tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
icingaweb2/library/Icinga/Authentication/PhpSession.php

243 lines
6.8 KiB
PHP
Raw Blame History

<?php
// {{{ICINGA_LICENSE_HEADER}}}
/**
* This file is part of Icinga 2 Web.
*
* Icinga 2 Web - Head for multiple monitoring backends.
* Copyright (C) 2013 Icinga Development Team
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @copyright 2013 Icinga Development Team <info@icinga.org>
* @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2
* @author Icinga Development Team <info@icinga.org>
*/
// {{{ICINGA_LICENSE_HEADER}}}
namespace Icinga\Authentication;
use Icinga\Application\Logger as Logger;
/**
* Class PhpSession
*
* Standard PHP Session handling
* You have to call read() first in order to start the session. If
* no parameter is given to read, the session is closed immediately
* after reading the persisted variables, in order to avoid concurrent
* requests to be blocked. Otherwise, you can call write() (again with
* no parameter in order to auto-close it) to persist all values previously
* set with the set() method
*
*/
class PhpSession extends Session
{
const SESSION_NAME = "Icinga2Web";
private $isOpen = false;
private $isFlushed = false;
private static $DEFAULT_COOKIEOPTIONS = array(
'use_trans_sid' => false,
'use_cookies' => true,
'cookie_httponly' => true,
'use_only_cookies' => true,
'hash_function' => true,
'hash_bits_per_character' => 5,
);
/**
* Creates a new PHPSession object using the provided options (if any)
*
* @param Array $options An optional array of ini options to set,
* @see http://php.net/manual/en/session.configuration.php
**/
public function __construct(array $options = null)
{
if ($options !== null) {
$options = array_merge(PhpSession::$DEFAULT_COOKIEOPTIONS, $options);
} else {
$options = PhpSession::$DEFAULT_COOKIEOPTIONS;
}
foreach ($options as $sessionVar => $value) {
if (ini_set("session.".$sessionVar, $value) === false) {
Logger::warn(
"Could not set php.ini setting %s = %s. This might affect your sessions behaviour.",
$sessionVar,
$value
);
}
}
if (!is_writable(session_save_path())) {
throw new \Icinga\Exception\ConfigurationError("Can't save session");
}
}
/**
* Returns true when the session has not yet been closed
*
* @return Boolean
**/
private function sessionCanBeChanged()
{
if ($this->isFlushed) {
Logger::error("Tried to work on a closed session, session changes will be ignored");
return false;
}
return true;
}
/**
* Returns true when the session has not yet been opened
*
* @return Boolean
**/
private function sessionCanBeOpened()
{
if ($this->isOpen) {
Logger::warn("Tried to open a session more than once");
return false;
}
return $this->sessionCanBeChanged();
}
/**
* Opens a PHP session when possible
*
* @return Boolean True on success
**/
public function open()
{
if (!$this->sessionCanBeOpened()) {
return false;
}
session_name(PhpSession::SESSION_NAME);
session_start();
$this->isOpen = true;
$this->setAll($_SESSION);
return true;
}
/**
* Ensures that the session is open modifyable
*
* @return Boolean True on success
**/
private function ensureOpen()
{
// try to open first
if (!$this->isOpen) {
if (!$this->open()) {
return false;
}
}
return true;
}
/**
* Reads all values written to the underyling session and
* makes them accessible. if keepOpen is not set, the session
* is immediately closed again
*
* @param Boolean $keepOpen Set to true when modifying the session
*
* @return Boolean True on success
**/
public function read($keepOpen = false)
{
if (!$this->ensureOpen()) {
return false;
}
if ($keepOpen) {
return true;
}
$this->close();
return true;
}
/**
* Writes all values of this session opbject to the underyling session implementation
* If keepOpen is not set, the session is closed
*
* @param Boolean $keepOpen Set to true when modifying the session further
*
* @return Boolean True on success
**/
public function write($keepOpen = false)
{
if (!$this->ensureOpen()) {
return false;
}
foreach ($this->getAll() as $key => $value) {
$_SESSION[$key] = $value;
}
if ($keepOpen) {
return null;
}
$this->close();
return null;
}
/**
* Closes and writes the session. Call @see PHPSession::write in order to persist changes
* and only call this if you want the session to be closed without any changes
*
**/
public function close()
{
if (!$this->isFlushed) {
session_write_close();
}
$this->isFlushed = true;
}
/**
* Deletes the current session, causing all session information to be lost
*
**/
public function purge()
{
if ($this->ensureOpen()) {
$_SESSION = array();
session_destroy();
$this->clearCookies();
$this->close();
}
}
/**
* Removes session cookies
*
**/
private function clearCookies()
{
if (ini_get("session.use_cookies")) {
Logger::debug("Clearing cookies");
$params = session_get_cookie_params();
setcookie(
session_name(),
'',
time() - 42000,
$params["path"],
$params["domain"],
$params["secure"],
$params["httponly"]
);
}
}
}
Reference in New Issue View Git Blame Copy Permalink