4 * @file src/Core/Session.php
6 namespace Friendica\Core;
9 use Friendica\BaseObject;
10 use Friendica\Core\Cache\ICache;
11 use Friendica\Core\Session\CacheSessionHandler;
12 use Friendica\Core\Session\DatabaseSessionHandler;
13 use Friendica\Database\Database;
14 use Friendica\Database\DBA;
15 use Friendica\Model\Contact;
16 use Friendica\Model\User;
17 use Friendica\Util\Strings;
18 use Psr\Log\LoggerInterface;
21 * High-level Session service class
23 * @author Hypolite Petovan <hypolite@mrpetovan.com>
27 public static $exists = false;
28 public static $expire = 180000;
30 public static function init()
32 ini_set('session.gc_probability', 50);
33 ini_set('session.use_only_cookies', 1);
34 ini_set('session.cookie_httponly', 1);
36 if (Config::get('system', 'ssl_policy') == App\BaseURL::SSL_POLICY_FULL) {
37 ini_set('session.cookie_secure', 1);
40 $session_handler = Config::get('system', 'session_handler', 'database');
41 if ($session_handler != 'native') {
42 if ($session_handler == 'cache' && Config::get('system', 'cache_driver', 'database') != 'database') {
43 $SessionHandler = new CacheSessionHandler(
44 BaseObject::getClass(ICache::class),
45 BaseObject::getClass(LoggerInterface::class),
49 $SessionHandler = new DatabaseSessionHandler(
50 BaseObject::getClass(Database::class),
51 BaseObject::getClass(LoggerInterface::class),
56 session_set_save_handler($SessionHandler);
60 public static function exists($name)
62 return isset($_SESSION[$name]);
66 * Retrieves a key from the session super global or the defaults if the key is missing or the value is falsy.
68 * Handle the case where session_start() hasn't been called and the super global isn't available.
71 * @param mixed $defaults
74 public static function get($name, $defaults = null)
76 return $_SESSION[$name] ?? $defaults;
80 * Sets a single session variable.
81 * Overrides value of existing key.
86 public static function set($name, $value)
88 $_SESSION[$name] = $value;
92 * Sets multiple session variables.
93 * Overrides values for existing keys.
95 * @param array $values
97 public static function setMultiple(array $values)
99 $_SESSION = $values + $_SESSION;
103 * Removes a session variable.
104 * Ignores missing keys.
108 public static function remove($name)
110 unset($_SESSION[$name]);
114 * Clears the current session array
116 public static function clear()
124 * Returns contact ID for given user ID
126 * @param integer $uid User ID
127 * @return integer Contact ID of visitor for given user ID
129 public static function getRemoteContactID($uid)
131 if (empty($_SESSION['remote'][$uid])) {
135 return $_SESSION['remote'][$uid];
139 * Returns User ID for given contact ID of the visitor
141 * @param integer $cid Contact ID
142 * @return integer User ID for given contact ID of the visitor
144 public static function getUserIDForVisitorContactID($cid)
146 if (empty($_SESSION['remote'])) {
150 return array_search($cid, $_SESSION['remote']);
154 * Set the session variable that contains the contact IDs for the visitor's contact URL
156 * @param string $url Contact URL
158 public static function setVisitorsContacts()
160 $_SESSION['remote'] = [];
162 $remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
163 while ($contact = DBA::fetch($remote_contacts)) {
164 if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
168 $_SESSION['remote'][$contact['uid']] = $contact['id'];
170 DBA::close($remote_contacts);
174 * Returns if the current visitor is authenticated
176 * @return boolean "true" when visitor is either a local or remote user
178 public static function isAuthenticated()
180 if (empty($_SESSION['authenticated'])) {
184 return $_SESSION['authenticated'];
188 * @brief Kills the "Friendica" cookie and all session data
190 public static function delete()
192 /** @var User\Cookie $cookie */
193 $cookie = BaseObject::getClass(User\Cookie::class);