2016-04-08 11:44:10 +00:00
|
|
|
<?php
|
|
|
|
|
|
2022-02-16 04:08:28 +00:00
|
|
|
namespace Code\Web;
|
2016-04-08 11:44:10 +00:00
|
|
|
|
2019-06-16 01:30:10 +00:00
|
|
|
use SessionHandlerInterface;
|
2016-04-08 11:44:10 +00:00
|
|
|
|
2021-12-02 23:02:31 +00:00
|
|
|
class SessionHandler implements SessionHandlerInterface
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function open($s, $n)
|
|
|
|
|
{
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// IMPORTANT: if we read the session and it doesn't exist, create an empty record.
|
|
|
|
|
// We rely on this due to differing PHP implementation of session_regenerate_id()
|
|
|
|
|
// some which call read explicitly and some that do not. So we call it explicitly
|
|
|
|
|
// just after sid regeneration to force a record to exist.
|
|
|
|
|
|
|
|
|
|
public function read($id)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if ($id) {
|
|
|
|
|
$r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id));
|
|
|
|
|
|
|
|
|
|
if ($r) {
|
|
|
|
|
return $r[0]['sess_data'];
|
|
|
|
|
} else {
|
2021-12-03 03:01:39 +00:00
|
|
|
q(
|
|
|
|
|
"INSERT INTO session (sess_data, sid, expire) values ('%s', '%s', '%s')",
|
2021-12-02 23:02:31 +00:00
|
|
|
dbesc(''),
|
|
|
|
|
dbesc($id),
|
|
|
|
|
dbesc(time() + 1800)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function write($id, $data)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
// Pretend everything is hunky-dory, even though it isn't. There probably isn't anything
|
|
|
|
|
// we can do about it in any event.
|
|
|
|
|
|
|
|
|
|
if (!$id) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Unless we authenticate somehow, only keep a session for 30 minutes
|
|
|
|
|
// The viewer can extend this by performing any web action using the
|
|
|
|
|
// original cookie, but this allows us to cleanup the hundreds or
|
|
|
|
|
// thousands of empty sessions left around from web crawlers which are
|
|
|
|
|
// assigned cookies on each page that they never use.
|
|
|
|
|
|
|
|
|
|
$expire = time() + 1800;
|
|
|
|
|
|
|
|
|
|
if ($_SESSION) {
|
2021-12-03 03:01:39 +00:00
|
|
|
if (array_key_exists('remember_me', $_SESSION) && intval($_SESSION['remember_me'])) {
|
2021-12-02 23:02:31 +00:00
|
|
|
$expire = time() + (60 * 60 * 24 * 365);
|
2021-12-03 03:01:39 +00:00
|
|
|
} elseif (local_channel()) {
|
2021-12-02 23:02:31 +00:00
|
|
|
$expire = time() + (60 * 60 * 24 * 3);
|
2021-12-03 03:01:39 +00:00
|
|
|
} elseif (remote_channel()) {
|
2021-12-02 23:02:31 +00:00
|
|
|
$expire = time() + (60 * 60 * 24 * 1);
|
2021-12-03 03:01:39 +00:00
|
|
|
}
|
2021-12-02 23:02:31 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-03 03:01:39 +00:00
|
|
|
q(
|
|
|
|
|
"UPDATE session
|
2016-10-04 04:48:53 +00:00
|
|
|
SET sess_data = '%s', expire = '%s' WHERE sid = '%s'",
|
2021-12-02 23:02:31 +00:00
|
|
|
dbesc($data),
|
|
|
|
|
dbesc($expire),
|
|
|
|
|
dbesc($id)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2016-04-13 02:40:19 +00:00
|
|
|
|
2016-04-08 11:44:10 +00:00
|
|
|
|
2021-12-02 23:02:31 +00:00
|
|
|
public function close()
|
|
|
|
|
{
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2016-04-08 11:44:10 +00:00
|
|
|
|
|
|
|
|
|
2021-12-02 23:02:31 +00:00
|
|
|
public function destroy($id)
|
|
|
|
|
{
|
|
|
|
|
q("DELETE FROM session WHERE sid = '%s'", dbesc($id));
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2016-04-08 11:44:10 +00:00
|
|
|
|
|
|
|
|
|
2021-12-02 23:02:31 +00:00
|
|
|
public function gc($expire)
|
|
|
|
|
{
|
|
|
|
|
q("DELETE FROM session WHERE expire < %d", dbesc(time()));
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2016-04-13 02:40:19 +00:00
|
|
|
}
|
