------------------------------------------------------------------------ + + public function destroy($session_id) + { + if (isset($this->_memcached, $this->_lock_key)) + { + $this->_memcached->delete($this->_key_prefix.$session_id); + return ($this->_cookie_destroy() && $this->close()); + } + + return $this->close(); + } + + // ------------------------------------------------------------------------ + + public function gc($maxlifetime) + { + return TRUE; + } + + // ------------------------------------------------------------------------ + + protected function _get_lock($session_id) + { + if (isset($this->_lock_key)) + { + return $this->_memcached->replace($this->_lock_key, time(), 5); + } + + $lock_key = $this->_key_prefix.$session_id.':lock'; + if ( ! ($ts = $this->_memcached->get($lock_key))) + { + if ( ! $this->_memcached->set($lock_key, TRUE, 5)) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + $this->_lock = TRUE; + return TRUE; + } + + // Another process has the lock, we'll try to wait for it to free itself ... + $attempt = 0; + while ($attempt++ < 5) + { + usleep(((time() - $ts) * 1000000) - 20000); + if (($ts = $this->_memcached->get($lock_key)) < time()) + { + continue; + } + + if ( ! $this->_memcached->set($lock_key, time(), 5)) + { + log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = $lock_key; + break; + } + + if ($attempt === 5) + { + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + return FALSE; + } + + $this->_lock = TRUE; + return TRUE; + } + + // ------------------------------------------------------------------------ + + protected function _release_lock() + { + if (isset($this->_memcached, $this->_lock_key) && $this->_lock) + { + if ( ! $this->_memcached->delete($this->_lock_key) && $this->_memcached->getResultCode() !== Memcached::RES_NOTFOUND) + { + log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + return FALSE; + } + + $this->_lock_key = NULL; + $this->_lock = FALSE; + } + + return TRUE; + } + +} + +/* End of file Session_memcached_driver.php */ +/* Location: ./system/libraries/Session/drivers/Session_memcached_driver.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From d069b9bc148f739733a5aa0a737e51e57c10b3ad Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 16 Sep 2014 10:18:16 +0300 Subject: feature/session (#3073): Bug fixes - CI_Session_database_driver::read() didn't pass the session ID to _get_lock() - CI_Session::unset_userdata() used a wrong key for unsetting when an array is passed to it --- system/libraries/Session/Session.php | 2 +- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index a5c9737f7..be9f5e3c7 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -567,7 +567,7 @@ class CI_Session { { foreach ($key as $k) { - unset($_SESSION[$key]); + unset($_SESSION[$k]); } return; diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 032199fc1..563d1fd6a 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -116,7 +116,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function read($session_id) { - if ($this->_get_lock() !== FALSE) + if ($this->_get_lock($session_id) !== FALSE) { $this->_db ->select('data') -- cgit v1.2.3-24-g4f1b From 39ec29585b7cdca7edc1a0757c913a13a2ee4f85 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 17 Sep 2014 14:16:05 +0300 Subject: feature/session (#3073): Redis driver save_path param parsing fixes Close #3240 --- system/libraries/Session/drivers/Session_redis_driver.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index d4ce5b274..6d8044da1 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -81,8 +81,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } - elseif (preg_match('#(?:tcp://)?([^:]+)(?:\:(\d+))?(\?.+)?#', $this->_save_path, $matches)) + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_save_path, $matches)) { + isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below $this->_save_path = array( 'host' => $matches[1], 'port' => empty($matches[2]) ? NULL : $matches[2], -- cgit v1.2.3-24-g4f1b From dfb39bec5faf77e806e55f3ee9d2138e57d55010 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Oct 2014 01:50:14 +0300 Subject: feature/session (#3073): Refactor configuration & fix cookie expiry times --- system/libraries/Session/Session.php | 121 ++++++++++++++++- system/libraries/Session/Session_driver.php | 146 ++------------------- .../Session/drivers/Session_database_driver.php | 29 ++-- .../Session/drivers/Session_files_driver.php | 26 ++-- .../Session/drivers/Session_memcached_driver.php | 19 +-- .../Session/drivers/Session_redis_driver.php | 31 ++--- 6 files changed, 169 insertions(+), 203 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index be9f5e3c7..47c43074e 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -38,6 +38,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Session { protected $_driver = 'files'; + protected $_config; // ------------------------------------------------------------------------ @@ -65,8 +66,7 @@ class CI_Session { $this->_driver = $params['driver']; unset($params['driver']); } - // Note: Make the autoloader pass sess_* params to this constructor - elseif (empty($params) && $driver = config_item('sess_driver')) + elseif ($driver = config_item('sess_driver')) { $this->_driver = $driver; } @@ -81,7 +81,10 @@ class CI_Session { return; } - $class = new $class($params); + // Configuration ... + $this->_configure($params); + + $class = new $class($this->_config); if ($class instanceof SessionHandlerInterface) { if (is_php('5.4')) @@ -108,9 +111,50 @@ class CI_Session { return; } + // Work-around for PHP bug #66827 (https://bugs.php.net/bug.php?id=66827) + // + // The session ID sanitizer doesn't check for the value type and blindly does + // an implicit cast to string, which triggers an 'Array to string' E_NOTICE. + if (isset($_COOKIE[$this->_cookie_name]) && ! is_string($_COOKIE[$this->_cookie_name])) + { + unset($_COOKIE[$this->_cookie_name]); + } + session_start(); + + // Another work-around ... PHP doesn't seem to send the session cookie + // unless it is being currently created or regenerated + if (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id()) + { + setcookie( + $this->_config['cookie_name'], + session_id(), + (empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']), + $this->_config['cookie_path'], + $this->_config['cookie_domain'], + $this->_config['cookie_secure'], + TRUE + ); + } + $this->_ci_init_vars(); +/* + Need to test if this is necessary for a custom driver or if it's only + relevant to PHP's own files handler. + + https://bugs.php.net/bug.php?id=65475 + do this after session is started: + if (is_php('5.5.2') && ! is_php('5.5.4')) + { + $session_id = session_id(); + if ($_COOKIE[$this->_cookie_name] !== $session_id && file_exists(teh file)) + { + unlink(); + } + } +*/ + log_message('debug', "Session: Class initialized using '".$this->_driver."' driver."); } @@ -170,6 +214,77 @@ class CI_Session { // ------------------------------------------------------------------------ + /** + * Configuration + * + * Handle input parameters and configuration defaults + * + * @param array &$params Input parameters + * @return void + */ + protected function _configure(&$params) + { + $expiration = config_item('sess_expiration'); + + if (isset($params['cookie_lifetime'])) + { + $params['cookie_lifetime'] = (int) $params['cookie_lifetime']; + } + else + { + $params['cookie_lifetime'] = ( ! isset($expiration) && config_item('sess_expire_on_close')) + ? 0 : (int) $expiration; + } + + isset($params['cookie_name']) OR $params['cookie_name'] = config_item('sess_cookie_name'); + if (empty($params['cookie_name'])) + { + $params['cookie_name'] = ini_get('session.name'); + } + else + { + ini_set('session.name', $params['cookie_name']); + } + + isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path'); + isset($params['cookie_domain']) OR $parrams['cookie_domain'] = config_item('cookie_domain'); + isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure'); + + session_set_cookie_params( + $params['cookie_lifetime'], + $params['cookie_path'], + $params['cookie_domain'], + $params['cookie_secure'], + TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons + ); + + if (empty($expiration)) + { + $params['expiration'] = (int) ini_get('session.gc_maxlifetime'); + } + else + { + $params['expiration'] = (int) $expiration; + ini_set('session.gc_maxlifetime', $expiration); + } + + $params['match_ip'] = (bool) (isset($params['match_ip']) ? $params['match_ip'] : config_item('sess_match_ip')); + + isset($params['save_path']) OR $params['save_path'] = config_item('sess_save_path'); + + $this->_config = $params; + + // Security is king + ini_set('session.use_trans_id', 0); + ini_set('session.use_strict_mode', 1); + ini_set('session.use_cookies', 1); + ini_set('session.use_only_cookies', 1); + ini_set('session.hash_function', 1); + ini_set('session.hash_bits_per_character', 4); + } + + // ------------------------------------------------------------------------ + /** * Handle temporary variables * diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index a3bc392ad..fb695dade 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -37,57 +37,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ abstract class CI_Session_driver implements SessionHandlerInterface { - // WARNING! Setting default values to properties will - // prevent using the configuration file values. - - /** - * Expiration time - * - * @var int - */ - protected $_expiration; - - /** - * Cookie name - * - * @var string - */ - protected $_cookie_name; - - /** - * Cookie domain - * - * @var string - */ - protected $_cookie_domain; - - /** - * Cookie path - * - * @var string - */ - protected $_cookie_path; - - /** - * Cookie secure flag - * - * @var bool - */ - protected $_cookie_secure; - - /** - * Cookie HTTP-only flag - * - * @var bool - */ - protected $_cookie_httponly; - - /** - * Match IP addresses flag - * - * @var bool - */ - protected $_match_ip; + protected $_config; /** * Data fingerprint @@ -111,87 +61,9 @@ abstract class CI_Session_driver implements SessionHandlerInterface { * @param array $params Configuration parameters * @return void */ - public function __construct($params) + public function __construct(&$params) { - foreach ($params as $key => &$value) - { - $key = (strncmp($key, 'sess_', 5) === 0) - ? substr($key, 4) - : '_'.$key; - - property_exists($this, $key) && $this->$key = $value; - } - - isset($this->_expiration) OR $this->_expiration = (int) config_item('sess_expiration'); - isset($this->_cookie_name) OR $this->_cookie_name = config_item('sess_cookie_name'); - isset($this->_cookie_domain) OR $this->_cookie_domain = config_item('cookie_domain'); - isset($this->_cookie_path) OR $this->_cookie_path = config_item('cookie_path'); - isset($this->_cookie_secure) OR $this->_cookie_secure = config_item('cookie_secure'); - isset($this->_cookie_httponly) OR $this->_cookie_httponly = config_item('cookie_httponly'); - isset($this->_match_ip) OR $this->_match_ip = config_item('sess_match_ip'); - - // Pass our configuration to php.ini, when appropriate - ini_set('session.name', $this->_cookie_name); - isset($this->_cookie_domain) && ini_set('session.cookie_domain', $this->_cookie_domain); - isset($this->_cookie_path) && ini_set('session.cookie_path', $this->_cookie_path); - isset($this->_cookie_secure) && ini_set('session.cookie_secure', $this->_cookie_secure); - isset($this->_cookie_httponly) && ini_set('session.cookie_httponly', $this->_cookie_httponly); - - if ($this->_expiration) - { - ini_set('session.gc_maxlifetime', $this->_expiration); - ini_set('session.cookie_lifetime', $this->_expiration); - } - // BC workaround for setting cookie lifetime - elseif (config_item('sess_expire_on_close')) - { - ini_set('session.cookie_lifetime', 0); - } - - // Security is king - ini_set('session.use_trans_id', 0); - ini_set('session.use_strict_mode', 1); - ini_set('session.use_cookies', 1); - ini_set('session.use_only_cookies', 1); - ini_set('session.hash_function', 1); - ini_set('session.hash_bits_per_character', 4); - - // Work-around for PHP bug #66827 (https://bugs.php.net/bug.php?id=66827) - // - // The session ID sanitizer doesn't check for the value type and blindly does - // an implicit cast to string, which triggers an 'Array to string' E_NOTICE. - if (isset($_COOKIE[$this->_cookie_name]) && ! is_string($_COOKIE[$this->_cookie_name])) - { - unset($_COOKIE[$this->_cookie_name]); - } - -/* - Need to test if this is necessary for a custom driver or if it's only - relevant to PHP's own files handler. - - https://bugs.php.net/bug.php?id=65475 - do this after session is started: - if (is_php('5.5.2') && ! is_php('5.5.4')) - { - $session_id = session_id(); - if ($_COOKIE[$this->_cookie_name] !== $session_id && file_exists(teh file)) - { - unlink(); - } - - setcookie( - $this->_cookie_name, - $session_id, - $this->_expiration - ? time() + $this->_expiration - : 0, - $this->_cookie_path, - $this->_cookie_domain, - $this->_cookie_secure, - $this->_cookie_httponly - ); - } -*/ + $this->_config =& $params; } // ------------------------------------------------------------------------ @@ -199,13 +71,13 @@ abstract class CI_Session_driver implements SessionHandlerInterface { protected function _cookie_destroy() { return setcookie( - $this->_cookie_name, + $this->_config['cookie_name'], NULL, 1, - $this->_cookie_path, - $this->_cookie_domain, - $this->_cookie_secure, - $this->_cookie_httponly + $this->_config['cookie_path'], + $this->_config['cookie_domain'], + $this->_config['cookie_secure'], + TRUE ); } @@ -230,7 +102,7 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } - if (($this->_lock = sem_get($session_id.($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''), 1, 0644)) === FALSE) + if (($this->_lock = sem_get($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''), 1, 0644)) === FALSE) { return FALSE; } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 563d1fd6a..e3a3c505e 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -44,13 +44,6 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ protected $_db; - /** - * DB table - * - * @var string - */ - protected $_table; - /** * Row exists flag * @@ -100,7 +93,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_lock_driver = 'postgre'; } - isset($this->_table) OR $this->_table = config_item('sess_table_name'); + isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); } // ------------------------------------------------------------------------ @@ -120,10 +113,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { $this->_db ->select('data') - ->from($this->_table) + ->from($this->_config['save_path']) ->where('id', $session_id); - if ($this->_match_ip) + if ($this->_config['match_ip']) { $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } @@ -152,7 +145,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_row_exists === FALSE) { - if ($this->_db->insert($this->_table, array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => $session_data))) + if ($this->_db->insert($this->_config['save_path'], array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => $session_data))) { $this->_fingerprint = md5($session_data); return $this->_row_exists = TRUE; @@ -162,7 +155,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } $this->_db->where('id', $session_id); - if ($this->_match_ip) + if ($this->_config['match_ip']) { $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } @@ -171,7 +164,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan ? array('timestamp' => time()) : array('timestamp' => time(), 'data' => $session_data); - if ($this->_db->update($this->_table, $update_data)) + if ($this->_db->update($this->_config['save_path'], $update_data)) { $this->_fingerprint = md5($session_data); return TRUE; @@ -196,12 +189,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_lock) { $this->_db->where('id', $session_id); - if ($this->_match_ip) + if ($this->_config['match_ip']) { $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - return $this->_db->delete($this->_table) + return $this->_db->delete($this->_config['save_path']) ? ($this->close() && $this->_cookie_destroy()) : FALSE; } @@ -213,7 +206,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function gc($maxlifetime) { - return $this->_db->delete($this->_table, 'timestamp < '.(time() - $maxlifetime)); + return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); } // ------------------------------------------------------------------------ @@ -222,7 +215,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_lock_driver === 'mysql') { - $arg = $session_id.($this->_match_ip ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; @@ -233,7 +226,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock_driver === 'postgre') { - $arg = "hashtext('".$session_id."')".($this->_match_ip ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); + $arg = "hashtext('".$session_id."')".($this->_config['match_ip'] ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); if ($this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')')) { $this->_lock = $arg; diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 7779e9beb..a4f1b9f2f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -77,14 +77,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { parent::__construct($params); - if (isset($this->_save_path)) + if (isset($this->_config['save_path'])) { - $this->_save_path = rtrim($this->_save_path, '/\\'); - ini_set('session.save_path', $this->_save_path); + $this->_config['save_path'] = rtrim($this->_config['save_path'], '/\\'); + ini_set('session.save_path', $this->_config['save_path']); } else { - $this->_save_path = rtrim(ini_get('session.save_path'), '/\\'); + $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } } @@ -94,14 +94,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) { - log_message('error', "Session: Configured save path '".$this->_save_path."' is not a directory, doesn't exist or cannot be created."); + log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); return FALSE; } - $this->_save_path = $save_path; - $this->_file_path = $this->_save_path.DIRECTORY_SEPARATOR + $this->_config['save_path'] = $save_path; + $this->_file_path = $this->_config['save_path'].DIRECTORY_SEPARATOR .$name // we'll use the session cookie name as a prefix to avoid collisions - .($this->_match_ip ? md5($_SERVER['REMOTE_ADDR']) : ''); + .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); return TRUE; } @@ -248,9 +248,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle public function gc($maxlifetime) { - if ( ! is_dir($this->_save_path) OR ($files = scandir($this->_save_path)) === FALSE) + if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) { - log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_save_path."'."); + log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); return FALSE; } @@ -260,14 +260,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) - OR ! is_file($this->_save_path.DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($this->_save_path.DIRECTORY_SEPARATOR.$file)) === FALSE + OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) + OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; } - unlink($this->_save_path.DIRECTORY_SEPARATOR.$file); + unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file); } return TRUE; diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index c6ad56511..318c11afa 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -37,13 +37,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { - /** - * Save path - * - * @var string - */ - protected $_save_path; - /** * Memcached instance * @@ -77,12 +70,12 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { parent::__construct($params); - if (empty($this->_save_path)) + if (empty($this->_config['save_path'])) { log_message('error', 'Session: No Memcached save path configured.'); } - if ($this->_match_ip === TRUE) + if ($this->_config['match_ip'] === TRUE) { $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; } @@ -99,10 +92,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $server_list[] = $server['host'].':'.$server['port']; } - if ( ! preg_match_all('#,?([^,:]+)\:(\d{1,5})(?:\:(\d+))?#', $this->_save_path, $matches, PREG_SET_ORDER)) + if ( ! preg_match_all('#,?([^,:]+)\:(\d{1,5})(?:\:(\d+))?#', $this->_config['save_path'], $matches, PREG_SET_ORDER)) { $this->_memcached = NULL; - log_message('error', 'Session: Invalid Memcached save path format: '.$this->_save_path); + log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); return FALSE; } @@ -155,7 +148,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_memcached->replace($this->_lock_key, time(), 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_expiration)) + if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; return TRUE; @@ -164,7 +157,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return FALSE; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_expiration); + return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']); } return FALSE; diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 6d8044da1..ef18defe2 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -37,13 +37,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { - /** - * Save path - * - * @var string - */ - protected $_save_path; - /** * phpRedis instance * @@ -77,14 +70,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { parent::__construct($params); - if (empty($this->_save_path)) + if (empty($this->_config['save_path'])) { log_message('error', 'Session: No Redis save path configured.'); } - elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_save_path, $matches)) + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) { isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below - $this->_save_path = array( + $this->_config['save_path'] = array( 'host' => $matches[1], 'port' => empty($matches[2]) ? NULL : $matches[2], 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, @@ -96,10 +89,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } else { - log_message('error', 'Session: Invalid Redis save path format: '.$this->_save_path); + log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']); } - if ($this->_match_ip === TRUE) + if ($this->_config['match_ip'] === TRUE) { $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; } @@ -109,23 +102,23 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function open($save_path, $name) { - if (empty($this->_save_path)) + if (empty($this->_config['save_path'])) { return FALSE; } $redis = new Redis(); - if ( ! $redis->connect($this->_save_path['host'], $this->_save_path['port'], $this->_save_path['timeout'])) + if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) { log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } - elseif (isset($this->_save_path['password']) && ! $redis->auth($this->_save_path['password'])) + elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) { log_message('error', 'Session: Unable to authenticate to Redis instance.'); } - elseif (isset($this->_save_path['database']) && ! $redis->select($this->_save_path['database'])) + elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) { - log_message('error', 'Session: Unable to select Redis database with index '.$this->_save_path['database']); + log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); } else { @@ -157,7 +150,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_redis->setTimeout($this->_lock_key, 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_expiration)) + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { $this->_fingerprint = $fingerprint; return TRUE; @@ -166,7 +159,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return FALSE; } - return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_expiration); + return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']); } return FALSE; -- cgit v1.2.3-24-g4f1b From 41b546deee9f1ed99f3820de5a2014b2d74a0c94 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Oct 2014 03:01:22 +0300 Subject: feature/session (#3073): Fix a variable name --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 47c43074e..c00262cc2 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -247,7 +247,7 @@ class CI_Session { } isset($params['cookie_path']) OR $params['cookie_path'] = config_item('cookie_path'); - isset($params['cookie_domain']) OR $parrams['cookie_domain'] = config_item('cookie_domain'); + isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain'); isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure'); session_set_cookie_params( -- cgit v1.2.3-24-g4f1b From b23b8fc9aa468021d1260c12696b2b48e6c8a90b Mon Sep 17 00:00:00 2001 From: Дмитрий Date: Mon, 20 Oct 2014 00:36:55 +0400 Subject: We can preserve transparency for PNG images --- system/libraries/Image_lib.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 39753705b..1577887c2 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1201,6 +1201,13 @@ class CI_Image_lib { imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); } + // We can preserve transparency for PNG images + if ($this->image_type === 3) + { + imagealphablending($src_img, FALSE); + imagesavealpha($src_img, TRUE); + } + // Output the image if ($this->dynamic_output === TRUE) { @@ -1785,4 +1792,4 @@ class CI_Image_lib { } /* End of file Image_lib.php */ -/* Location: ./system/libraries/Image_lib.php */ \ No newline at end of file +/* Location: ./system/libraries/Image_lib.php */ -- cgit v1.2.3-24-g4f1b From c5519ce166943b744bbea75a87831132aced4247 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 26 Oct 2014 11:57:20 +0200 Subject: #3073 (feature/session): Fix a GC issue with the files driver --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index a4f1b9f2f..ff1553f84 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) - OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE + OR ($mtime = fileatime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From c6e50989480d5e9a9847177b8dc7cefa6559329a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 26 Oct 2014 21:27:28 +0200 Subject: #3073 (feature/session): set_flashdata() crap --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index c00262cc2..7908badf8 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -766,7 +766,7 @@ class CI_Session { public function set_flashdata($data, $value = NULL) { $this->set_userdata($data, $value); - $this->mark_as_flash($data); + $this->mark_as_flash(is_array($data) ? array_keys($data) : $data); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From cd489611cf2d4e7ba7f5afb370a4b8a01f71c5bc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 27 Oct 2014 16:09:01 +0200 Subject: Revert "#3073 (feature/session): Fix a GC issue with the files driver" This reverts commit c5519ce166943b744bbea75a87831132aced4247. --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index ff1553f84..a4f1b9f2f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -261,7 +261,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match('/(?:[0-9a-f]{32})?[0-9a-f]{40}$/i', $file) OR ! is_file($this->_config['save_path'].DIRECTORY_SEPARATOR.$file) - OR ($mtime = fileatime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE + OR ($mtime = filemtime($this->_config['save_path'].DIRECTORY_SEPARATOR.$file)) === FALSE OR $mtime > $ts) { continue; -- cgit v1.2.3-24-g4f1b From 7474a6799b44e4988b6a7a4adcc2901ec0b993b4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 31 Oct 2014 23:35:32 +0200 Subject: #3073 (feature/session): Fix session_regenerate_id() issues --- system/libraries/Session/Session_driver.php | 10 ++++++ .../Session/drivers/Session_database_driver.php | 14 ++++++++ .../Session/drivers/Session_files_driver.php | 40 +++++++++++++--------- .../Session/drivers/Session_memcached_driver.php | 26 ++++++++++++-- .../Session/drivers/Session_redis_driver.php | 32 ++++++++++++----- 5 files changed, 95 insertions(+), 27 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index fb695dade..ad64e238a 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -53,6 +53,16 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected $_lock = FALSE; + /** + * Read session ID + * + * Used to detect session_regenerate_id() calls because PHP only calls + * write() after regenerating the ID. + * + * @var string + */ + protected $_session_id; + // ------------------------------------------------------------------------ /** diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index e3a3c505e..9e74605bc 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -111,6 +111,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_get_lock($session_id) !== FALSE) { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + $this->_db ->select('data') ->from($this->_config['save_path']) @@ -142,6 +145,17 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { return FALSE; } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_row_exists = FALSE; + $this->_session_id = $session_id; + } if ($this->_row_exists === FALSE) { diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index ff1553f84..3d6fa6322 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -114,36 +114,37 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - $this->_file_path .= $session_id; - // Just using fopen() with 'c+b' mode would be perfect, but it is only // available since PHP 5.2.6 and we have to set permissions for new files, // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path)) === TRUE) + if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) { - if (($this->_file_handle = fopen($this->_file_path, 'w+b')) === FALSE) + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) { - log_message('error', "Session: File '".$this->_file_path."' doesn't exist and cannot be created."); + log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); return FALSE; } } - elseif (($this->_file_handle = fopen($this->_file_path, 'r+b')) === FALSE) + elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) { - log_message('error', "Session: Unable to open file '".$this->_file_path."'."); + log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); return FALSE; } if (flock($this->_file_handle, LOCK_EX) === FALSE) { - log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path."'."); + log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; return FALSE; } + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + if ($this->_file_new) { - chmod($this->_file_path, 0600); + chmod($this->_file_path.$session_id, 0600); $this->_fingerprint = md5(''); return ''; } @@ -154,7 +155,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -170,6 +171,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle public function write($session_id, $session_data) { + // If the two IDs don't match, we have a session_regenerate_id() call + // and we need to close the old handle and open a new one + if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + { + return FALSE; + } + if ( ! is_resource($this->_file_handle)) { return FALSE; @@ -178,7 +186,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { return ($this->_file_new) ? TRUE - : touch($this->_file_path); + : touch($this->_file_path.$session_id); } if ( ! $this->_file_new) @@ -218,11 +226,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle flock($this->_file_handle, LOCK_UN); fclose($this->_file_handle); - $this->_file_handle = $this->_file_new = NULL; + $this->_file_handle = $this->_file_new = $this->_session_id = NULL; return TRUE; } - return FALSE; + return TRUE; } // ------------------------------------------------------------------------ @@ -231,13 +239,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return unlink($this->_file_path) && $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) && $this->_cookie_destroy(); } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path) - ? (unlink($this->_file_path) && $this->_cookie_destroy()) + return file_exists($this->_file_path.$session_id) + ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) : TRUE; } diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 318c11afa..8905e8d6f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -133,6 +133,9 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached) && $this->_get_lock($session_id)) { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + $session_data = (string) $this->_memcached->get($this->_key_prefix.$session_id); $this->_fingerprint = md5($session_data); return $session_data; @@ -143,7 +146,23 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa public function write($session_id, $session_data) { - if (isset($this->_memcached, $this->_lock_key)) + if ( ! isset($this->_memcached)) + { + return FALSE; + } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_fingerprint = md5(''); + $this->_session_id = $session_id; + } + + if (isset($this->_lock_key)) { $this->_memcached->replace($this->_lock_key, time(), 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) @@ -189,16 +208,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_memcached, $this->_lock_key)) { $this->_memcached->delete($this->_key_prefix.$session_id); - return ($this->_cookie_destroy() && $this->close()); + return $this->_cookie_destroy(); } - return $this->close(); + return FALSE; } // ------------------------------------------------------------------------ public function gc($maxlifetime) { + // Not necessary, Memcached takes care of that. return TRUE; } diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ef18defe2..bc6150d2d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -135,6 +135,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis) && $this->_get_lock($session_id)) { + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; + $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); $this->_fingerprint = md5($session_data); return $session_data; @@ -145,7 +148,23 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function write($session_id, $session_data) { - if (isset($this->_redis, $this->_lock_key)) + if ( ! isset($this->_redis)) + { + return FALSE; + } + // Was the ID regenerated? + elseif ($session_id !== $this->_session_id) + { + if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) + { + return FALSE; + } + + $this->_fingerprint = md5(''); + $this->_session_id = $session_id; + } + + if (isset($this->_lock_key)) { $this->_redis->setTimeout($this->_lock_key, 5); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) @@ -190,7 +209,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return TRUE; } - return FALSE; + return TRUE; } // ------------------------------------------------------------------------ @@ -204,20 +223,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } - return ($this->_cookie_destroy() && $this->close()); + return $this->_cookie_destroy(); } - return $this->close(); + return FALSE; } // ------------------------------------------------------------------------ public function gc($maxlifetime) { - // TODO: keys()/getKeys() is said to be performance-intensive, - // although it supports patterns (*, [charlist] at the very least). - // scan() seems to be recommended, but requires redis 2.8 - // Not sure if we need any of these though, as we set keys with expire times + // Not necessary, Redis takes care of that. return TRUE; } -- cgit v1.2.3-24-g4f1b From 305186d50e80d643645dd171abc4790fd4b57b61 Mon Sep 17 00:00:00 2001 From: Shakespeare2000 Date: Sun, 2 Nov 2014 11:28:47 +0100 Subject: Fix write() for session_regenerate_id(TRUE) Switching the if statements, because destroy() already removed the lock. --- system/libraries/Session/drivers/Session_database_driver.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 9e74605bc..efdec40e5 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -141,12 +141,8 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function write($session_id, $session_data) { - if ($this->_lock === FALSE) - { - return FALSE; - } // Was the ID regenerated? - elseif ($session_id !== $this->_session_id) + if ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { @@ -156,6 +152,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_row_exists = FALSE; $this->_session_id = $session_id; } + elseif ($this->_lock === FALSE) + { + return FALSE; + } if ($this->_row_exists === FALSE) { -- cgit v1.2.3-24-g4f1b From 8e60b9a40a01a021e865b24e7d709e9e6ede0beb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Nov 2014 11:08:06 +0200 Subject: #3073 (feature/session): Implement automatic ID regeneration --- system/libraries/Session/Session.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 7908badf8..f250c3d64 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -122,9 +122,20 @@ class CI_Session { session_start(); + if (($regenerate_time = config_item('sess_time_to_update')) > 0) + { + if ( ! isset($_SESSION['__ci_last_regenerate'])) + { + $_SESSION['__ci_last_regenerate'] = time(); + } + elseif ($_SESSION['__ci_last_regenerate'] < (time() - $regenerate_time)) + { + $this->sess_regenerate(FALSE); + } + } // Another work-around ... PHP doesn't seem to send the session cookie // unless it is being currently created or regenerated - if (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id()) + elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id()) { setcookie( $this->_config['cookie_name'], @@ -138,7 +149,6 @@ class CI_Session { } $this->_ci_init_vars(); - /* Need to test if this is necessary for a custom driver or if it's only relevant to PHP's own files handler. @@ -584,6 +594,7 @@ class CI_Session { */ public function sess_regenerate($destroy = FALSE) { + $_SESSION['__ci_last_regenerate'] = time(); session_regenerate_id($destroy); } -- cgit v1.2.3-24-g4f1b From ff37ffe164443e53b24d529f967a1bdf065bff3a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Nov 2014 12:28:57 +0200 Subject: #3073 (feature/session): Don't regenerate IDs on AJAX requests --- system/libraries/Session/Session.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index f250c3d64..bf11cd181 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -122,7 +122,11 @@ class CI_Session { session_start(); - if (($regenerate_time = config_item('sess_time_to_update')) > 0) + // Is session ID auto-regeneration configured? (ignoring ajax requests) + if ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) + && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest' + && $regenerate_time = config_item('sess_time_to_update')) > 0 + ) { if ( ! isset($_SESSION['__ci_last_regenerate'])) { -- cgit v1.2.3-24-g4f1b From de5c246dfcaf1c92e8b77830249df44b3cca2e8c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Nov 2014 12:31:03 +0200 Subject: #3073 (feature/session): Fix a typo from ff37ffe164443e53b24d529f967a1bdf065bff3a --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index bf11cd181..e6ba341dd 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -125,7 +125,7 @@ class CI_Session { // Is session ID auto-regeneration configured? (ignoring ajax requests) if ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest' - && $regenerate_time = config_item('sess_time_to_update')) > 0 + && ($regenerate_time = config_item('sess_time_to_update')) > 0 ) { if ( ! isset($_SESSION['__ci_last_regenerate'])) -- cgit v1.2.3-24-g4f1b From a8f29f9ddaeac5cee582a51ce7f255459e1ca711 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 10 Nov 2014 18:55:55 +0200 Subject: #3073 (feature/session): (Try to) fix memcached driver --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 8905e8d6f..2ee922f94 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -114,7 +114,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa } else { - $server_list[] = $server['host'].':'.$server['port']; + $server_list[] = $match[1].':'.$match[2]; } } -- cgit v1.2.3-24-g4f1b From 4f50256a84e8052fc3356683f28286d36f8a322c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 10 Nov 2014 19:18:33 +0200 Subject: #3073 (feature/session): Enable Memcached::OPT_BINARY_PROTOCOL Otherwise Memcached::touch() doesn't work. --- system/libraries/Session/drivers/Session_memcached_driver.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 2ee922f94..6652addee 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -86,6 +86,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa public function open($save_path, $name) { $this->_memcached = new Memcached(); + $this->_memcached->setOption(Memcached::OPT_BINARY_PROTOCOL, TRUE); // required for touch() usage $server_list = array(); foreach ($this->_memcached->getServerList() as $server) { -- cgit v1.2.3-24-g4f1b From 46f2f26d7cc43c548ea3f2978f532754b3476d5f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 11 Nov 2014 14:37:51 +0200 Subject: [ci skip] Update system/libraries/Session/ with the MIT license notice --- .../libraries/Session/SessionHandlerInterface.php | 45 +++++++++++++-------- system/libraries/Session/Session_driver.php | 45 +++++++++++++-------- .../Session/drivers/Session_database_driver.php | 45 +++++++++++++-------- .../Session/drivers/Session_files_driver.php | 47 +++++++++++++--------- .../Session/drivers/Session_memcached_driver.php | 45 +++++++++++++-------- .../Session/drivers/Session_redis_driver.php | 45 +++++++++++++-------- 6 files changed, 169 insertions(+), 103 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index 7473ff8ec..06f252d7e 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); @@ -31,11 +42,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * PHP 5.4 compatibility interface * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ interface SessionHandlerInterface { diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index ad64e238a..0eca83905 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); @@ -29,11 +40,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Driver Class * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ abstract class CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index efdec40e5..a6c411b34 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author Andrey Andreev + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); @@ -29,11 +40,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Database Driver * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 973337753..b82d9f55d 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -4,36 +4,47 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author Andrey Andreev + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource - */ +*/ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Files Driver * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 6652addee..3da7ddd6d 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author Andrey Andreev + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); @@ -29,11 +40,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Memcached Driver * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index bc6150d2d..e8eac9857 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author Andrey Andreev + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 3.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 3.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); @@ -29,11 +40,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Session Redis Driver * - * @package CodeIgniter + * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @author Andrey Andreev + * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { -- cgit v1.2.3-24-g4f1b From 562e39bab43181fb709aeaf4dee14bf481a2cc6a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 12 Nov 2014 15:38:58 +0200 Subject: #3073 (feature/session): Validate incoming session IDs --- system/libraries/Session/Session.php | 29 ++++++++--------------------- 1 file changed, 8 insertions(+), 21 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 293811ec8..1d93cb1c8 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -122,13 +122,15 @@ class CI_Session { return; } - // Work-around for PHP bug #66827 (https://bugs.php.net/bug.php?id=66827) - // - // The session ID sanitizer doesn't check for the value type and blindly does - // an implicit cast to string, which triggers an 'Array to string' E_NOTICE. - if (isset($_COOKIE[$this->_cookie_name]) && ! is_string($_COOKIE[$this->_cookie_name])) + // Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers + if (isset($_COOKIE[$this->_config['cookie_name']]) + && ( + ! is_string($_COOKIE[$this->_config['cookie_name']]) + OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']]) + ) + ) { - unset($_COOKIE[$this->_cookie_name]); + unset($_COOKIE[$this->_config['cookie_name']]); } session_start(); @@ -164,21 +166,6 @@ class CI_Session { } $this->_ci_init_vars(); -/* - Need to test if this is necessary for a custom driver or if it's only - relevant to PHP's own files handler. - - https://bugs.php.net/bug.php?id=65475 - do this after session is started: - if (is_php('5.5.2') && ! is_php('5.5.4')) - { - $session_id = session_id(); - if ($_COOKIE[$this->_cookie_name] !== $session_id && file_exists(teh file)) - { - unlink(); - } - } -*/ log_message('debug', "Session: Class initialized using '".$this->_driver."' driver."); } -- cgit v1.2.3-24-g4f1b From cd94dd7e1d8969658810ccc4158a75d2936d0a44 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Dec 2014 17:38:56 +0200 Subject: #3073 (feature/session): Allow custom drivers without the CI_ or MY_ prefix --- system/libraries/Session/Session.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 1d93cb1c8..4fa9fd248 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -194,6 +194,17 @@ class CI_Session { } $class = 'Session_'.$driver.'_driver'; + + // Allow custom drivers without the CI_ or MY_ prefix + if ( ! class_exists($class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php')) + { + require_once($file_path); + if (class_exists($class, FALSE)) + { + return $class; + } + } + if ( ! class_exists('CI_'.$class, FALSE)) { if (file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$class.'.php') OR file_exists($file_path = BASEPATH.'libraries/Session/drivers/'.$class.'.php')) @@ -201,7 +212,7 @@ class CI_Session { require_once($file_path); } - if ( ! class_exists('CI_'.$class, FALSE)) + if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE)) { log_message('error', "Session: Configured driver '".$driver."' was not found. Aborting."); return FALSE; -- cgit v1.2.3-24-g4f1b From db037dbd023aeeae6d8643707945882f962b2a44 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 12 Jan 2015 13:45:12 +0200 Subject: [ci skip] Polish changes from PR #3278 --- system/libraries/Image_lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index d653b1640..529532e60 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1212,7 +1212,7 @@ class CI_Image_lib { imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); } - // We can preserve transparency for PNG images + // We can preserve transparency for PNG images if ($this->image_type === 3) { imagealphablending($src_img, FALSE); @@ -1803,4 +1803,4 @@ class CI_Image_lib { } /* End of file Image_lib.php */ -/* Location: ./system/libraries/Image_lib.php */ +/* Location: ./system/libraries/Image_lib.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From bf6b11d7d9732dbc46ca0ea897cfd4023fff7844 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 12 Jan 2015 17:27:12 +0200 Subject: [ci skip] Remove PHP version from license notices and bump year --- system/libraries/Session/SessionHandlerInterface.php | 6 +++--- system/libraries/Session/Session_driver.php | 6 +++--- system/libraries/Session/drivers/Session_database_driver.php | 6 +++--- system/libraries/Session/drivers/Session_files_driver.php | 6 +++--- system/libraries/Session/drivers/Session_memcached_driver.php | 6 +++--- system/libraries/Session/drivers/Session_redis_driver.php | 6 +++--- 6 files changed, 18 insertions(+), 18 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index 06f252d7e..2050e1e4d 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 0eca83905..944659c4c 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP 5.2.4 * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index a6c411b34..ec988912f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index b82d9f55d..761eed46f 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 3da7ddd6d..e2b568f52 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index e8eac9857..cde587b97 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From 19c25249a9d4f379773d9def3390c2e44dde0a22 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 14 Jan 2015 22:13:36 +0200 Subject: Fix #3473 I don't know why I thought of semaphores in the first place ... --- system/libraries/Session/Session_driver.php | 30 +++++------------------------ 1 file changed, 5 insertions(+), 25 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 944659c4c..de1908ac6 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -107,34 +107,16 @@ abstract class CI_Session_driver implements SessionHandlerInterface { /** * Get lock * - * A default locking mechanism via semaphores, if ext/sysvsem is available. - * - * Drivers will usually override this and only fallback to it if no other - * locking mechanism is available. + * A dummy method allowing drivers with no locking functionality + * (databases other than PostgreSQL and MySQL) to act as if they + * do acquire a lock. * * @param string $session_id * @return bool */ protected function _get_lock($session_id) { - if ( ! extension_loaded('sysvsem')) - { - $this->_lock = TRUE; - return TRUE; - } - - if (($this->_lock = sem_get($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''), 1, 0644)) === FALSE) - { - return FALSE; - } - - if ( ! sem_acquire($this->_lock)) - { - sem_remove($this->_lock); - $this->_lock = FALSE; - return FALSE; - } - + $this->_lock = TRUE; return TRUE; } @@ -147,10 +129,8 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected function _release_lock() { - if (extension_loaded('sysvsem') && $this->_lock) + if ($this->_lock) { - sem_release($this->_lock); - sem_remove($this->_lock); $this->_lock = FALSE; } -- cgit v1.2.3-24-g4f1b From e9ca012ca64e6a589de1425052d4c733404291d0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Jan 2015 17:42:17 +0200 Subject: feature/session (#3073): Improve PostgreSQL storage Use a TEXT field with Base64-encoded data under PostgreSQL. Also, renamed a variable. --- .../Session/drivers/Session_database_driver.php | 28 ++++++++++++++-------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index ec988912f..d378d537f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -67,7 +67,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan * * @var string */ - protected $_lock_driver = 'semaphore'; + protected $_platform; // ------------------------------------------------------------------------ @@ -97,11 +97,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver); if (strpos($db_driver, 'mysql') !== FALSE) { - $this->_lock_driver = 'mysql'; + $this->_platform = 'mysql'; } elseif (in_array($db_driver, array('postgre', 'pdo_pgsql'), TRUE)) { - $this->_lock_driver = 'postgre'; + $this->_platform = 'postgre'; } isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); @@ -141,7 +141,15 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ''; } - $this->_fingerprint = md5(rtrim($result->data)); + // PostgreSQL's variant of a BLOB datatype is Bytea, which is a + // PITA to work with, so we use base64-encoded data in a TEXT + // field instead. + if ($this->_platform === 'postgre') + { + $result = base64_decode(rtrim($result->data)); + } + + $this->_fingerprint = md5(rtrim($result)); $this->_row_exists = TRUE; return $result->data; } @@ -170,7 +178,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_row_exists === FALSE) { - if ($this->_db->insert($this->_config['save_path'], array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => $session_data))) + if ($this->_db->insert($this->_config['save_path'], array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => base64_encode($session_data)))) { $this->_fingerprint = md5($session_data); return $this->_row_exists = TRUE; @@ -187,7 +195,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $update_data = ($this->_fingerprint === md5($session_data)) ? array('timestamp' => time()) - : array('timestamp' => time(), 'data' => $session_data); + : array('timestamp' => time(), 'data' => base64_encode($session_data)); if ($this->_db->update($this->_config['save_path'], $update_data)) { @@ -238,7 +246,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan protected function _get_lock($session_id) { - if ($this->_lock_driver === 'mysql') + if ($this->_platform === 'mysql') { $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock) @@ -249,7 +257,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return FALSE; } - elseif ($this->_lock_driver === 'postgre') + elseif ($this->_platform === 'postgre') { $arg = "hashtext('".$session_id."')".($this->_config['match_ip'] ? ", hashtext('".$_SERVER['REMOTE_ADDR']."')" : ''); if ($this->_db->simple_query('SELECT pg_advisory_lock('.$arg.')')) @@ -273,7 +281,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return TRUE; } - if ($this->_lock_driver === 'mysql') + if ($this->_platform === 'mysql') { if ($this->_db->query("SELECT RELEASE_LOCK('".$this->_lock."') AS ci_session_lock")->row()->ci_session_lock) { @@ -283,7 +291,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return FALSE; } - elseif ($this->_lock_driver === 'postgre') + elseif ($this->_platform === 'postgre') { if ($this->_db->simple_query('SELECT pg_advisory_unlock('.$this->_lock.')')) { -- cgit v1.2.3-24-g4f1b From 7f8eb360e80449c81be425f06cef60666e32fe21 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Jan 2015 18:01:41 +0200 Subject: [ci skip] Add a note about sess_table_name --- system/libraries/Session/drivers/Session_database_driver.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index d378d537f..42ff96b7c 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -104,6 +104,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_platform = 'postgre'; } + // Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future. isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); } -- cgit v1.2.3-24-g4f1b From d0122559db3ca45523c7344c223bb28848fd3514 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Jan 2015 21:25:58 +0200 Subject: feature/session (#3073): Fix an error from previous patch --- system/libraries/Session/drivers/Session_database_driver.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 42ff96b7c..6c667b01f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -145,12 +145,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // PostgreSQL's variant of a BLOB datatype is Bytea, which is a // PITA to work with, so we use base64-encoded data in a TEXT // field instead. - if ($this->_platform === 'postgre') - { - $result = base64_decode(rtrim($result->data)); - } + $result = ($this->_platform === 'postgre') + ? base64_decode(rtrim($result->data)) + : $result->data; - $this->_fingerprint = md5(rtrim($result)); + $this->_fingerprint = md5($result); $this->_row_exists = TRUE; return $result->data; } -- cgit v1.2.3-24-g4f1b From 74009756ea938c2bde8147cb757d9a4835b78e6d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Jan 2015 21:36:25 +0200 Subject: feature/session (#3073): Third time is the charm --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 6c667b01f..46780b0db 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -151,7 +151,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_fingerprint = md5($result); $this->_row_exists = TRUE; - return $result->data; + return $result; } $this->_fingerprint = md5(''); -- cgit v1.2.3-24-g4f1b From 5231d3267269d7fd8e84b1faf637cef3ba2f1dec Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 02:29:49 +0200 Subject: feature/session (#3073): Only PostgreSQL data should be base64-encoded --- .../Session/drivers/Session_database_driver.php | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 46780b0db..e27c96595 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -178,7 +178,14 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_row_exists === FALSE) { - if ($this->_db->insert($this->_config['save_path'], array('id' => $session_id, 'ip_address' => $_SERVER['REMOTE_ADDR'], 'timestamp' => time(), 'data' => base64_encode($session_data)))) + $insert_data = array( + 'id' => $session_id, + 'ip_address' => $_SERVER['REMOTE_ADDR'], + 'timestamp' => time(), + 'data' => ($this->_platform === 'postgre' ? base64_encode($session_data) : $session_data) + ); + + if ($this->_db->insert($this->_config['save_path'], $insert_data)) { $this->_fingerprint = md5($session_data); return $this->_row_exists = TRUE; @@ -193,9 +200,13 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - $update_data = ($this->_fingerprint === md5($session_data)) - ? array('timestamp' => time()) - : array('timestamp' => time(), 'data' => base64_encode($session_data)); + $update_data = array('timestamp' => $time); + if ($this->_fingerprint !== md5($session_data)) + { + $update_data['data'] = ($this->_platform === 'postgre') + ? base64_encode($session_data) + : $session_data; + } if ($this->_db->update($this->_config['save_path'], $update_data)) { -- cgit v1.2.3-24-g4f1b From c33c3adff7d0c36208fa9c3a1dc364fa7f23f07d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 10:54:21 +0200 Subject: feature/session (#3073): Fix non-existing variable error --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index e27c96595..055a1a613 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -200,7 +200,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - $update_data = array('timestamp' => $time); + $update_data = array('timestamp' => time()); if ($this->_fingerprint !== md5($session_data)) { $update_data['data'] = ($this->_platform === 'postgre') -- cgit v1.2.3-24-g4f1b From b4b215e6baed4e61a7e1143e2ff22713846b0667 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 11:59:11 +0200 Subject: feature/session (#3073): Add CI_Session:: as reference to For backwards compatibility purposes. --- system/libraries/Session/Session.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 9c3b2b06c..4a96aa6b1 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -48,6 +48,13 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ class CI_Session { + /** + * Userdata array + * + * Just a reference to $_SESSION, for BC purposes. + */ + public $userdata; + protected $_driver = 'files'; protected $_config; @@ -341,6 +348,8 @@ class CI_Session { unset($_SESSION['__ci_vars']); } } + + $this->userdata =& $_SESSION; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 10411fc94395bdf217e8bbae61e0af3a73d37325 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 13:54:53 +0200 Subject: [ci skip] feature/session (#3073): Add missing method docblocks --- system/libraries/Session/Session.php | 10 ++++ system/libraries/Session/Session_driver.php | 8 +++ .../Session/drivers/Session_database_driver.php | 66 ++++++++++++++++++++++ .../Session/drivers/Session_files_driver.php | 51 +++++++++++++++++ .../Session/drivers/Session_memcached_driver.php | 66 ++++++++++++++++++++++ .../Session/drivers/Session_redis_driver.php | 66 ++++++++++++++++++++++ 6 files changed, 267 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 4a96aa6b1..5c61002a6 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -179,6 +179,16 @@ class CI_Session { // ------------------------------------------------------------------------ + /** + * CI Load Classes + * + * An internal method to load all possible dependency and extension + * classes. It kind of emulates the CI_Driver library, but is + * self-sufficient. + * + * @param string $driver Driver name + * @return string Driver class name + */ protected function _ci_load_classes($driver) { // PHP 5.4 compatibility diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index de1908ac6..c4fbde4f8 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -89,6 +89,14 @@ abstract class CI_Session_driver implements SessionHandlerInterface { // ------------------------------------------------------------------------ + /** + * Cookie destroy + * + * Internal method to force removal of a cookie by the client + * when session_destroy() is called. + * + * @return bool + */ protected function _cookie_destroy() { return setcookie( diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 055a1a613..87d80a2b0 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -110,6 +110,15 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Open + * + * Initializes the database connection + * + * @param string $save_path Table name + * @param string $name Session cookie name, unused + * @return bool + */ public function open($save_path, $name) { return empty($this->_db->conn_id) @@ -119,6 +128,14 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ public function read($session_id) { if ($this->_get_lock($session_id) !== FALSE) @@ -158,6 +175,17 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ''; } + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ public function write($session_id, $session_data) { // Was the ID regenerated? @@ -219,6 +247,13 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Close + * + * Releases locks + * + * @return void + */ public function close() { return ($this->_lock) @@ -228,6 +263,14 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ public function destroy($session_id) { if ($this->_lock) @@ -248,6 +291,14 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ public function gc($maxlifetime) { return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); @@ -255,6 +306,14 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Get lock + * + * Acquires a lock, depending on the underlying platform. + * + * @param string $session_id Session ID + * @return bool + */ protected function _get_lock($session_id) { if ($this->_platform === 'mysql') @@ -285,6 +344,13 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // ------------------------------------------------------------------------ + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ protected function _release_lock() { if ( ! $this->_lock) diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 761eed46f..95ab7f14c 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -101,6 +101,15 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Open + * + * Sanitizes the save_path directory. + * + * @param string $save_path Path to session files' directory + * @param string $name Session cookie name, unused + * @return bool + */ public function open($save_path, $name) { if ( ! is_dir($save_path) && ! mkdir($save_path, 0700, TRUE)) @@ -119,6 +128,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ public function read($session_id) { // This might seem weird, but PHP 5.6 introduces session_reset(), @@ -180,6 +197,17 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return $session_data; } + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ public function write($session_id, $session_data) { // If the two IDs don't match, we have a session_regenerate_id() call @@ -230,6 +258,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Close + * + * Releases locks and closes file descriptor. + * + * @return void + */ public function close() { if (is_resource($this->_file_handle)) @@ -246,6 +281,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ public function destroy($session_id) { if ($this->close()) @@ -265,6 +308,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ public function gc($maxlifetime) { if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index e2b568f52..683bb5c69 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -94,6 +94,15 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Open + * + * Sanitizes save_path and initializes connections. + * + * @param string $save_path Server path(s) + * @param string $name Session cookie name, unused + * @return bool + */ public function open($save_path, $name) { $this->_memcached = new Memcached(); @@ -141,6 +150,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ public function read($session_id) { if (isset($this->_memcached) && $this->_get_lock($session_id)) @@ -156,6 +173,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return FALSE; } + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ public function write($session_id, $session_data) { if ( ! isset($this->_memcached)) @@ -196,6 +224,13 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Close + * + * Releases locks and closes connection. + * + * @return void + */ public function close() { if (isset($this->_memcached)) @@ -215,6 +250,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ public function destroy($session_id) { if (isset($this->_memcached, $this->_lock_key)) @@ -228,6 +271,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ public function gc($maxlifetime) { // Not necessary, Memcached takes care of that. @@ -236,6 +287,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Get lock + * + * Acquires an (emulated) lock. + * + * @param string $session_id Session ID + * @return bool + */ protected function _get_lock($session_id) { if (isset($this->_lock_key)) @@ -289,6 +348,13 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // ------------------------------------------------------------------------ + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ protected function _release_lock() { if (isset($this->_memcached, $this->_lock_key) && $this->_lock) diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index cde587b97..a0ec40907 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -111,6 +111,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Open + * + * Sanitizes save_path and initializes connection. + * + * @param string $save_path Server path + * @param string $name Session cookie name, unused + * @return bool + */ public function open($save_path, $name) { if (empty($this->_config['save_path'])) @@ -142,6 +151,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Read + * + * Reads session data and acquires a lock + * + * @param string $session_id Session ID + * @return string Serialized session data + */ public function read($session_id) { if (isset($this->_redis) && $this->_get_lock($session_id)) @@ -157,6 +174,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return FALSE; } + // ------------------------------------------------------------------------ + + /** + * Write + * + * Writes (create / update) session data + * + * @param string $session_id Session ID + * @param string $session_data Serialized session data + * @return bool + */ public function write($session_id, $session_data) { if ( ! isset($this->_redis)) @@ -197,6 +225,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Close + * + * Releases locks and closes connection. + * + * @return void + */ public function close() { if (isset($this->_redis)) @@ -225,6 +260,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Destroy + * + * Destroys the current session. + * + * @param string $session_id Session ID + * @return bool + */ public function destroy($session_id) { if (isset($this->_redis, $this->_lock_key)) @@ -242,6 +285,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Garbage Collector + * + * Deletes expired sessions + * + * @param int $maxlifetime Maximum lifetime of sessions + * @return bool + */ public function gc($maxlifetime) { // Not necessary, Redis takes care of that. @@ -250,6 +301,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Get lock + * + * Acquires an (emulated) lock. + * + * @param string $session_id Session ID + * @return bool + */ protected function _get_lock($session_id) { if (isset($this->_lock_key)) @@ -309,6 +368,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // ------------------------------------------------------------------------ + /** + * Release lock + * + * Releases a previously acquired lock + * + * @return bool + */ protected function _release_lock() { if (isset($this->_redis, $this->_lock_key) && $this->_lock) -- cgit v1.2.3-24-g4f1b From 90da83c91c3359e656dec99b5be4f1779608f3b1 Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Mon, 19 Jan 2015 17:23:08 +0200 Subject: A minor header update, CI_Session_driver. --- system/libraries/Session/Session_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index c4fbde4f8..8edd31999 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * -- cgit v1.2.3-24-g4f1b From 90726b8c769ea75aec34814ddfa91655d488e6c3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 20 Jan 2015 12:39:22 +0200 Subject: [ci skip] Change some log messages' level 'Class Loaded' type of messages flood log files when log_threshold is set to 2 (debug). They're now logged as 'info' level. This is manually applying PR #1528, which was created to do the same thing, but became outdated. --- system/libraries/Calendar.php | 2 +- system/libraries/Cart.php | 2 +- system/libraries/Email.php | 2 +- system/libraries/Encrypt.php | 2 +- system/libraries/Encryption.php | 6 +++--- system/libraries/Form_validation.php | 2 +- system/libraries/Ftp.php | 2 +- system/libraries/Image_lib.php | 2 +- system/libraries/Javascript.php | 2 +- system/libraries/Javascript/Jquery.php | 2 +- system/libraries/Migration.php | 2 +- system/libraries/Pagination.php | 2 +- system/libraries/Parser.php | 1 + system/libraries/Profiler.php | 1 + system/libraries/Session/Session.php | 2 +- system/libraries/Table.php | 2 +- system/libraries/Trackback.php | 2 +- system/libraries/Unit_test.php | 2 +- system/libraries/Upload.php | 2 +- system/libraries/User_agent.php | 2 +- system/libraries/Xmlrpc.php | 2 +- system/libraries/Xmlrpcs.php | 2 +- system/libraries/Zip.php | 2 +- 23 files changed, 25 insertions(+), 23 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index e6ca225bf..fcca163a5 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -138,7 +138,7 @@ class CI_Calendar { empty($config) OR $this->initialize($config); - log_message('debug', 'Calendar Class Initialized'); + log_message('info', 'Calendar Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index a0fe1053d..2fffd9a76 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -115,7 +115,7 @@ class CI_Cart { $this->_cart_contents = array('cart_total' => 0, 'total_items' => 0); } - log_message('debug', 'Cart Class Initialized'); + log_message('info', 'Cart Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Email.php b/system/libraries/Email.php index c042aaade..f8a89c344 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -421,7 +421,7 @@ class CI_Email { $this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode')); $this->charset = strtoupper($this->charset); - log_message('debug', 'Email Class Initialized'); + log_message('info', 'Email Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 45b3027eb..f527a9943 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -97,7 +97,7 @@ class CI_Encrypt { show_error('The Encrypt library requires the Mcrypt extension.'); } - log_message('debug', 'Encrypt Class Initialized'); + log_message('info', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index ef67b4cd5..95b183a3a 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -171,7 +171,7 @@ class CI_Encryption { $this->_key = $key; } - log_message('debug', 'Encryption Class Initialized'); + log_message('info', 'Encryption Class Initialized'); } // -------------------------------------------------------------------- @@ -268,7 +268,7 @@ class CI_Encryption { if ($this->_handle = mcrypt_module_open($this->_cipher, '', $this->_mode, '')) { - log_message('debug', 'Encryption: MCrypt cipher '.strtoupper($this->_cipher).' initialized in '.strtoupper($this->_mode).' mode.'); + log_message('info', 'Encryption: MCrypt cipher '.strtoupper($this->_cipher).' initialized in '.strtoupper($this->_mode).' mode.'); } else { @@ -322,7 +322,7 @@ class CI_Encryption { else { $this->_handle = $handle; - log_message('debug', 'Encryption: OpenSSL initialized with method '.strtoupper($handle).'.'); + log_message('info', 'Encryption: OpenSSL initialized with method '.strtoupper($handle).'.'); } } } diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index f731544b1..7c9561c07 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -146,7 +146,7 @@ class CI_Form_validation { // Automatically load the form helper $this->CI->load->helper('form'); - log_message('debug', 'Form Validation Class Initialized'); + log_message('info', 'Form Validation Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index f6279cfc5..4794d75c1 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -112,7 +112,7 @@ class CI_FTP { public function __construct($config = array()) { empty($config) OR $this->initialize($config); - log_message('debug', 'FTP Class Initialized'); + log_message('info', 'FTP Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 529532e60..9ad0dd5b6 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -392,7 +392,7 @@ class CI_Image_lib { $this->initialize($props); } - log_message('debug', 'Image Lib Class Initialized'); + log_message('info', 'Image Lib Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 94586c069..f0ffa142b 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -85,7 +85,7 @@ class CI_Javascript { // make js to refer to current library $this->js =& $this->CI->$js_library_driver; - log_message('debug', 'Javascript Class Initialized and loaded. Driver used: '.$js_library_driver); + log_message('info', 'Javascript Class Initialized and loaded. Driver used: '.$js_library_driver); } // -------------------------------------------------------------------- diff --git a/system/libraries/Javascript/Jquery.php b/system/libraries/Javascript/Jquery.php index 1c6331f6b..a44a9f5d6 100644 --- a/system/libraries/Javascript/Jquery.php +++ b/system/libraries/Javascript/Jquery.php @@ -115,7 +115,7 @@ class CI_Jquery extends CI_Javascript { $this->script(); } - log_message('debug', 'Jquery Class Initialized'); + log_message('info', 'Jquery Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index f46d45f5a..a2dce1371 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -126,7 +126,7 @@ class CI_Migration { $this->{'_'.$key} = $val; } - log_message('debug', 'Migrations class initialized'); + log_message('info', 'Migrations Class Initialized'); // Are they trying to use migrations while it is disabled? if ($this->_migration_enabled !== TRUE) diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 1081fbec7..6c8366435 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -333,7 +333,7 @@ class CI_Pagination { } $this->initialize($params); - log_message('debug', 'Pagination Class Initialized'); + log_message('info', 'Pagination Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index 5a2024955..418dd38d6 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -79,6 +79,7 @@ class CI_Parser { public function __construct() { $this->CI =& get_instance(); + log_message('info', 'Parser Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 9a4e833cc..d3f5d8de2 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -116,6 +116,7 @@ class CI_Profiler { } $this->set_sections($config); + log_message('info', 'Profiler Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 5c61002a6..bc4a5ca1c 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -174,7 +174,7 @@ class CI_Session { $this->_ci_init_vars(); - log_message('debug', "Session: Class initialized using '".$this->_driver."' driver."); + log_message('info', "Session: Class initialized using '".$this->_driver."' driver."); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Table.php b/system/libraries/Table.php index 118536f88..a1496a514 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -120,7 +120,7 @@ class CI_Table { $this->template[$key] = $val; } - log_message('debug', 'Table Class Initialized'); + log_message('info', 'Table Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index 3284923fd..9992fb417 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -103,7 +103,7 @@ class CI_Trackback { */ public function __construct() { - log_message('debug', 'Trackback Class Initialized'); + log_message('info', 'Trackback Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 6137673c0..0b8bcd7c4 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -111,7 +111,7 @@ class CI_Unit_test { */ public function __construct() { - log_message('debug', 'Unit Testing Class Initialized'); + log_message('info', 'Unit Testing Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index e022c43d4..3b0e044ae 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -296,7 +296,7 @@ class CI_Upload { $this->_mimes =& get_mimes(); $this->_CI =& get_instance(); - log_message('debug', 'Upload Class Initialized'); + log_message('info', 'Upload Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 04e1a59ba..242bedbb6 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -183,7 +183,7 @@ class CI_User_agent { $this->_compile_data(); } - log_message('debug', 'User Agent Class Initialized'); + log_message('info', 'User Agent Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 5ecebaf6d..9f5e20468 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -314,7 +314,7 @@ class CI_Xmlrpc { $this->initialize($config); - log_message('debug', 'XML-RPC Class Initialized'); + log_message('info', 'XML-RPC Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index f786b2323..2ab862737 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -104,7 +104,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { $this->methods = array_merge($this->methods, $config['functions']); } - log_message('debug', 'XML-RPC Server Class Initialized'); + log_message('info', 'XML-RPC Server Class Initialized'); } // -------------------------------------------------------------------- diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index cee5d8d76..555e9aedf 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -113,7 +113,7 @@ class CI_Zip { public function __construct() { $this->now = time(); - log_message('debug', 'Zip Compression Class Initialized'); + log_message('info', 'Zip Compression Class Initialized'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 0da50123c196ca0f342cac44b76f889a6f8a96b9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 20 Jan 2015 13:30:05 +0200 Subject: Pagination: Add 'use_global_url_suffix' setting Resolves issue #1887 --- system/libraries/Pagination.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 6c8366435..aa54ec4c1 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -298,6 +298,13 @@ class CI_Pagination { */ protected $reuse_query_string = FALSE; + /** + * Use global URL suffix flag + * + * @var bool + */ + protected $use_global_url_suffix = FALSE; + /** * Data page attribute * @@ -373,6 +380,11 @@ class CI_Pagination { $this->page_query_string = TRUE; } + if ($this->use_global_url_suffix === TRUE) + { + $this->suffix = $this->CI->config->item('url_suffix'); + } + return $this; } -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- system/libraries/Cache/Cache.php | 3 --- system/libraries/Cache/drivers/Cache_apc.php | 3 --- system/libraries/Cache/drivers/Cache_dummy.php | 3 --- system/libraries/Cache/drivers/Cache_file.php | 3 --- system/libraries/Cache/drivers/Cache_memcached.php | 3 --- system/libraries/Cache/drivers/Cache_redis.php | 3 --- system/libraries/Cache/drivers/Cache_wincache.php | 3 --- system/libraries/Calendar.php | 3 --- system/libraries/Cart.php | 3 --- system/libraries/Driver.php | 3 --- system/libraries/Email.php | 3 --- system/libraries/Encrypt.php | 3 --- system/libraries/Encryption.php | 3 --- system/libraries/Form_validation.php | 3 --- system/libraries/Ftp.php | 3 --- system/libraries/Image_lib.php | 3 --- system/libraries/Javascript.php | 3 --- system/libraries/Javascript/Jquery.php | 3 --- system/libraries/Migration.php | 3 --- system/libraries/Pagination.php | 3 --- system/libraries/Parser.php | 3 --- system/libraries/Profiler.php | 3 --- system/libraries/Session/Session.php | 3 --- system/libraries/Session/SessionHandlerInterface.php | 3 --- system/libraries/Session/Session_driver.php | 3 --- system/libraries/Session/drivers/Session_database_driver.php | 3 --- system/libraries/Session/drivers/Session_files_driver.php | 3 --- system/libraries/Session/drivers/Session_memcached_driver.php | 3 --- system/libraries/Session/drivers/Session_redis_driver.php | 3 --- system/libraries/Table.php | 3 --- system/libraries/Trackback.php | 3 --- system/libraries/Typography.php | 3 --- system/libraries/Unit_test.php | 3 --- system/libraries/Upload.php | 3 --- system/libraries/User_agent.php | 3 --- system/libraries/Xmlrpc.php | 3 --- system/libraries/Xmlrpcs.php | 3 --- system/libraries/Zip.php | 3 --- 38 files changed, 114 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index bee0c068b..40ac70103 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -272,6 +272,3 @@ class CI_Cache extends CI_Driver_Library { } } - -/* End of file Cache.php */ -/* Location: ./system/libraries/Cache/Cache.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index 3c441a2f2..e0d2ffb39 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -208,6 +208,3 @@ class CI_Cache_apc extends CI_Driver { } } - -/* End of file Cache_apc.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_apc.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_dummy.php b/system/libraries/Cache/drivers/Cache_dummy.php index e05935dca..bf80945a9 100644 --- a/system/libraries/Cache/drivers/Cache_dummy.php +++ b/system/libraries/Cache/drivers/Cache_dummy.php @@ -170,6 +170,3 @@ class CI_Cache_dummy extends CI_Driver { } } - -/* End of file Cache_dummy.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_dummy.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 3ff32cf60..68bc1ec96 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -284,6 +284,3 @@ class CI_Cache_file extends CI_Driver { } } - -/* End of file Cache_file.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_file.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 03174bda1..b90b561c9 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -293,6 +293,3 @@ class CI_Cache_memcached extends CI_Driver { } } - -/* End of file Cache_memcached.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_memcached.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 78563aab0..f2a41cc67 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -335,6 +335,3 @@ class CI_Cache_redis extends CI_Driver } } - -/* End of file Cache_redis.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_redis.php */ \ No newline at end of file diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php index 4592d1dd8..528b2b9bf 100644 --- a/system/libraries/Cache/drivers/Cache_wincache.php +++ b/system/libraries/Cache/drivers/Cache_wincache.php @@ -204,6 +204,3 @@ class CI_Cache_wincache extends CI_Driver { } } - -/* End of file Cache_wincache.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_wincache.php */ \ No newline at end of file diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index fcca163a5..014daac58 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -548,6 +548,3 @@ class CI_Calendar { } } - -/* End of file Calendar.php */ -/* Location: ./system/libraries/Calendar.php */ \ No newline at end of file diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index 2fffd9a76..bf27c6392 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -565,6 +565,3 @@ class CI_Cart { } } - -/* End of file Cart.php */ -/* Location: ./system/libraries/Cart.php */ \ No newline at end of file diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index 75466a186..da4c548e6 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -340,6 +340,3 @@ class CI_Driver { } } - -/* End of file Driver.php */ -/* Location: ./system/libraries/Driver.php */ \ No newline at end of file diff --git a/system/libraries/Email.php b/system/libraries/Email.php index f8a89c344..4e0e0cd9f 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -2271,6 +2271,3 @@ class CI_Email { } } - -/* End of file Email.php */ -/* Location: ./system/libraries/Email.php */ \ No newline at end of file diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index f527a9943..5faf1f206 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -478,6 +478,3 @@ class CI_Encrypt { } } - -/* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index 95b183a3a..171a28b34 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -924,6 +924,3 @@ class CI_Encryption { : substr($str, $start); } } - -/* End of file Encryption.php */ -/* Location: ./system/libraries/Encryption.php */ \ No newline at end of file diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 7c9561c07..819224528 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1589,6 +1589,3 @@ class CI_Form_validation { } } - -/* End of file Form_validation.php */ -/* Location: ./system/libraries/Form_validation.php */ \ No newline at end of file diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index 4794d75c1..af45bb55f 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -665,6 +665,3 @@ class CI_FTP { } } - -/* End of file Ftp.php */ -/* Location: ./system/libraries/Ftp.php */ \ No newline at end of file diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 9ad0dd5b6..92e47507f 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1801,6 +1801,3 @@ class CI_Image_lib { } } - -/* End of file Image_lib.php */ -/* Location: ./system/libraries/Image_lib.php */ \ No newline at end of file diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index f0ffa142b..4cc628692 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -854,6 +854,3 @@ class CI_Javascript { } } - -/* End of file Javascript.php */ -/* Location: ./system/libraries/Javascript.php */ \ No newline at end of file diff --git a/system/libraries/Javascript/Jquery.php b/system/libraries/Javascript/Jquery.php index a44a9f5d6..25acceef7 100644 --- a/system/libraries/Javascript/Jquery.php +++ b/system/libraries/Javascript/Jquery.php @@ -1074,6 +1074,3 @@ class CI_Jquery extends CI_Javascript { } } - -/* End of file Jquery.php */ -/* Location: ./system/libraries/Jquery.php */ \ No newline at end of file diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index a2dce1371..8ce4243fe 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -444,6 +444,3 @@ class CI_Migration { } } - -/* End of file Migration.php */ -/* Location: ./system/libraries/Migration.php */ \ No newline at end of file diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index aa54ec4c1..d63f61df6 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -694,6 +694,3 @@ class CI_Pagination { } } - -/* End of file Pagination.php */ -/* Location: ./system/libraries/Pagination.php */ \ No newline at end of file diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index 418dd38d6..57981af95 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -246,6 +246,3 @@ class CI_Parser { } } - -/* End of file Parser.php */ -/* Location: ./system/libraries/Parser.php */ \ No newline at end of file diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index d3f5d8de2..f35d23faf 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -574,6 +574,3 @@ class CI_Profiler { } } - -/* End of file Profiler.php */ -/* Location: ./system/libraries/Profiler.php */ \ No newline at end of file diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index bc4a5ca1c..5f7791dee 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -893,6 +893,3 @@ class CI_Session { } } - -/* End of file Session.php */ -/* Location: ./system/libraries/Session/Session.php */ \ No newline at end of file diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php index 2050e1e4d..9dab5ac07 100644 --- a/system/libraries/Session/SessionHandlerInterface.php +++ b/system/libraries/Session/SessionHandlerInterface.php @@ -57,6 +57,3 @@ interface SessionHandlerInterface { public function destroy($session_id); public function gc($maxlifetime); } - -/* End of file SessionHandlerInterface.php */ -/* Location: ./system/libraries/Session/SessionHandlerInterface.php */ \ No newline at end of file diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 8edd31999..47376da5b 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -146,6 +146,3 @@ abstract class CI_Session_driver implements SessionHandlerInterface { } } - -/* End of file Session_driver.php */ -/* Location: ./system/libraries/Session/Session_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 87d80a2b0..76596f041 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -383,6 +383,3 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } } - -/* End of file Session_database_driver.php */ -/* Location: ./system/libraries/Session/drivers/Session_database_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 95ab7f14c..04562b282 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -344,6 +344,3 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } } - -/* End of file Session_files_driver.php */ -/* Location: ./system/libraries/Session/drivers/Session_files_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 683bb5c69..00112c88c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -373,6 +373,3 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa } } - -/* End of file Session_memcached_driver.php */ -/* Location: ./system/libraries/Session/drivers/Session_memcached_driver.php */ \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index a0ec40907..c53975ae4 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -393,6 +393,3 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } } - -/* End of file Session_redis_driver.php */ -/* Location: ./system/libraries/Session/drivers/Session_redis_driver.php */ \ No newline at end of file diff --git a/system/libraries/Table.php b/system/libraries/Table.php index a1496a514..7a39dfc77 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -535,6 +535,3 @@ class CI_Table { } } - -/* End of file Table.php */ -/* Location: ./system/libraries/Table.php */ \ No newline at end of file diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index 9992fb417..23bdbbd58 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -554,6 +554,3 @@ class CI_Trackback { } } - -/* End of file Trackback.php */ -/* Location: ./system/libraries/Trackback.php */ \ No newline at end of file diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index c34fedcb1..f5efacfa2 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -423,6 +423,3 @@ class CI_Typography { } } - -/* End of file Typography.php */ -/* Location: ./system/libraries/Typography.php */ \ No newline at end of file diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 0b8bcd7c4..7b744adc6 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -403,6 +403,3 @@ function is_false($test) { return ($test === FALSE); } - -/* End of file Unit_test.php */ -/* Location: ./system/libraries/Unit_test.php */ \ No newline at end of file diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 3b0e044ae..29711bbbc 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1300,6 +1300,3 @@ class CI_Upload { } } - -/* End of file Upload.php */ -/* Location: ./system/libraries/Upload.php */ \ No newline at end of file diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 242bedbb6..53d932a53 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -681,6 +681,3 @@ class CI_User_agent { } } - -/* End of file User_agent.php */ -/* Location: ./system/libraries/User_agent.php */ \ No newline at end of file diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 9f5e20468..9d7cbffa2 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -1900,6 +1900,3 @@ class XML_RPC_Values extends CI_Xmlrpc } } // END XML_RPC_Values Class - -/* End of file Xmlrpc.php */ -/* Location: ./system/libraries/Xmlrpc.php */ \ No newline at end of file diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index 2ab862737..af7041337 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -622,6 +622,3 @@ class CI_Xmlrpcs extends CI_Xmlrpc { } } - -/* End of file Xmlrpcs.php */ -/* Location: ./system/libraries/Xmlrpcs.php */ \ No newline at end of file diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index 555e9aedf..f2f17148b 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -482,6 +482,3 @@ class CI_Zip { } } - -/* End of file Zip.php */ -/* Location: ./system/libraries/Zip.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 4a183078d782016cd1aaa74cb1762718638609b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 22 Jan 2015 00:27:38 +0200 Subject: [ci skip] Whitespace removal --- system/libraries/Upload.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 3b0e044ae..f37b3867e 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -338,11 +338,9 @@ class CI_Upload { $this->$key = $defaults[$key]; } } - } else { - foreach ($config as $key => &$value) { if ($key[0] !== '_' && $reflection->hasProperty($key)) @@ -357,7 +355,6 @@ class CI_Upload { } } } - } // if a file_name was provided in the config, use it instead of the user input -- cgit v1.2.3-24-g4f1b From 5c2c56a0fc4387a2ad2906f703d0b340391250d4 Mon Sep 17 00:00:00 2001 From: Gwenael G Date: Fri, 23 Jan 2015 17:17:30 +0100 Subject: This paragraph local variable is declared but never used. --- system/libraries/Typography.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index f5efacfa2..3b6cb1645 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -172,7 +172,6 @@ class CI_Typography { // Build our finalized string. We cycle through the array, skipping tags, and processing the contained text $str = ''; $process = TRUE; - $paragraph = FALSE; for ($i = 0, $c = count($chunks) - 1; $i <= $c; $i++) { -- cgit v1.2.3-24-g4f1b From eca885df9d2c763f97fca04c5fec14ee420b0fa3 Mon Sep 17 00:00:00 2001 From: Lance Vincent Date: Wed, 28 Jan 2015 17:43:23 +0800 Subject: Form Validation - In Method Returns true if a given value matches any of the specified list --- system/libraries/Form_validation.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index b640f1ec1..f3c882617 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1437,6 +1437,22 @@ class CI_Form_validation { // -------------------------------------------------------------------- + /** + * Value should be within an array of values + * + * @param string + * @param array + * @return bool + */ + public function in($value, $list) + { + $list = array_map('trim', explode(',', (string) $list)); + + return in_array((string) $value, $list); + } + + // -------------------------------------------------------------------- + /** * Is a Natural number (0,1,2,3, etc.) * -- cgit v1.2.3-24-g4f1b From 49f483d57f4f95fc2b6d35e97ff368f15e97a5ae Mon Sep 17 00:00:00 2001 From: Lance Vincent Date: Wed, 28 Jan 2015 22:46:19 +0800 Subject: change in to in_list --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index e81216edb..cfb13ae2e 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1455,7 +1455,7 @@ class CI_Form_validation { * @param array * @return bool */ - public function in($value, $list) + public function in_list($value, $list) { return in_array($value, explode(',', $list), TRUE); } -- cgit v1.2.3-24-g4f1b From 5b662e4e7f3b47f658d2692f0b073da6a9c8a2e7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 29 Jan 2015 00:13:54 +0200 Subject: [ci skip] Correct a docblock following PR #3521 --- system/libraries/Form_validation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index cfb13ae2e..f161b40e7 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1452,7 +1452,7 @@ class CI_Form_validation { * Value should be within an array of values * * @param string - * @param array + * @param string * @return bool */ public function in_list($value, $list) -- cgit v1.2.3-24-g4f1b From 00c222db1e23ecc3692a5ca5664d8fc25f1789fc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 29 Jan 2015 18:14:31 +0200 Subject: Fix #3529 Seems to be some really obscure PHP bug ... --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 76596f041..0ec6e34f0 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -83,7 +83,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $CI =& get_instance(); isset($CI->db) OR $CI->load->database(); - $this->_db =& $CI->db; + $this->_db = $CI->db; if ( ! $this->_db instanceof CI_DB_query_builder) { -- cgit v1.2.3-24-g4f1b From 0779e99eeb12cb137eed77cf580add374afa71a5 Mon Sep 17 00:00:00 2001 From: omar Date: Sat, 31 Jan 2015 11:57:07 -0700 Subject: Fixed Watermark function to work without drop shadow --- system/libraries/Image_lib.php | 76 +++++++++++++++++++++++++----------------- 1 file changed, 46 insertions(+), 30 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 92e47507f..aae062e47 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1311,12 +1311,14 @@ class CI_Image_lib { $y_axis = $this->wm_vrt_offset + $this->wm_padding; if ($this->wm_use_drop_shadow === FALSE) + { $this->wm_shadow_distance = 0; + } $this->wm_vrt_alignment = strtoupper($this->wm_vrt_alignment[0]); $this->wm_hor_alignment = strtoupper($this->wm_hor_alignment[0]); - // Set verticle alignment + // Set vertical alignment if ($this->wm_vrt_alignment === 'M') { $y_axis += ($this->orig_height / 2) + ($fontheight / 2); @@ -1325,53 +1327,67 @@ class CI_Image_lib { { $y_axis += $this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight / 2); } - - $x_shad = $x_axis + $this->wm_shadow_distance; - $y_shad = $y_axis + $this->wm_shadow_distance; - + + // Set horizontal alignment + if ($this->wm_hor_alignment === 'R') + { + $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + } + elseif ($this->wm_hor_alignment === 'C') + { + $x_axis += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); + } + if ($this->wm_use_drop_shadow) { - // Set horizontal alignment - if ($this->wm_hor_alignment === 'R') - { - $x_shad += $this->orig_width - ($fontwidth * strlen($this->wm_text)); - $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)); - } - elseif ($this->wm_hor_alignment === 'C') - { - $x_shad += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); - $x_axis += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); - } - - /* Set RGB values for text and shadow + // Offset from text + $x_shad = $x_axis + $this->wm_shadow_distance; + $y_shad = $y_axis + $this->wm_shadow_distance; + + /* Set RGB values for shadow * * First character is #, so we don't really need it. * Get the rest of the string and split it into 2-length * hex values: */ - $txt_color = str_split(substr($this->wm_font_color, 1, 6), 2); - $txt_color = imagecolorclosest($src_img, hexdec($txt_color[0]), hexdec($txt_color[1]), hexdec($txt_color[2])); $drp_color = str_split(substr($this->wm_shadow_color, 1, 6), 2); $drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[1]), hexdec($drp_color[2])); - - // Add the text to the source image + + // Add the shadow to the source image if ($this->wm_use_truetype) { imagettftext($src_img, $this->wm_font_size, 0, $x_shad, $y_shad, $drp_color, $this->wm_font_path, $this->wm_text); - imagettftext($src_img, $this->wm_font_size, 0, $x_axis, $y_axis, $txt_color, $this->wm_font_path, $this->wm_text); } else { imagestring($src_img, $this->wm_font_size, $x_shad, $y_shad, $this->wm_text, $drp_color); - imagestring($src_img, $this->wm_font_size, $x_axis, $y_axis, $this->wm_text, $txt_color); } + } + + /* Set RGB values for text + * + * First character is #, so we don't really need it. + * Get the rest of the string and split it into 2-length + * hex values: + */ + $txt_color = str_split(substr($this->wm_font_color, 1, 6), 2); + $txt_color = imagecolorclosest($src_img, hexdec($txt_color[0]), hexdec($txt_color[1]), hexdec($txt_color[2])); - // We can preserve transparency for PNG images - if ($this->image_type === 3) - { - imagealphablending($src_img, FALSE); - imagesavealpha($src_img, TRUE); - } + // Add the text to the source image + if ($this->wm_use_truetype) + { + imagettftext($src_img, $this->wm_font_size, 0, $x_axis, $y_axis, $txt_color, $this->wm_font_path, $this->wm_text); + } + else + { + imagestring($src_img, $this->wm_font_size, $x_axis, $y_axis, $this->wm_text, $txt_color); + } + + // We can preserve transparency for PNG images + if ($this->image_type === 3) + { + imagealphablending($src_img, FALSE); + imagesavealpha($src_img, TRUE); } // Output the final image -- cgit v1.2.3-24-g4f1b From 9c855325189e7ec1ecf2f4666280af038b6cb00e Mon Sep 17 00:00:00 2001 From: omar Date: Sat, 31 Jan 2015 11:58:03 -0700 Subject: Fixed horizontal position of watermark text when using drop shadow --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index aae062e47..e056654bb 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1331,7 +1331,7 @@ class CI_Image_lib { // Set horizontal alignment if ($this->wm_hor_alignment === 'R') { - $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)) - $this->wm_shadow_distance; } elseif ($this->wm_hor_alignment === 'C') { -- cgit v1.2.3-24-g4f1b From 5f4d01a97d9979f25ace6a7bce4dea23f630524e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Feb 2015 18:38:00 +0200 Subject: Throw exception if 'files' session path is invalid --- system/libraries/Session/drivers/Session_files_driver.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 04562b282..32aeab614 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -1,4 +1,4 @@ -_config['save_path']."' is not a directory, doesn't exist or cannot be created."); - return FALSE; + if ( ! mkdir($save_path, 0700, TRUE)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); + } + } + elseif ( ! is_writable($save_path)) + { + throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process."); } $this->_config['save_path'] = $save_path; -- cgit v1.2.3-24-g4f1b From 05afe3eac1ff69aabdb34b795004acb8a386d20d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 2 Feb 2015 19:04:37 +0200 Subject: Err ... r --- system/libraries/Session/drivers/Session_files_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 32aeab614..ad8315d52 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -1,4 +1,4 @@ -r Date: Mon, 2 Feb 2015 23:22:29 +0200 Subject: Fix a wrong var name in CI_Session::mark_as_temp() --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 5f7791dee..2551e54e9 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -489,7 +489,7 @@ class CI_Session { return FALSE; } - $temp[$k] = $ts; + $temp[$k] = $v; } $_SESSION['__ci_vars'] = isset($_SESSION['__ci_vars']) -- cgit v1.2.3-24-g4f1b From 8194ce50c3eae0f371e338d9093b99e2ff1b4d16 Mon Sep 17 00:00:00 2001 From: Gabriel Potkány Date: Wed, 4 Feb 2015 10:34:24 +0100 Subject: Fix typos in func names --- system/libraries/Encryption.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index 171a28b34..fad4ea7f8 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -248,7 +248,7 @@ class CI_Encryption { $params['mode'] = strtolower($params['mode']); if ( ! isset($this->_modes['mcrypt'][$params['mode']])) { - log_message('error', 'Encryption: MCrypt mode '.strtotupper($params['mode']).' is not available.'); + log_message('error', 'Encryption: MCrypt mode '.strtoupper($params['mode']).' is not available.'); } else { @@ -299,7 +299,7 @@ class CI_Encryption { $params['mode'] = strtolower($params['mode']); if ( ! isset($this->_modes['openssl'][$params['mode']])) { - log_message('error', 'Encryption: OpenSSL mode '.strtotupper($params['mode']).' is not available.'); + log_message('error', 'Encryption: OpenSSL mode '.strtoupper($params['mode']).' is not available.'); } else { -- cgit v1.2.3-24-g4f1b