*/
public static function getRemoteContactID($uid)
{
- if (empty($_SESSION['remote'][$uid])) {
+ /** @var ISession $session */
+ $session = self::getClass(ISession::class);
+
+ if (empty($session->get('remote')[$uid])) {
return false;
}
- return $_SESSION['remote'][$uid];
+ return $session->get('remote')[$uid];
}
/**
*/
public static function getUserIDForVisitorContactID($cid)
{
- if (empty($_SESSION['remote'])) {
+ /** @var ISession $session */
+ $session = self::getClass(ISession::class);
+
+ if (empty($session->get('remote'))) {
return false;
}
- return array_search($cid, $_SESSION['remote']);
+ return array_search($cid, $session->get('remote'));
}
/**
*/
public static function setVisitorsContacts()
{
- $_SESSION['remote'] = [];
+ /** @var ISession $session */
+ $session = self::getClass(ISession::class);
- $remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
+ $session->set('remote', []);
+
+ $remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($session->get('my_url')), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
while ($contact = DBA::fetch($remote_contacts)) {
if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
continue;
}
- $_SESSION['remote'][$contact['uid']] = $contact['id'];
+ $session->set('remote', [$contact['uid'] => $contact['id']]);
}
DBA::close($remote_contacts);
}
*/
public static function isAuthenticated()
{
- if (empty($_SESSION['authenticated'])) {
- return false;
- }
-
- return $_SESSION['authenticated'];
- }
+ /** @var ISession $session */
+ $session = self::getClass(ISession::class);
- public static function delete()
- {
- self::getClass(ISession::class)->delete();
+ return $session->get('authenticated', false);
}
}
--- /dev/null
+<?php
+
+
+namespace Friendica\Core\Session;
+
+use Friendica\Model\User\Cookie;
+
+/**
+ * Contains the base methods for $_SESSION interaction
+ */
+class AbstractSession
+{
+ /** @var Cookie */
+ protected $cookie;
+
+ public function __construct( Cookie $cookie)
+ {
+ $this->cookie = $cookie;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function start()
+ {
+ return $this;
+ }
+
+ /**
+ * {@inheritDoc}}
+ */
+ public function exists(string $name)
+ {
+ return isset($_SESSION[$name]);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function get(string $name, $defaults = null)
+ {
+ return $_SESSION[$name] ?? $defaults;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function set(string $name, $value)
+ {
+ $_SESSION[$name] = $value;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function setMultiple(array $values)
+ {
+ $_SESSION = $values + $_SESSION;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function remove(string $name)
+ {
+ unset($_SESSION[$name]);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function clear()
+ {
+ $_SESSION = [];
+ }
+}
+++ /dev/null
-<?php
-
-namespace Friendica\Core\Session;
-
-use Friendica\Core\Cache\ICache;
-use Friendica\Core\Config\Configuration;
-use Friendica\Core\Session;
-use Friendica\Model\User\Cookie;
-use Psr\Log\LoggerInterface;
-use SessionHandlerInterface;
-
-/**
- * SessionHandler using Friendica Cache
- *
- * @author Hypolite Petovan <hypolite@mrpetovan.com>
- */
-final class Cache extends Native implements SessionHandlerInterface
-{
- /** @var ICache */
- private $cache;
- /** @var LoggerInterface */
- private $logger;
- /** @var array The $_SERVER array */
- private $server;
-
- public function __construct(Configuration $config, Cookie $cookie, ICache $cache, LoggerInterface $logger, array $server)
- {
- parent::__construct($config, $cookie);
-
- $this->cache = $cache;
- $this->logger = $logger;
- $this->server = $server;
-
- session_set_save_handler($this);
- }
-
- public function open($save_path, $session_name)
- {
- return true;
- }
-
- public function read($session_id)
- {
- if (empty($session_id)) {
- return '';
- }
-
- $data = $this->cache->get('session:' . $session_id);
- if (!empty($data)) {
- Session::$exists = true;
- return $data;
- }
-
- $this->logger->notice('no data for session', ['session_id' => $session_id, 'uri' => $this->server['REQUEST_URI'] ?? '']);
-
- return '';
- }
-
- /**
- * @brief Standard PHP session write callback
- *
- * This callback updates the stored session data and/or the expiration depending
- * on the case. Uses the Session::expire for existing session, 5 minutes
- * for newly created session.
- *
- * @param string $session_id Session ID with format: [a-z0-9]{26}
- * @param string $session_data Serialized session data
- *
- * @return boolean Returns false if parameters are missing, true otherwise
- * @throws \Exception
- */
- public function write($session_id, $session_data)
- {
- if (!$session_id) {
- return false;
- }
-
- if (!$session_data) {
- return true;
- }
-
- return $this->cache->set('session:' . $session_id, $session_data, Session::$expire);
- }
-
- public function close()
- {
- return true;
- }
-
- public function destroy($id)
- {
- return $this->cache->delete('session:' . $id);
- }
-
- public function gc($maxlifetime)
- {
- return true;
- }
-}
+++ /dev/null
-<?php
-
-namespace Friendica\Core\Session;
-
-use Friendica\Core\Config\Configuration;
-use Friendica\Core\Session;
-use Friendica\Database\Database as DBA;
-use Friendica\Model\User\Cookie;
-use Psr\Log\LoggerInterface;
-use SessionHandlerInterface;
-
-/**
- * SessionHandler using database
- *
- * @author Hypolite Petovan <hypolite@mrpetovan.com>
- */
-final class Database extends Native implements SessionHandlerInterface
-{
- /** @var DBA */
- private $dba;
- /** @var LoggerInterface */
- private $logger;
- /** @var array The $_SERVER variable */
- private $server;
-
- /**
- * DatabaseSessionHandler constructor.
- *
- * @param Database $dba
- * @param LoggerInterface $logger
- * @param array $server
- */
- public function __construct(Configuration $config, Cookie $cookie, DBA $dba, LoggerInterface $logger, array $server)
- {
- parent::__construct($config, $cookie);
-
- $this->dba = $dba;
- $this->logger = $logger;
- $this->server = $server;
-
- session_set_save_handler($this);
- }
-
- public function open($save_path, $session_name)
- {
- return true;
- }
-
- public function read($session_id)
- {
- if (empty($session_id)) {
- return '';
- }
-
- $session = $this->dba->selectFirst('session', ['data'], ['sid' => $session_id]);
- if ($this->dba->isResult($session)) {
- Session::$exists = true;
- return $session['data'];
- }
-
- $this->logger->notice('no data for session', ['session_id' => $session_id, 'uri' => $this->server['REQUEST_URI'] ?? '']);
-
- return '';
- }
-
- /**
- * @brief Standard PHP session write callback
- *
- * This callback updates the DB-stored session data and/or the expiration depending
- * on the case. Uses the Session::expire global for existing session, 5 minutes
- * for newly created session.
- *
- * @param string $session_id Session ID with format: [a-z0-9]{26}
- * @param string $session_data Serialized session data
- *
- * @return boolean Returns false if parameters are missing, true otherwise
- * @throws \Exception
- */
- public function write($session_id, $session_data)
- {
- if (!$session_id) {
- return false;
- }
-
- if (!$session_data) {
- return true;
- }
-
- $expire = time() + Session::$expire;
- $default_expire = time() + 300;
-
- if (Session::$exists) {
- $fields = ['data' => $session_data, 'expire' => $expire];
- $condition = ["`sid` = ? AND (`data` != ? OR `expire` != ?)", $session_id, $session_data, $expire];
- $this->dba->update('session', $fields, $condition);
- } else {
- $fields = ['sid' => $session_id, 'expire' => $default_expire, 'data' => $session_data];
- $this->dba->insert('session', $fields);
- }
-
- return true;
- }
-
- public function close()
- {
- return true;
- }
-
- public function destroy($id)
- {
- return $this->dba->delete('session', ['sid' => $id]);
- }
-
- public function gc($maxlifetime)
- {
- return $this->dba->delete('session', ["`expire` < ?", time()]);
- }
-}
--- /dev/null
+<?php
+
+namespace Friendica\Core\Session\Handler;
+
+use Friendica\Core\Cache\ICache;
+use Friendica\Core\Session;
+use Psr\Log\LoggerInterface;
+use SessionHandlerInterface;
+
+/**
+ * SessionHandler using Friendica Cache
+ *
+ * @author Hypolite Petovan <hypolite@mrpetovan.com>
+ */
+final class Cache implements SessionHandlerInterface
+{
+ /** @var ICache */
+ private $cache;
+ /** @var LoggerInterface */
+ private $logger;
+ /** @var array The $_SERVER array */
+ private $server;
+
+ public function __construct(ICache $cache, LoggerInterface $logger, array $server)
+ {
+ $this->cache = $cache;
+ $this->logger = $logger;
+ $this->server = $server;
+ }
+
+ public function open($save_path, $session_name)
+ {
+ return true;
+ }
+
+ public function read($session_id)
+ {
+ if (empty($session_id)) {
+ return '';
+ }
+
+ $data = $this->cache->get('session:' . $session_id);
+ if (!empty($data)) {
+ Session::$exists = true;
+ return $data;
+ }
+
+ $this->logger->notice('no data for session', ['session_id' => $session_id, 'uri' => $this->server['REQUEST_URI'] ?? '']);
+
+ return '';
+ }
+
+ /**
+ * @brief Standard PHP session write callback
+ *
+ * This callback updates the stored session data and/or the expiration depending
+ * on the case. Uses the Session::expire for existing session, 5 minutes
+ * for newly created session.
+ *
+ * @param string $session_id Session ID with format: [a-z0-9]{26}
+ * @param string $session_data Serialized session data
+ *
+ * @return boolean Returns false if parameters are missing, true otherwise
+ * @throws \Exception
+ */
+ public function write($session_id, $session_data)
+ {
+ if (!$session_id) {
+ return false;
+ }
+
+ if (!$session_data) {
+ return true;
+ }
+
+ return $this->cache->set('session:' . $session_id, $session_data, Session::$expire);
+ }
+
+ public function close()
+ {
+ return true;
+ }
+
+ public function destroy($id)
+ {
+ return $this->cache->delete('session:' . $id);
+ }
+
+ public function gc($maxlifetime)
+ {
+ return true;
+ }
+}
--- /dev/null
+<?php
+
+namespace Friendica\Core\Session\Handler;
+
+use Friendica\Core\Session;
+use Friendica\Database\Database as DBA;
+use Psr\Log\LoggerInterface;
+use SessionHandlerInterface;
+
+/**
+ * SessionHandler using database
+ *
+ * @author Hypolite Petovan <hypolite@mrpetovan.com>
+ */
+final class Database implements SessionHandlerInterface
+{
+ /** @var DBA */
+ private $dba;
+ /** @var LoggerInterface */
+ private $logger;
+ /** @var array The $_SERVER variable */
+ private $server;
+
+ /**
+ * DatabaseSessionHandler constructor.
+ *
+ * @param DBA $dba
+ * @param LoggerInterface $logger
+ * @param array $server
+ */
+ public function __construct(DBA $dba, LoggerInterface $logger, array $server)
+ {
+ $this->dba = $dba;
+ $this->logger = $logger;
+ $this->server = $server;
+ }
+
+ public function open($save_path, $session_name)
+ {
+ return true;
+ }
+
+ public function read($session_id)
+ {
+ if (empty($session_id)) {
+ return '';
+ }
+
+ $session = $this->dba->selectFirst('session', ['data'], ['sid' => $session_id]);
+ if ($this->dba->isResult($session)) {
+ Session::$exists = true;
+ return $session['data'];
+ }
+
+ $this->logger->notice('no data for session', ['session_id' => $session_id, 'uri' => $this->server['REQUEST_URI'] ?? '']);
+
+ return '';
+ }
+
+ /**
+ * @brief Standard PHP session write callback
+ *
+ * This callback updates the DB-stored session data and/or the expiration depending
+ * on the case. Uses the Session::expire global for existing session, 5 minutes
+ * for newly created session.
+ *
+ * @param string $session_id Session ID with format: [a-z0-9]{26}
+ * @param string $session_data Serialized session data
+ *
+ * @return boolean Returns false if parameters are missing, true otherwise
+ * @throws \Exception
+ */
+ public function write($session_id, $session_data)
+ {
+ if (!$session_id) {
+ return false;
+ }
+
+ if (!$session_data) {
+ return true;
+ }
+
+ $expire = time() + Session::$expire;
+ $default_expire = time() + 300;
+
+ if (Session::$exists) {
+ $fields = ['data' => $session_data, 'expire' => $expire];
+ $condition = ["`sid` = ? AND (`data` != ? OR `expire` != ?)", $session_id, $session_data, $expire];
+ $this->dba->update('session', $fields, $condition);
+ } else {
+ $fields = ['sid' => $session_id, 'expire' => $default_expire, 'data' => $session_data];
+ $this->dba->insert('session', $fields);
+ }
+
+ return true;
+ }
+
+ public function close()
+ {
+ return true;
+ }
+
+ public function destroy($id)
+ {
+ return $this->dba->delete('session', ['sid' => $id]);
+ }
+
+ public function gc($maxlifetime)
+ {
+ return $this->dba->delete('session', ["`expire` < ?", time()]);
+ }
+}
* Handle the case where session_start() hasn't been called and the super global isn't available.
*
* @param string $name
- * @param mixed $defaults
+ * @param mixed $defaults
+ *
* @return mixed
*/
public function get(string $name, $defaults = null);
* Overrides value of existing key.
*
* @param string $name
- * @param mixed $value
+ * @param mixed $value
*/
public function set(string $name, $value);
* Clears the current session array
*/
public function clear();
-
- /**
- * Kills the "Friendica" cookie and all session data
- */
- public function delete();
}
namespace Friendica\Core\Session;
-use Friendica\Core\Config\Configuration;
use Friendica\Model\User\Cookie;
/**
*
* @todo after replacing the last direct $_SESSION call, use a internal array instead of the global variable
*/
-final class Memory extends Native
+final class Memory extends AbstractSession implements ISession
{
- public function __construct(Configuration $config, Cookie $cookie)
+ public function __construct(Cookie $cookie)
{
- $this->cookie = $cookie;
- }
+ parent::__construct($cookie);
- public function start()
- {
// Backward compatibility until all Session variables are replaced
// with the Session class
$_SESSION = [];
- $this->clear();
- return $this;
}
}
namespace Friendica\Core\Session;
-use Friendica\Core\Config\Configuration;
use Friendica\App;
use Friendica\Model\User\Cookie;
+use SessionHandlerInterface;
/**
- * The native Session class which uses the PHP internal Session function
+ * The native Session class which uses the PHP internal Session functions
*/
-class Native implements ISession
+final class Native extends AbstractSession implements ISession
{
- /** @var Cookie */
- protected $cookie;
-
- public function __construct(Configuration $config, Cookie $cookie)
+ public function __construct(App\BaseURL $baseURL, Cookie $cookie, SessionHandlerInterface $handler = null)
{
+ parent::__construct($cookie);
+
ini_set('session.gc_probability', 50);
ini_set('session.use_only_cookies', 1);
- ini_set('session.cookie_httponly', 1);
+ ini_set('session.cookie_httponly', (int)Cookie::HTTPONLY);
- if ($config->get('system', 'ssl_policy') == App\BaseURL::SSL_POLICY_FULL) {
+ if ($baseURL->getSSLPolicy() == App\BaseURL::SSL_POLICY_FULL) {
ini_set('session.cookie_secure', 1);
}
- $this->cookie = $cookie;
+ if (isset($handler)) {
+ session_set_save_handler($handler);
+ }
}
/**
session_start();
return $this;
}
-
- /**
- * {@inheritDoc}}
- */
- public function exists(string $name)
- {
- return isset($_SESSION[$name]);
- }
-
- /**
- * {@inheritDoc}
- */
- public function get(string $name, $defaults = null)
- {
- return $_SESSION[$name] ?? $defaults;
- }
-
- /**
- * {@inheritDoc}
- */
- public function set(string $name, $value)
- {
- $_SESSION[$name] = $value;
- }
-
- /**
- * {@inheritDoc}
- */
- public function setMultiple(array $values)
- {
- $_SESSION = $values + $_SESSION;
- }
-
- /**
- * {@inheritDoc}
- */
- public function remove(string $name)
- {
- unset($_SESSION[$name]);
- }
-
- /**
- * {@inheritDoc}
- */
- public function clear()
- {
- $_SESSION = [];
- }
-
- /**
- * @brief Kills the "Friendica" cookie and all session data
- */
- public function delete()
- {
- $this->cookie->clear();
- $_SESSION = [];
- }
}
class SessionFactory
{
/** @var string The plain, PHP internal session management */
- const INTERNAL = 'native';
+ const HANDLER_NATIVE = 'native';
/** @var string Using the database for session management */
- const DATABASE = 'database';
+ const HANDLER_DATABASE = 'database';
/** @var string Using the cache for session management */
- const CACHE = 'cache';
- /** @var string A temporary cached session */
- const MEMORY = 'memory';
- /** @var string The default type for Session management in case of no config */
- const DEFAULT = self::DATABASE;
+ const HANDLER_CACHE = 'cache';
+
+ const HANDLER_DEFAULT = self::HANDLER_DATABASE;
/**
* @param App\Mode $mode
+ * @param App\BaseURL $baseURL
* @param Configuration $config
* @param Cookie $cookie
* @param Database $dba
*
* @return Session\ISession
*/
- public function createSession(App\Mode $mode, Configuration $config, Cookie $cookie, Database $dba, ICache $cache, LoggerInterface $logger, Profiler $profiler, array $server = [])
+ public function createSession(App\Mode $mode, App\BaseURL $baseURL, Configuration $config, Cookie $cookie, Database $dba, ICache $cache, LoggerInterface $logger, Profiler $profiler, array $server = [])
{
$stamp1 = microtime(true);
$session = null;
try {
if ($mode->isInstall() || $mode->isBackend()) {
- $session = new Session\Memory($config, $cookie);
+ $session = new Session\Memory($cookie);
} else {
- $session_handler = $config->get('system', 'session_handler', self::DEFAULT);
+ $session_handler = $config->get('system', 'session_handler', self::HANDLER_DEFAULT);
+ $handler = null;
switch ($session_handler) {
- case self::INTERNAL:
- $session = new Session\Native($config, $cookie);
- break;
- case self::DATABASE:
- default:
- $session = new Session\Database($config, $cookie, $dba, $logger, $server);
+ case self::HANDLER_DATABASE:
+ $handler = new Session\Handler\Database($dba, $logger, $server);
break;
- case self::CACHE:
+ case self::HANDLER_CACHE:
// In case we're using the db as cache driver, use the native db session, not the cache
if ($config->get('system', 'cache_driver') === Cache::TYPE_DATABASE) {
- $session = new Session\Database($config, $cookie, $dba, $logger, $server);
+ $handler = new Session\Handler\Database($dba, $logger, $server);
} else {
- $session = new Session\Cache($config, $cookie, $cache, $logger, $server);
+ $handler = new Session\Handler\Cache($cache, $logger, $server);
}
break;
}
+
+ $session = new Session\Native($baseURL, $cookie, $handler);
}
} finally {
$profiler->saveTimestamp($stamp1, 'parser', System::callstack());
/** @var array The $_COOKIE array */
private $cookie;
- public function __construct(Configuration $config, array $server = [], array $cookie = [])
+ public function __construct(Configuration $config, App\BaseURL $baseURL, array $server = [], array $cookie = [])
{
if (!empty($server['REMOTE_ADDR'])) {
$this->remoteAddr = $server['REMOTE_ADDR'];
}
- $this->sslEnabled = $config->get('system', 'ssl_policy') === App\BaseURL::SSL_POLICY_FULL;
+ $this->sslEnabled = $baseURL->getSSLPolicy() === App\BaseURL::SSL_POLICY_FULL;
$this->sitePrivateKey = $config->get('system', 'site_prvkey');
$authCookieDays = $config->get('system', 'auth_cookie_lifetime',
}
Hook::callAll("logging_out");
- Session::delete();
+ Session::clear();
if ($visitor_home) {
System::externalRedirect($visitor_home);
public function testDevLogger()
{
+ /** @var Configuration $config */
+ $config = $this->dice->create(Configuration::class);
+ $config->set('system', 'dlogfile', $this->root->url() . '/friendica.log');
+
/** @var LoggerInterface $logger */
$logger = $this->dice->create('$devLogger', ['dev']);
projects / friendica.git / commitdiff