📄 session.php
字号:
<?php/*** @version $Id: session.php 11409 2009-01-10 02:27:08Z willebil $* @package Joomla.Framework* @subpackage Session* @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.* @license GNU/GPL, see LICENSE.php* Joomla! is free software. This version may have been modified pursuant* to the GNU General Public License, and as distributed it includes or* is derivative of works licensed under the GNU General Public License or* other free or open source software licenses.* See COPYRIGHT.php for copyright notices and details.*/// Check to ensure this file is within the rest of the frameworkdefined('JPATH_BASE') or die();//Register the session storage class with the loaderJLoader::register('JSessionStorage', dirname(__FILE__).DS.'storage.php');/*** Class for managing HTTP sessions** Provides access to session-state values as well as session-level* settings and lifetime management methods.* Based on the standart PHP session handling mechanism it provides* for you more advanced features such as expire timeouts.** @package Joomla.Framework* @subpackage Session* @since 1.5*/class JSession extends JObject{ /** * internal state * * @access protected * @var string $_state one of 'active'|'expired'|'destroyed|'error' * @see getState() */ var $_state = 'active'; /** * Maximum age of unused session * * @access protected * @var string $_expire minutes */ var $_expire = 15; /** * The session store object * * @access protected * @var object A JSessionStorage object */ var $_store = null; /** * security policy * * Default values: * - fix_browser * - fix_adress * * @access protected * @var array $_security list of checks that will be done. */ var $_security = array( 'fix_browser' ); /** * Force cookies to be SSL only * * @access protected * @default false * @var bool $force_ssl */ var $_force_ssl = false; /** * Constructor * * @access protected * @param string $storage * @param array $options optional parameters */ function __construct( $store = 'none', $options = array() ) { // Register faked "destructor" in PHP4, this needs to happen before creating the session store if (version_compare(PHP_VERSION, '5') == -1) { register_shutdown_function((array(&$this, '__destruct'))); } //Need to destroy any existing sessions started with session.auto_start if (session_id()) { session_unset(); session_destroy(); } //set default sessios save handler ini_set('session.save_handler', 'files'); //disable transparent sid support ini_set('session.use_trans_sid', '0'); //create handler $this->_store =& JSessionStorage::getInstance($store, $options); //set options $this->_setOptions( $options ); $this->_setCookieParams(); //load the session $this->_start(); //initialise the session $this->_setCounter(); $this->_setTimers(); $this->_state = 'active'; // perform security checks $this->_validate(); } /** * Session object destructor * * @access private * @since 1.5 */ function __destruct() { $this->close(); } /** * Returns a reference to the global Session object, only creating it * if it doesn't already exist. * * This method must be invoked as: * <pre> $session = &JSession::getInstance();</pre> * * @access public * @return JSession The Session object. * @since 1.5 */ function & getInstance($handler, $options) { static $instance; if (!is_object($instance)) { $instance = new JSession($handler, $options); } return $instance; } /** * Get current state of session * * @access public * @return string The session state */ function getState() { return $this->_state; } /** * Get expiration time in minutes * * @access public * @return integer The session expiration time in minutes */ function getExpire() { return $this->_expire; } /** * Get a session token, if a token isn't set yet one will be generated. * * Tokens are used to secure forms from spamming attacks. Once a token * has been generated the system will check the post request to see if * it is present, if not it will invalidate the session. * * @param boolean $forceNew If true, force a new token to be created * @access public * @return string The session token */ function getToken($forceNew = false) { $token = $this->get( 'session.token' ); //create a token if( $token === null || $forceNew ) { $token = $this->_createToken( 12 ); $this->set( 'session.token', $token ); } return $token; } /** * Method to determine if a token exists in the session. If not the * session will be set to expired * * @param string Hashed token to be verified * @param boolean If true, expires the session * @since 1.5 * @static */ function hasToken($tCheck, $forceExpire = true) { // check if a token exists in the session $tStored = $this->get( 'session.token' ); //check token if(($tStored !== $tCheck)) { if($forceExpire) { $this->_state = 'expired'; } return false; } return true; } /** * Get session name * * @access public * @return string The session name */ function getName() { if( $this->_state === 'destroyed' ) { // @TODO : raise error return null; } return session_name(); } /** * Get session id * * @access public * @return string The session name */ function getId() { if( $this->_state === 'destroyed' ) { // @TODO : raise error return null; } return session_id(); } /** * Get the session handlers * * @access public * @return array An array of available session handlers */ function getStores() { jimport('joomla.filesystem.folder'); $handlers = JFolder::files(dirname(__FILE__).DS.'storage', '.php$'); $names = array(); foreach($handlers as $handler) { $name = substr($handler, 0, strrpos($handler, '.')); $class = 'JSessionStorage'.ucfirst($name); //Load the class only if needed if(!class_exists($class)) { require_once(dirname(__FILE__).DS.'storage'.DS.$name.'.php'); } if(call_user_func_array( array( trim($class), 'test' ), null)) { $names[] = $name; } } return $names; } /** * Check whether this session is currently created * * @access public * @return boolean $result true on success */ function isNew() { $counter = $this->get( 'session.counter' ); if( $counter === 1 ) { return true; } return false; } /** * Get data from the session store * * @static * @access public * @param string $name Name of a variable * @param mixed $default Default value of a variable if not set * @param string $namespace Namespace to use, default to 'default' * @return mixed Value of a variable */ function &get($name, $default = null, $namespace = 'default') { $namespace = '__'.$namespace; //add prefix to namespace to avoid collisions if($this->_state !== 'active' && $this->_state !== 'expired') { // @TODO :: generated error here $error = null; return $error; } if (isset($_SESSION[$namespace][$name])) { return $_SESSION[$namespace][$name]; } return $default; } /** * Set data into the session store * * @access public * @param string $name Name of a variable * @param mixed $value Value of a variable * @param string $namespace Namespace to use, default to 'default' * @return mixed Old value of a variable */ function set($name, $value, $namespace = 'default') { $namespace = '__'.$namespace; //add prefix to namespace to avoid collisions if($this->_state !== 'active') { // @TODO :: generated error here return null; } $old = isset($_SESSION[$namespace][$name]) ? $_SESSION[$namespace][$name] : null; if (null === $value) { unset($_SESSION[$namespace][$name]); } else { $_SESSION[$namespace][$name] = $value; } return $old; } /** * Check wheter data exists in the session store * * @access public * @param string $name Name of variable * @param string $namespace Namespace to use, default to 'default' * @return boolean $result true if the variable exists */ function has( $name, $namespace = 'default' ) { $namespace = '__'.$namespace; //add prefix to namespace to avoid collisions if( $this->_state !== 'active' ) { // @TODO :: generated error here return null; } return isset( $_SESSION[$namespace][$name] ); } /** * Unset data from the session store *⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -