From cb511b95edd385aa32e6492d43f46a9de6576dc4 Mon Sep 17 00:00:00 2001 From: nate Date: Tue, 20 Feb 2007 19:51:58 +0000 Subject: [PATCH] Removing eval() calls from Session and replacing with Set methods git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@4545 3807eeeb-6ff5-0310-8944-8be069107fe0 --- cake/libs/session.php | 75 +++++++++++++++++++++++++++++++++++++++---- cake/libs/set.php | 2 +- 2 files changed, 70 insertions(+), 7 deletions(-) diff --git a/cake/libs/session.php b/cake/libs/session.php index e1ffbc7d4..4e03b0091 100644 --- a/cake/libs/session.php +++ b/cake/libs/session.php @@ -107,6 +107,13 @@ class CakeSession extends Object { * @access public */ var $sessionTime = false; +/** + * Keeps track of keys to watch for writes on + * + * @var array + * @access public + */ + var $watchKeys = array(); /** * Constructor. * @@ -198,12 +205,33 @@ class CakeSession extends Object { if (empty($var)) { return false; } - eval ("unset($var);"); - return true; + if (in_array($var, $this->watchKeys)) { + trigger_error('Deleting session key {' . $var . '}', E_USER_NOTICE); + } + $this->__overwrite($_SESSION, Set::remove($_SESSION, $var)); + return ($this->check($var) == false); } $this->__setError(2, "$name doesn't exist"); return false; } +/** + * Used to write new data to _SESSION, since PHP doesn't like us setting the _SESSION var itself + * + * @param array $old + * @param array $new + * @return void + * @access private + */ + function __overwrite(&$old, $new) { + foreach ($old as $key => $var) { + if (!isset($new[$key])) { + unset($old[$key]); + } + } + foreach ($new as $key => $var) { + $old[$key] = $var; + } + } /** * Return error description for given error number. * @@ -275,12 +303,44 @@ class CakeSession extends Object { $this->__setError(2, "No Session vars set"); return false; } +/** + * Tells Session to write a notification when a certain session path or subpath is written to + * + * @param mixed $var The variable path to watch + * @return void + */ + function watch($var) { + $var = $this->__validateKeys($var); + if (empty($var)) { + return false; + } + $this->watchKeys[] = $var; + } +/** + * Tells Session to stop watching a given key path + * + * @param mixed $var The variable path to watch + * @return void + */ + function ignore($var) { + $var = $this->__validateKeys($var); + if (!in_array($var, $this->watchKeys)) { + return; + } + foreach ($this->watchKeys as $i => $key) { + if ($key == $var) { + unset($this->watchKeys[$i]); + $this->watchKeys = array_values($this->watchKeys); + return; + } + } + } /** * Writes value to given session variable name. * * @param mixed $name * @param string $value - * @return void + * @return boolean True if the write was successful, false if the write failed */ function write($name, $value) { $var = $this->__validateKeys($name); @@ -288,8 +348,11 @@ class CakeSession extends Object { if (empty($var)) { return false; } - $result = Set::insert($_SESSION, $var, $value); - return (!empty($result)); + if (in_array($var, $this->watchKeys)) { + trigger_error('Writing session key {' . $var . '}: ' . Debugger::exportVar($value), E_USER_NOTICE); + } + $this->__overwrite($_SESSION, Set::insert($_SESSION, $var, $value)); + return (Set::extract($_SESSION, $var) == $value); } /** * Method called on close of a database @@ -442,7 +505,7 @@ class CakeSession extends Object { * */ function __checkValid() { - if ($this->read("Config")) { + if ($this->read('Config')) { if ($this->_userAgent == $this->read("Config.userAgent") && $this->time <= $this->read("Config.time")) { $this->write("Config.time", $this->sessionTime); $this->valid = true; diff --git a/cake/libs/set.php b/cake/libs/set.php index cee513413..6157c3c5e 100644 --- a/cake/libs/set.php +++ b/cake/libs/set.php @@ -252,7 +252,7 @@ class Set extends Object { * @param mixed $path A dot-separated string. * @return array */ - function insert(&$list, $path, $data = null) { + function insert($list, $path, $data = null) { if (empty($data) && is_a($this, 'Set')) { $data = $path; $path = $list;