mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 11:28:25 +00:00
94e5730b41
Author: phpnut Date: 2:11:57 PM, Saturday, November 05, 2005 Message: Fixing Controller::generateFieldNames() to work with changes to Model [1334] Author: phpnut Date: 1:18:02 PM, Saturday, November 05, 2005 Message: More work on changes made in the model to allow association names to be used as an alias. These changes are being made to update scaffold to work with changes in [1330]. Added var $alias that holds an array with the key value pair of the table name and the association name. [1330] Author: phpnut Date: 10:25:16 PM, Friday, November 04, 2005 Message: Adding fix for Ticket #127. The query returns properly now but, this breaks scaffold which I will be fixing soon. Also the save methods for the model have not been tested but I am sure these need to be corrected also. git-svn-id: https://svn.cakephp.org/repo/trunk/cake@1336 3807eeeb-6ff5-0310-8944-8be069107fe0
578 lines
No EOL
14 KiB
PHP
578 lines
No EOL
14 KiB
PHP
<?php
|
|
/* SVN FILE: $Id$ */
|
|
|
|
/**
|
|
* Short description for file.
|
|
*
|
|
* Long description for file
|
|
*
|
|
* PHP versions 4 and 5
|
|
*
|
|
* CakePHP : Rapid Development Framework <http://www.cakephp.org/>
|
|
* Copyright (c) 2005, CakePHP Authors/Developers
|
|
*
|
|
* Author(s): Larry E. Masters aka PhpNut <nut@phpnut.com>
|
|
*
|
|
* Licensed under The MIT License
|
|
* Redistributions of files must retain the above copyright notice.
|
|
*
|
|
* @filesource
|
|
* @author CakePHP Authors/Developers
|
|
* @copyright Copyright (c) 2005, CakePHP Authors/Developers
|
|
* @link https://trac.cakephp.org/wiki/Authors Authors/Developers
|
|
* @package cake
|
|
* @subpackage cake.cake.libs
|
|
* @since CakePHP v .0.10.0.1222
|
|
* @version $Revision$
|
|
* @modifiedby $LastChangedBy$
|
|
* @lastmodified $Date$
|
|
* @license http://www.opensource.org/licenses/mit-license.php The MIT License
|
|
*/
|
|
|
|
/**
|
|
* Short description for file.
|
|
*
|
|
* Long description for file
|
|
*
|
|
* @package cake
|
|
* @subpackage cake.cake.libs
|
|
* @since CakePHP v .0.10.0.1222
|
|
*/
|
|
class CakeSession extends Object
|
|
{
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $valid = false;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $error = false;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $ip = false;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $userAgent = false;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $path = false;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $lastError = null;
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @var unknown_type
|
|
*/
|
|
var $sessionId = null;
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @return unknown
|
|
*/
|
|
|
|
function __construct($base = null)
|
|
{
|
|
$this->host = $_SERVER['HTTP_HOST'];
|
|
if (strpos($this->host, ':') !== false)
|
|
{
|
|
$this->host = substr($this->host,0, strpos($this->host, ':'));
|
|
}
|
|
|
|
if (empty($this->path))
|
|
{
|
|
$dispatcher =& new Dispatcher();
|
|
$this->path = $dispatcher->baseUrl();
|
|
}
|
|
else
|
|
{
|
|
$this->path = $base;
|
|
}
|
|
if (empty($this->path))
|
|
{
|
|
$this->path = '/';
|
|
}
|
|
|
|
$this->ip = $_SERVER['REMOTE_ADDR'];
|
|
$this->userAgent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
|
|
$this->_initSession();
|
|
$this->_begin();
|
|
parent::__construct();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @return unknown
|
|
*/
|
|
function checkSessionVar($name)
|
|
{
|
|
$expression = "return isset(".$this->_sessionVarNames($name).");";
|
|
return eval($expression);
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @return unknown
|
|
*/
|
|
function delSessionVar($name)
|
|
{
|
|
if($this->checkSessionVar($name))
|
|
{
|
|
$var = $this->_sessionVarNames($name);
|
|
eval("unset($var);");
|
|
return true;
|
|
}
|
|
$this->_setError(2, "$name doesn't exist");
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $errorNumber
|
|
* @return unknown
|
|
*/
|
|
function getError($errorNumber)
|
|
{
|
|
if(!is_array($this->error) || !array_key_exists($errorNumber, $this->error))
|
|
{
|
|
return false;
|
|
}
|
|
else
|
|
{
|
|
return $this->error[$errorNumber];
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @return unknown
|
|
*/
|
|
function getLastError()
|
|
{
|
|
|
|
if($this->lastError)
|
|
{
|
|
return $this->getError($this->lastError);
|
|
}
|
|
else
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @return unknown
|
|
*/
|
|
function isValid()
|
|
{
|
|
|
|
return $this->valid;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @return unknown
|
|
*/
|
|
function readSessionVar($name = null)
|
|
{
|
|
if(is_null($name))
|
|
{
|
|
return $this->returnSessionVars();
|
|
}
|
|
|
|
if($this->checkSessionVar($name))
|
|
{
|
|
$result = eval("return ".$this->_sessionVarNames($name).";");
|
|
return $result;
|
|
}
|
|
$this->_setError(2, "$name doesn't exist");
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @return unknown
|
|
*/
|
|
function returnSessionVars()
|
|
{
|
|
|
|
if(!empty($_SESSION))
|
|
{
|
|
$result = eval("return ".$_SESSION.";");
|
|
return $result;
|
|
}
|
|
$this->_setError(2, "No Session vars set");
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @param unknown_type $value
|
|
*/
|
|
function writeSessionVar($name, $value)
|
|
{
|
|
|
|
$expression = $this->_sessionVarNames($name);
|
|
$expression .= " = \$value;";
|
|
eval($expression);
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _begin()
|
|
{
|
|
|
|
if (function_exists('session_write_close'))
|
|
{
|
|
session_write_close();
|
|
}
|
|
|
|
session_cache_limiter("must-revalidate");
|
|
session_start();
|
|
$this->_new();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _close()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_close() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _destroy()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_destroy() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _gc()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_gc() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _initSession()
|
|
{
|
|
|
|
switch (CAKE_SECURITY)
|
|
{
|
|
case 'high':
|
|
$this->cookieLifeTime = 0;
|
|
ini_set('session.referer_check', $this->host);
|
|
break;
|
|
case 'medium':
|
|
$this->cookieLifeTime = 7 * 86400;
|
|
break;
|
|
case 'low':
|
|
default :
|
|
$this->cookieLifeTime = 788940000;
|
|
break;
|
|
}
|
|
|
|
switch (CAKE_SESSION_SAVE)
|
|
{
|
|
case 'cake':
|
|
ini_set('session.use_trans_sid', 0);
|
|
ini_set('url_rewriter.tags', '');
|
|
ini_set('session.serialize_handler', 'php');
|
|
ini_set('session.use_cookies', 1);
|
|
ini_set('session.name', CAKE_SESSION_COOKIE);
|
|
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
|
ini_set('session.cookie_path', $this->path);
|
|
ini_set('session.gc_probability', 1);
|
|
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
|
|
ini_set('session.auto_start', 0);
|
|
ini_set('session.save_path', TMP.'sessions');
|
|
break;
|
|
case 'database':
|
|
ini_set('session.use_trans_sid', 0);
|
|
ini_set('url_rewriter.tags', '');
|
|
ini_set('session.save_handler', 'user');
|
|
ini_set('session.serialize_handler', 'php');
|
|
ini_set('session.use_cookies', 1);
|
|
ini_set('session.name', CAKE_SESSION_COOKIE);
|
|
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
|
ini_set('session.cookie_path', $this->path);
|
|
ini_set('session.gc_probability', 1);
|
|
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
|
|
ini_set('session.auto_start', 0);
|
|
session_set_save_handler(array('CakeSession', '_open'),
|
|
array('CakeSession', '_close'),
|
|
array('CakeSession', '_read'),
|
|
array('CakeSession', '_write'),
|
|
array('CakeSession', '_destroy'),
|
|
array('CakeSession', '_gc'));
|
|
break;
|
|
case 'php':
|
|
ini_set('session.name', CAKE_SESSION_COOKIE);
|
|
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
|
ini_set('session.cookie_path', $this->path);
|
|
ini_set('session.gc_probability', 1);
|
|
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
|
|
break;
|
|
default :
|
|
$config = CONFIGS.CAKE_SESSION_SAVE.'.php.';
|
|
if(is_file($config))
|
|
{
|
|
require_once($config);
|
|
}
|
|
else
|
|
{
|
|
ini_set('session.name', CAKE_SESSION_COOKIE);
|
|
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
|
|
ini_set('session.cookie_path', $this->path);
|
|
ini_set('session.gc_probability', 1);
|
|
ini_set('session.gc_maxlifetime', Security::inactiveMins() * 60);
|
|
}
|
|
break;
|
|
}
|
|
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*
|
|
*/
|
|
function _new()
|
|
{
|
|
|
|
if(!ereg("proxy\.aol\.com$", gethostbyaddr($this->ip)))
|
|
{
|
|
if($this->readSessionVar("Config"))
|
|
{
|
|
if($this->ip == $this->readSessionVar("Config.ip") && $this->userAgent == $this->readSessionVar("Config.userAgent"))
|
|
{
|
|
$this->valid = true;
|
|
}
|
|
else
|
|
{
|
|
$this->valid = false;
|
|
$this->_setError(1, "Session Highjacking Attempted !!!");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
srand((double)microtime() * 1000000);
|
|
$this->writeSessionVar('Config.rand', rand());
|
|
$this->writeSessionVar("Config.ip", $this->ip);
|
|
$this->writeSessionVar("Config.userAgent", $this->userAgent);
|
|
$this->valid = true;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if(!$this->readSessionVar("Config"))
|
|
{
|
|
srand((double)microtime() * 1000000);
|
|
$this->writeSessionVar('Config.rand', rand());
|
|
$this->writeSessionVar("Config.ip", $this->ip);
|
|
$this->writeSessionVar("Config.userAgent", $this->userAgent);
|
|
}
|
|
$this->valid = true;
|
|
}
|
|
|
|
if(CAKE_SECURITY == 'high')
|
|
{
|
|
$this->_regenerateId();
|
|
}
|
|
header('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*
|
|
*/
|
|
function _open()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_open() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*
|
|
*/
|
|
function _read()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_read() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
*
|
|
* @access private
|
|
*
|
|
*/
|
|
function _regenerateId()
|
|
{
|
|
|
|
$oldSessionId = session_id();
|
|
session_regenerate_id();
|
|
$newSessid = session_id();
|
|
if (function_exists('session_write_close'))
|
|
{
|
|
if(CAKE_SECURITY == 'high')
|
|
{
|
|
if (isset($_COOKIE[session_name()]))
|
|
{
|
|
setcookie(CAKE_SESSION_COOKIE, '', time()-42000, $this->path);
|
|
}
|
|
$file = ini_get('session.save_path')."/sess_$oldSessionId";
|
|
@unlink($file);
|
|
}
|
|
session_write_close();
|
|
$this->_initSession();
|
|
session_id($newSessid);
|
|
session_start();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*
|
|
*/
|
|
function _renew()
|
|
{
|
|
$this->_regenerateId();
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $name
|
|
* @return unknown
|
|
* @access private
|
|
*/
|
|
function _sessionVarNames($name)
|
|
{
|
|
|
|
if(is_string($name))
|
|
{
|
|
if(strpos($name, "."))
|
|
{
|
|
$names = explode(".", $name);
|
|
}
|
|
else
|
|
{
|
|
$names = array($name);
|
|
}
|
|
$expression = $expression = "\$_SESSION";
|
|
|
|
foreach($names as $item)
|
|
{
|
|
$expression .= is_numeric($item) ? "[$item]" : "['$item']";
|
|
}
|
|
return $expression;
|
|
}
|
|
$this->setError(3, "$name is not a string");
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @param unknown_type $errorNumber
|
|
* @param unknown_type $errorMessage
|
|
* @access private
|
|
*/
|
|
function _setError($errorNumber, $errorMessage)
|
|
{
|
|
|
|
if($this->error === false)
|
|
{
|
|
$this->error = array();
|
|
}
|
|
|
|
$this->error[$errorNumber] = $errorMessage;
|
|
$this->lastError = $errorNumber;
|
|
}
|
|
|
|
/**
|
|
* Enter description here...
|
|
*
|
|
* @access private
|
|
*/
|
|
function _write()
|
|
{
|
|
echo "<pre>";
|
|
echo "CakeSession::_write() Not Implemented Yet";
|
|
echo "</pre>";
|
|
die();
|
|
}
|
|
}
|
|
?>
|