adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 19:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cakephp2-php8/cake/libs/session.php

526 lines
13 KiB
PHP
Raw Normal View History

[1242] Author: phpnut Date: 6:19:00 PM, Thursday, October 27, 2005 Message: removing session directory [1241] Author: phpnut Date: 6:13:46 PM, Thursday, October 27, 2005 Message: added docblocks and temp error messages when trying to use the unimplemeted database for sessions [1239] Author: phpnut Date: 5:28:57 PM, Thursday, October 27, 2005 Message: More work on session. Added config settings to core.php updated model to allow models without a database table. [1237] Author: phpnut Date: 3:50:27 PM, Thursday, October 27, 2005 Message: adding directories for sessions [1235] Author: phpnut Date: 3:36:08 AM, Thursday, October 27, 2005 Message: Typo [1234] Author: phpnut Date: 3:34:07 AM, Thursday, October 27, 2005 Message: More work on the Session classes and adding the first methods the to Security class [1233] Author: phpnut Date: 3:05:46 AM, Thursday, October 27, 2005 Message: Start to core security class added. Moved paths.php to cake/config/ Refactoring Session classes [1232] Author: phpnut Date: 2:20:25 AM, Thursday, October 27, 2005 Message: More work on the core session class. Adding session component class. Added fix for errors messages not working with validation. Added possible fix for inflector now working on the word status. git-svn-id: https://svn.cakephp.org/repo/trunk/cake@1243 3807eeeb-6ff5-0310-8944-8be069107fe0
2005-10-27 23:29:56 +00:00
<?php
/* SVN FILE: $Id$ */
/**
* Short description for file.
*
* Long description for file
*
* PHP versions 4 and 5
*
* CakePHP : Rapid Development Framework <http://www.cakephp.org/>
* Copyright (c) 2005, CakePHP Authors/Developers
*
* Author(s): Larry E. Masters aka PhpNut <nut@phpnut.com>
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @filesource
* @author CakePHP Authors/Developers
* @copyright Copyright (c) 2005, CakePHP Authors/Developers
* @link https://trac.cakephp.org/wiki/Authors Authors/Developers
* @package cake
* @subpackage cake.cake.libs
* @since CakePHP v .0.10.0.1222
* @version $Revision$
* @modifiedby $LastChangedBy$
* @lastmodified $Date$
* @license http://www.opensource.org/licenses/mit-license.php The MIT License
*/
/**
* Short description for file.
*
* Long description for file
*
* @package cake
* @subpackage cake.cake.libs
* @since CakePHP v .0.10.0.1222
*/
class CakeSession extends Object
{
/**
* Enter description here...
*
* @var unknown_type
*/
var $valid = false;
/**
* Enter description here...
*
* @var unknown_type
*/
var $error = false;
/**
* Enter description here...
*
* @var unknown_type
*/
var $ip = false;
/**
* Enter description here...
*
* @var unknown_type
*/
var $userAgent = false;
/**
* Enter description here...
*
* @var unknown_type
*/
var $path = false;
/**
* Enter description here...
*
* @var unknown_type
*/
var $lastError = null;
/**
* Enter description here...
*
* @var unknown_type
*/
var $sessionId = null;
/**
* Enter description here...
*
* @return unknown
*/
function &getInstance()
{
static $instance = array();
if (!$instance)
{
$instance[0] =& new CakeSession;
$instance[0]->host = $_SERVER['HTTP_HOST'];
if (strpos($instance[0]->host, ':') !== false)
{
$instance[0]->host = substr($instance[0]->host,0, strpos($instance[0]->host, ':'));
}
$instance[0]->path = setUri();
if (empty($instance[0]->path))
{
$instance[0]->path = '/';
}
$instance[0]->ip = $_SERVER['REMOTE_ADDR'];
$instance[0]->userAgent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$instance[0]->_initSession();
}
return $instance[0];
}
/**
* Enter description here...
*
* @param unknown_type $name
* @return unknown
*/
function checkSessionVar($name)
{
$cakeSession =& CakeSession::getInstance();
$expression = "return isset(".$cakeSession->_sessionVarNames($name).");";
return eval($expression);
}
/**
* Enter description here...
*
* @param unknown_type $name
* @return unknown
*/
function delSessionVar($name)
{
$cakeSession =& CakeSession::getInstance();
if($cakeSession->check($name))
{
$var = $cakeSession->_sessionVarNames($name);
eval("unset($var);");
return true;
}
$this->_setError(2, "$name doesn't exist");
return false;
}
/**
* Enter description here...
*
* @param unknown_type $errorNumber
* @return unknown
*/
function getError($errorNumber)
{
if(!is_array($this->error) || !array_key_exists($errorNumber, $this->error))
{
return false;
}
else
{
return $this->error[$errorNumber];
}
}
/**
* Enter description here...
*
* @return unknown
*/
function getLastError()
{
if($this->lastError)
{
return $this->getError($this->lastError);
}
else
{
return false;
}
}
/**
* Enter description here...
*
* @return unknown
*/
function isValid()
{
return $this->valid;
}
/**
* Enter description here...
*
* @param unknown_type $name
* @return unknown
*/
function readSessionVar($name)
{
$cakeSession =& CakeSession::getInstance();
if($cakeSession->checkSessionVar($name))
{
$result = eval("return ".$cakeSession->_sessionVarNames($name).";");
return $result;
}
$this->_setError(2, "$name doesn't exist");
return false;
}
/**
* Enter description here...
*
* @param unknown_type $name
* @param unknown_type $value
*/
function writeSessionVar($name, $value)
{
$cakeSession =& CakeSession::getInstance();
$expression = $cakeSession->_sessionVarNames($name);
$expression .= " = \$value;";
eval($expression);
}
/**
* Enter description here...
*
* @access private
*/
function _begin()
{
$cakeSession =& CakeSession::getInstance();
session_cache_limiter("must-revalidate");
session_start();
header('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
$cakeSession->sessionId = session_id();
if($cakeSession->_isActiveSession() == false)
{
$cakeSession->_new();
}
else
{
$cakeSession->_renew();
}
}
/**
* Enter description here...
*
* @access private
*/
function _close()
{
echo "<pre>";
echo "CakeSession::_close() Not Implemented Yet";
echo "</pre>";
die();
}
/**
* Enter description here...
*
* @access private
*/
function _destroy()
{
echo "<pre>";
echo "CakeSession::_destroy() Not Implemented Yet";
echo "</pre>";
die();
}
/**
* Enter description here...
*
* @access private
*/
function _gc()
{
echo "<pre>";
echo "CakeSession::_gc() Not Implemented Yet";
echo "</pre>";
die();
}
/**
* Enter description here...
*
* @access private
*/
function _initSession()
{
$cakeSession =& CakeSession::getInstance();
switch (CAKE_SECURITY)
{
case 'high':
$cookieLifeTime = 0;
ini_set('session.referer_check', $cakeSession->host);
break;
case 'medium':
$cookieLifeTime = 7 * 86400;
break;
case 'low':
default :
$cookieLifeTime = 788940000;
break;
}
switch (CAKE_SESSION_SAVE)
{
case 'cake':
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', '');
ini_set('session.serialize_handler', 'php');
ini_set('session.use_cookies', 1);
ini_set('session.name', CAKE_SESSION_COOKIE);
ini_set('session.cookie_lifetime', $cookieLifeTime);
ini_set('session.cookie_path', $cakeSession->path);
ini_set('session.gc_probability', 1);
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
ini_set('session.auto_start', 0);
ini_set('session.save_path', TMP.'sessions');
break;
case 'database':
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', '');
ini_set('session.save_handler', 'user');
ini_set('session.serialize_handler', 'php');
ini_set('session.use_cookies', 1);
ini_set('session.name', CAKE_SESSION_COOKIE);
ini_set('session.cookie_lifetime', $cookieLifeTime);
ini_set('session.cookie_path', $cakeSession->path);
ini_set('session.gc_probability', 1);
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
ini_set('session.auto_start', 0);
session_set_save_handler(array('CakeSession', '_open'),
array('CakeSession', '_close'),
array('CakeSession', '_read'),
array('CakeSession', '_write'),
array('CakeSession', '_destroy'),
array('CakeSession', '_gc'));
break;
case 'php':
ini_set('session.name', CAKE_SESSION_COOKIE);
ini_set('session.cookie_lifetime', $cookieLifeTime);
ini_set('session.cookie_path', $cakeSession->path);
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
break;
default :
$config = CONFIGS.CAKE_SESSION_SAVE.'.php.';
if(is_file($config))
{
require_once($config);
}
else
{
ini_set('session.name', CAKE_SESSION_COOKIE);
ini_set('session.cookie_lifetime', $cookieLifeTime);
ini_set('session.cookie_path', $cakeSession->path);
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
}
break;
}
$cakeSession->_begin();
}
/**
* Enter description here...
*
* @access private
* @return unknown
*/
function _isActiveSession()
{
return false;
}
/**
* Enter description here...
*
* @access private
*
*/
function _new()
{
$cakeSession =& CakeSession::getInstance();
if(!ereg("proxy\.aol\.com$", gethostbyaddr($cakeSession->ip)))
{
if($cakeSession->readSessionVar("Config"))
{
if($cakeSession->ip == $cakeSession->readSessionVar("Config.ip") && $cakeSession->userAgent == $cakeSession->readSessionVar("Config.userAgent"))
{
$cakeSession->valid = true;
}
else
{
$cakeSession->valid = false;
$cakeSession->_setError(1, "Session Highjacking Attempted !!!");
}
}
else
{
srand((double)microtime() * 1000000);
$cakeSession->writeSessionVar('Config.rand', rand());
$cakeSession->writeSessionVar("Config.ip", $cakeSession->ip);
$cakeSession->writeSessionVar("Config.userAgent", $cakeSession->userAgent);
$cakeSession->valid = true;
}
}
else
{
if(!$cakeSession->readSessionVar("Config"))
{
srand((double)microtime() * 1000000);
$cakeSession->writeSessionVar('Config.rand', rand());
$cakeSession->writeSessionVar("Config.ip", $cakeSession->ip);
$cakeSession->writeSessionVar("Config.userAgent", $cakeSession->userAgent);
}
$cakeSession->valid = true;
}
}
/**
* Enter description here...
*
* @access private
*
*/
function _open()
{
echo "<pre>";
echo "CakeSession::_open() Not Implemented Yet";
echo "</pre>";
die();
}
/**
* Enter description here...
*
* @access private
*
*/
function _read()
{
echo "<pre>";
echo "CakeSession::_read() Not Implemented Yet";
echo "</pre>";
die();
}
/**
* Enter description here...
*
* @access private
*
*/
function _renew()
{
return true;
}
/**
* Enter description here...
*
* @param unknown_type $name
* @return unknown
* @access private
*/
function _sessionVarNames($name)
{
if(is_string($name))
{
if(strpos($name, "."))
{
$names = explode(".", $name);
}
else
{
$names = array($name);
}
$expression = $expression = "\$_SESSION";
foreach($names as $item)
{
$expression .= is_numeric($item) ? "[$item]" : "['$item']";
}
return $expression;
}
return false;
}
/**
* Enter description here...
*
* @param unknown_type $errorNumber
* @param unknown_type $errorMessage
* @access private
*/
function _setError($errorNumber, $errorMessage)
{
if($this->error === false)
{
$this->error = array();
}
$this->error[$errorNumber] = $errorMessage;
$this->lastError = $errorNumber;
}
/**
* Enter description here...
*
* @access private
*/
function _write()
{
echo "<pre>";
echo "CakeSession::_write() Not Implemented Yet";
echo "</pre>";
die();
}
}
?>
Reference in a new issue Copy permalink