search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Avail feature updated
[ninja.git] / system / libraries / Session.php
blob2a96d699c4c56241809b940eeaa091c10a276a13
1 <?php defined('SYSPATH') OR die('No direct access allowed.');
2 /**
3 * Session library.
4 *
5 * $Id: Session.php 3917 2009-01-21 03:06:22Z zombor $
6 *
7 * @package Core
8 * @author Kohana Team
9 * @copyright (c) 2007-2008 Kohana Team
10 * @license http://kohanaphp.com/license.html
11 */
12 class Session {
13
14 // Session singleton
15 private static $instance;
16
17 // Protected key names (cannot be set by the user)
18 protected static $protect = array('session_id', 'user_agent', 'last_activity', 'ip_address', 'total_hits', '_kf_flash_');
19
20 // Configuration and driver
21 protected static $config;
22 protected static $driver;
23
24 // Flash variables
25 protected static $flash;
26
27 // Input library
28 protected $input;
29
30 /**
31 * Singleton instance of Session.
32 */
33 public static function instance()
34 {
35 if (self::$instance == NULL)
36 {
37 // Create a new instance
38 new Session;
39 }
40
41 return self::$instance;
42 }
43
44 /**
45 * On first session instance creation, sets up the driver and creates session.
46 */
47 public function __construct()
48 {
49 $this->input = Input::instance();
50
51 // This part only needs to be run once
52 if (self::$instance === NULL)
53 {
54 // Load config
55 self::$config = Kohana::config('session');
56
57 // Makes a mirrored array, eg: foo=foo
58 self::$protect = array_combine(self::$protect, self::$protect);
59
60 // Configure garbage collection
61 ini_set('session.gc_probability', (int) self::$config['gc_probability']);
62 ini_set('session.gc_divisor', 100);
63 ini_set('session.gc_maxlifetime', (self::$config['expiration'] == 0) ? 86400 : self::$config['expiration']);
64
65 // Create a new session
66 $this->create();
67
68 // Close the session just before sending the headers, so that
69 // the session cookie(s) can be written.
70 Event::add('system.send_headers', array($this, 'write_close'));
71
72 // Make sure that sessions are closed before exiting
73 register_shutdown_function(array($this, 'write_close'));
74
75 // Singleton instance
76 self::$instance = $this;
77 }
78 }
79
80 /**
81 * Get the session id.
82 *
83 * @return string
84 */
85 public function id()
86 {
87 return $_SESSION['session_id'];
88 }
89
90 /**
91 * Create a new session.
92 *
93 * @param array variables to set after creation
94 * @return void
95 */
96 public function create($vars = NULL)
97 {
98 // Destroy any current sessions
99 $this->destroy();
100
101 if (self::$config['driver'] !== 'native')
102 {
103 // Set driver name
104 $driver = 'Session_'.ucfirst(self::$config['driver']).'_Driver';
105
106 // Load the driver
107 if ( ! Kohana::auto_load($driver))
108 throw new Kohana_Exception('core.driver_not_found', self::$config['driver'], get_class($this));
109
110 // Initialize the driver
111 self::$driver = new $driver();
112
113 // Validate the driver
114 if ( ! (self::$driver instanceof Session_Driver))
115 throw new Kohana_Exception('core.driver_implements', self::$config['driver'], get_class($this), 'Session_Driver');
116
117 // Register non-native driver as the session handler
118 session_set_save_handler
119 (
120 array(self::$driver, 'open'),
121 array(self::$driver, 'close'),
122 array(self::$driver, 'read'),
123 array(self::$driver, 'write'),
124 array(self::$driver, 'destroy'),
125 array(self::$driver, 'gc')
126 );
127 }
128
129 // Validate the session name
130 if ( ! preg_match('~^(?=.*[a-z])[a-z0-9_]++$~iD', self::$config['name']))
131 throw new Kohana_Exception('session.invalid_session_name', self::$config['name']);
132
133 // Name the session, this will also be the name of the cookie
134 session_name(self::$config['name']);
135
136 $secure = Kohana::config('cookie.secure');
137 if(!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS']) {
138 $secure = false;
139 }
140
141 // Set the session cookie parameters
142 session_set_cookie_params
143 (
144 self::$config['expiration'],
145 Kohana::config('cookie.path'),
146 Kohana::config('cookie.domain'),
147 $secure,
148 Kohana::config('cookie.httponly')
149 );
150
151 // Start the session!
152 session_start();
153
154 // Put session_id in the session variable
155 $_SESSION['session_id'] = session_id();
156
157 // Set defaults
158 if ( ! isset($_SESSION['_kf_flash_']))
159 {
160 $_SESSION['total_hits'] = 0;
161 $_SESSION['_kf_flash_'] = array();
162
163 $_SESSION['user_agent'] = Kohana::$user_agent;
164 $_SESSION['ip_address'] = $this->input->ip_address();
165 }
166
167 // Set up flash variables
168 self::$flash =& $_SESSION['_kf_flash_'];
169
170 // Increase total hits
171 $_SESSION['total_hits'] += 1;
172
173 // Validate data only on hits after one
174 if ($_SESSION['total_hits'] > 1)
175 {
176 // Validate the session
177 foreach (self::$config['validate'] as $valid)
178 {
179 switch ($valid)
180 {
181 // Check user agent for consistency
182 case 'user_agent':
183 if ($_SESSION[$valid] !== Kohana::$user_agent)
184 return $this->create();
185 break;
186
187 // Check ip address for consistency
188 case 'ip_address':
189 if ($_SESSION[$valid] !== $this->input->$valid())
190 return $this->create();
191 break;
192
193 // Check expiration time to prevent users from manually modifying it
194 case 'expiration':
195 if (time() - $_SESSION['last_activity'] > ini_get('session.gc_maxlifetime'))
196 return $this->create();
197 break;
198 }
199 }
200 }
201
202 // Expire flash keys
203 $this->expire_flash();
204
205 // Update last activity
206 $_SESSION['last_activity'] = time();
207
208 // Set the new data
209 self::set($vars);
210 }
211
212 /**
213 * Destroys the current session.
214 *
215 * @return void
216 */
217 public function destroy()
218 {
219 if (session_id() !== '')
220 {
221 // Get the session name
222 $name = session_name();
223
224 // Destroy the session
225 session_destroy();
226
227 // Re-initialize the array
228 $_SESSION = array();
229
230 // Delete the session cookie
231 cookie::delete($name);
232 }
233 }
234
235 /**
236 * Runs the system.session_write event, then calls session_write_close.
237 *
238 * @return void
239 */
240 public function write_close()
241 {
242 static $run;
243
244 if ($run === NULL)
245 {
246 $run = TRUE;
247
248 // Run the events that depend on the session being open
249 Event::run('system.session_write');
250
251 // Expire flash keys
252 $this->expire_flash();
253
254 // Close the session
255 session_write_close();
256 }
257 }
258
259 /**
260 * Set a session variable.
261 *
262 * @param string|array key, or array of values
263 * @param mixed value (if keys is not an array)
264 * @return void
265 */
266 public function set($keys, $val = FALSE)
267 {
268 if (empty($keys))
269 return FALSE;
270
271 if ( ! is_array($keys))
272 {
273 $keys = array($keys => $val);
274 }
275
276 foreach ($keys as $key => $val)
277 {
278 if (isset(self::$protect[$key]))
279 continue;
280
281 // Set the key
282 $_SESSION[$key] = $val;
283 }
284 }
285
286 /**
287 * Set a flash variable.
288 *
289 * @param string|array key, or array of values
290 * @param mixed value (if keys is not an array)
291 * @return void
292 */
293 public function set_flash($keys, $val = FALSE)
294 {
295 if (empty($keys))
296 return FALSE;
297
298 if ( ! is_array($keys))
299 {
300 $keys = array($keys => $val);
301 }
302
303 foreach ($keys as $key => $val)
304 {
305 if ($key == FALSE)
306 continue;
307
308 self::$flash[$key] = 'new';
309 self::set($key, $val);
310 }
311 }
312
313 /**
314 * Freshen one, multiple or all flash variables.
315 *
316 * @param string variable key(s)
317 * @return void
318 */
319 public function keep_flash($keys = NULL)
320 {
321 $keys = ($keys === NULL) ? array_keys(self::$flash) : func_get_args();
322
323 foreach ($keys as $key)
324 {
325 if (isset(self::$flash[$key]))
326 {
327 self::$flash[$key] = 'new';
328 }
329 }
330 }
331
332 /**
333 * Expires old flash data and removes it from the session.
334 *
335 * @return void
336 */
337 public function expire_flash()
338 {
339 static $run;
340
341 // Method can only be run once
342 if ($run === TRUE)
343 return;
344
345 if ( ! empty(self::$flash))
346 {
347 foreach (self::$flash as $key => $state)
348 {
349 if ($state === 'old')
350 {
351 // Flash has expired
352 unset(self::$flash[$key], $_SESSION[$key]);
353 }
354 else
355 {
356 // Flash will expire
357 self::$flash[$key] = 'old';
358 }
359 }
360 }
361
362 // Method has been run
363 $run = TRUE;
364 }
365
366 /**
367 * Get a variable. Access to sub-arrays is supported with key.subkey.
368 *
369 * @param string variable key
370 * @param mixed default value returned if variable does not exist
371 * @return mixed Variable data if key specified, otherwise array containing all session data.
372 */
373 public function get($key = FALSE, $default = FALSE)
374 {
375 if (empty($key))
376 return $_SESSION;
377
378 $result = isset($_SESSION[$key]) ? $_SESSION[$key] : Kohana::key_string($_SESSION, $key);
379
380 return ($result === NULL) ? $default : $result;
381 }
382
383 /**
384 * Get a variable, and delete it.
385 *
386 * @param string variable key
387 * @param mixed default value returned if variable does not exist
388 * @return mixed
389 */
390 public function get_once($key, $default = FALSE)
391 {
392 $return = self::get($key, $default);
393 self::delete($key);
394
395 return $return;
396 }
397
398 /**
399 * Delete one or more variables.
400 *
401 * @param string variable key(s)
402 * @return void
403 */
404 public function delete($keys)
405 {
406 $args = func_get_args();
407
408 foreach ($args as $key)
409 {
410 if (isset(self::$protect[$key]))
411 continue;
412
413 // Unset the key
414 unset($_SESSION[$key]);
415 }
416 }
417
418 } // End Session Class
This is an effort to rewrite the Nagios GUI in PHP. It uses the Kohana framework to do much of the heavy lifting.