3 * @copyright Copyright (C) 2010-2023, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Core\Session\Handler;
24 use Friendica\Database\Database as DBA;
25 use Psr\Log\LoggerInterface;
28 * SessionHandler using database
30 class Database extends AbstractSessionHandler
34 /** @var LoggerInterface */
36 /** @var array The $_SERVER variable */
38 /** @var bool global check, if the current Session exists */
39 private $sessionExists = false;
42 * DatabaseSessionHandler constructor.
45 * @param LoggerInterface $logger
46 * @param array $server
48 public function __construct(DBA $dba, LoggerInterface $logger, array $server)
51 $this->logger = $logger;
52 $this->server = $server;
55 public function open($path, $name): bool
60 #[\ReturnTypeWillChange]
61 public function read($id)
68 $session = $this->dba->selectFirst('session', ['data'], ['sid' => $id]);
69 if ($this->dba->isResult($session)) {
70 $this->sessionExists = true;
71 return $session['data'];
73 } catch (\Exception $exception) {
74 $this->logger->warning('Cannot read session.', ['id' => $id, 'exception' => $exception]);
78 $this->logger->notice('no data for session', ['session_id' => $id, 'uri' => $this->server['REQUEST_URI'] ?? '']);
84 * Standard PHP session write callback
86 * This callback updates the DB-stored session data and/or the expiration depending
87 * on the case. Uses the Session::expire global for existing session, 5 minutes
88 * for newly created session.
90 * @param string $id Session ID with format: [a-z0-9]{26}
91 * @param string $data Serialized session data
93 * @return bool Returns false if parameters are missing, true otherwise
95 public function write($id, $data): bool
102 return $this->destroy($id);
105 $expire = time() + static::EXPIRE;
106 $default_expire = time() + 300;
109 if ($this->sessionExists) {
110 $fields = ['data' => $data, 'expire' => $expire];
111 $condition = ["`sid` = ? AND (`data` != ? OR `expire` != ?)", $id, $data, $expire];
112 $this->dba->update('session', $fields, $condition);
114 $fields = ['sid' => $id, 'expire' => $default_expire, 'data' => $data];
115 $this->dba->insert('session', $fields);
117 } catch (\Exception $exception) {
118 $this->logger->warning('Cannot write session.', ['id' => $id, 'exception' => $exception]);
125 public function close(): bool
130 public function destroy($id): bool
133 return $this->dba->delete('session', ['sid' => $id]);
134 } catch (\Exception $exception) {
135 $this->logger->warning('Cannot destroy session.', ['id' => $id, 'exception' => $exception]);
140 #[\ReturnTypeWillChange]
141 public function gc($max_lifetime): bool
144 return $this->dba->delete('session', ["`expire` < ?", time()]);
145 } catch (\Exception $exception) {
146 $this->logger->warning('Cannot use garbage collector.', ['exception' => $exception]);