rhays/rpsls-game
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

First Local Commit - After Clean up.

Browse Source 
Signed-off-by: Rick Hays <rhays@haysgang.com>
This commit is contained in:
Rick Hays
2019-12-02 14:54:38 -06:00
commit 10412ab7f6
486 changed files with 123242 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
system/Session/Handlers/ArrayHandler.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Session\Exceptions\SessionException;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Database\BaseConnection;
use Config\Database;
/**
* Session handler using static array for storage.
* Intended only for use during testing.
*/
class ArrayHandler extends BaseHandler implements \SessionHandlerInterface
{
protected static $cache = [];
//--------------------------------------------------------------------
/**
* Open
*
* Ensures we have an initialized database connection.
*
* @param string $savePath Path to session files' directory
* @param string $name Session cookie name
*
* @return boolean
* @throws \Exception
*/
public function open($savePath, $name): bool
{
return true;
}
//--------------------------------------------------------------------
/**
* Read
*
* Reads session data and acquires a lock
*
* @param string $sessionID Session ID
*
* @return string Serialized session data
*/
public function read($sessionID): string
{
return '';
}
//--------------------------------------------------------------------
/**
* Write
*
* Writes (create / update) session data
*
* @param string $sessionID Session ID
* @param string $sessionData Serialized session data
*
* @return boolean
*/
public function write($sessionID, $sessionData): bool
{
return true;
}
//--------------------------------------------------------------------
/**
* Close
*
* Releases locks and closes file descriptor.
*
* @return boolean
*/
public function close(): bool
{
return true;
}
//--------------------------------------------------------------------
/**
* Destroy
*
* Destroys the current session.
*
* @param string $sessionID
*
* @return boolean
*/
public function destroy($sessionID): bool
{
return true;
}
//--------------------------------------------------------------------
/**
* Garbage Collector
*
* Deletes expired sessions
*
* @param integer $maxlifetime Maximum lifetime of sessions
*
* @return boolean
*/
public function gc($maxlifetime): bool
{
return true;
}
//--------------------------------------------------------------------
}

218
system/Session/Handlers/BaseHandler.php Normal file
View File

@@ -0,0 +1,218 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Config\BaseConfig;
use Psr\Log\LoggerAwareTrait;
/**
* Base class for session handling
*/
abstract class BaseHandler implements \SessionHandlerInterface
{
use LoggerAwareTrait;
/**
* The Data fingerprint.
*
* @var boolean
*/
protected $fingerprint;
/**
* Lock placeholder.
*
* @var mixed
*/
protected $lock = false;
/**
* Cookie prefix
*
* @var string
*/
protected $cookiePrefix = '';
/**
* Cookie domain
*
* @var string
*/
protected $cookieDomain = '';
/**
* Cookie path
*
* @var string
*/
protected $cookiePath = '/';
/**
* Cookie secure?
*
* @var boolean
*/
protected $cookieSecure = false;
/**
* Cookie name to use
*
* @var string
*/
protected $cookieName;
/**
* Match IP addresses for cookies?
*
* @var boolean
*/
protected $matchIP = false;
/**
* Current session ID
*
* @var string
*/
protected $sessionID;
/**
* The 'save path' for the session
* varies between
*
* @var string
*/
protected $savePath;
/**
* User's IP address.
*
* @var string
*/
protected $ipAddress;
//--------------------------------------------------------------------
/**
* Constructor
*
* @param BaseConfig $config
* @param string $ipAddress
*/
public function __construct($config, string $ipAddress)
{
$this->cookiePrefix = $config->cookiePrefix;
$this->cookieDomain = $config->cookieDomain;
$this->cookiePath = $config->cookiePath;
$this->cookieSecure = $config->cookieSecure;
$this->cookieName = $config->sessionCookieName;
$this->matchIP = $config->sessionMatchIP;
$this->savePath = $config->sessionSavePath;
$this->ipAddress = $ipAddress;
}
//--------------------------------------------------------------------
/**
* Internal method to force removal of a cookie by the client
* when session_destroy() is called.
*
* @return boolean
*/
protected function destroyCookie(): bool
{
return setcookie(
$this->cookieName, null, 1, $this->cookiePath, $this->cookieDomain, $this->cookieSecure, true
);
}
//--------------------------------------------------------------------
/**
* A dummy method allowing drivers with no locking functionality
* (databases other than PostgreSQL and MySQL) to act as if they
* do acquire a lock.
*
* @param string $sessionID
*
* @return boolean
*/
protected function lockSession(string $sessionID): bool
{
$this->lock = true;
return true;
}
//--------------------------------------------------------------------
/**
* Releases the lock, if any.
*
* @return boolean
*/
protected function releaseLock(): bool
{
$this->lock = false;
return true;
}
//--------------------------------------------------------------------
/**
* Fail
*
* Drivers other than the 'files' one don't (need to) use the
* session.save_path INI setting, but that leads to confusing
* error messages emitted by PHP when open() or write() fail,
* as the message contains session.save_path ...
* To work around the problem, the drivers will call this method
* so that the INI is set just in time for the error message to
* be properly generated.
*
* @return boolean
*/
protected function fail(): bool
{
ini_set('session.save_path', $this->savePath);
return false;
}
}

430
system/Session/Handlers/DatabaseHandler.php Normal file
View File

@@ -0,0 +1,430 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Session\Exceptions\SessionException;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Database\BaseConnection;
use Config\Database;
/**
* Session handler using current Database for storage
*/
class DatabaseHandler extends BaseHandler implements \SessionHandlerInterface
{
/**
* The database group to use for storage.
*
* @var string
*/
protected $DBGroup;
/**
* The name of the table to store session info.
*
* @var string
*/
protected $table;
/**
* The DB Connection instance.
*
* @var BaseConnection
*/
protected $db;
/**
* The database type, for locking purposes.
*
* @var string
*/
protected $platform;
/**
* Row exists flag
*
* @var boolean
*/
protected $rowExists = false;
//--------------------------------------------------------------------
/**
* Constructor
*
* @param BaseConfig $config
* @param string $ipAddress
*/
public function __construct(BaseConfig $config, string $ipAddress)
{
parent::__construct($config, $ipAddress);
// Determine Table
$this->table = $config->sessionSavePath;
if (empty($this->table))
{
throw SessionException::forMissingDatabaseTable();
}
// Get DB Connection
$this->DBGroup = $config->sessionDBGroup ?? config(Database::class)->defaultGroup;
$this->db = Database::connect($this->DBGroup);
// Determine Database type
$driver = strtolower(get_class($this->db));
if (strpos($driver, 'mysql') !== false)
{
$this->platform = 'mysql';
}
elseif (strpos($driver, 'postgre') !== false)
{
$this->platform = 'postgre';
}
}
//--------------------------------------------------------------------
/**
* Open
*
* Ensures we have an initialized database connection.
*
* @param string $savePath Path to session files' directory
* @param string $name Session cookie name
*
* @return boolean
* @throws \Exception
*/
public function open($savePath, $name): bool
{
if (empty($this->db->connID))
{
$this->db->initialize();
}
return true;
}
//--------------------------------------------------------------------
/**
* Read
*
* Reads session data and acquires a lock
*
* @param string $sessionID Session ID
*
* @return string Serialized session data
*/
public function read($sessionID): string
{
if ($this->lockSession($sessionID) === false)
{
$this->fingerprint = md5('');
return '';
}
// Needed by write() to detect session_regenerate_id() calls
if (is_null($this->sessionID))
{
$this->sessionID = $sessionID;
}
$builder = $this->db->table($this->table)
->select('data')
->where('id', $sessionID);
if ($this->matchIP)
{
$builder = $builder->where('ip_address', $this->ipAddress);
}
$result = $builder->get()->getRow();
if ($result === null)
{
// PHP7 will reuse the same SessionHandler object after
// ID regeneration, so we need to explicitly set this to
// FALSE instead of relying on the default ...
$this->rowExists = false;
$this->fingerprint = md5('');
return '';
}
// PostgreSQL's variant of a BLOB datatype is Bytea, which is a
// PITA to work with, so we use base64-encoded data in a TEXT
// field instead.
if (is_bool($result))
{
$result = '';
}
else
{
$result = ($this->platform === 'postgre') ? base64_decode(rtrim($result->data)) : $result->data;
}
$this->fingerprint = md5($result);
$this->rowExists = true;
return $result;
}
//--------------------------------------------------------------------
/**
* Write
*
* Writes (create / update) session data
*
* @param string $sessionID Session ID
* @param string $sessionData Serialized session data
*
* @return boolean
*/
public function write($sessionID, $sessionData): bool
{
if ($this->lock === false)
{
return $this->fail();
}
// Was the ID regenerated?
elseif ($sessionID !== $this->sessionID)
{
$this->rowExists = false;
$this->sessionID = $sessionID;
}
if ($this->rowExists === false)
{
$insertData = [
'id' => $sessionID,
'ip_address' => $this->ipAddress,
'timestamp' => time(),
'data' => $this->platform === 'postgre' ? base64_encode($sessionData) : $sessionData,
];
if (! $this->db->table($this->table)->insert($insertData))
{
return $this->fail();
}
$this->fingerprint = md5($sessionData);
$this->rowExists = true;
return true;
}
$builder = $this->db->table($this->table)->where('id', $sessionID);
if ($this->matchIP)
{
$builder = $builder->where('ip_address', $this->ipAddress);
}
$updateData = [
'timestamp' => time(),
];
if ($this->fingerprint !== md5($sessionData))
{
$updateData['data'] = ($this->platform === 'postgre') ? base64_encode($sessionData) : $sessionData;
}
if (! $builder->update($updateData))
{
return $this->fail();
}
$this->fingerprint = md5($sessionData);
return true;
}
//--------------------------------------------------------------------
/**
* Close
*
* Releases locks and closes file descriptor.
*
* @return boolean
*/
public function close(): bool
{
return ($this->lock && ! $this->releaseLock()) ? $this->fail() : true;
}
//--------------------------------------------------------------------
/**
* Destroy
*
* Destroys the current session.
*
* @param string $sessionID
*
* @return boolean
*/
public function destroy($sessionID): bool
{
if ($this->lock)
{
$builder = $this->db->table($this->table)->where('id', $sessionID);
if ($this->matchIP)
{
$builder = $builder->where('ip_address', $this->ipAddress);
}
if (! $builder->delete())
{
return $this->fail();
}
}
if ($this->close())
{
$this->destroyCookie();
return true;
}
return $this->fail();
}
//--------------------------------------------------------------------
/**
* Garbage Collector
*
* Deletes expired sessions
*
* @param integer $maxlifetime Maximum lifetime of sessions
*
* @return boolean
*/
public function gc($maxlifetime): bool
{
return ($this->db->table($this->table)->delete('timestamp < ' . (time() - $maxlifetime))) ? true : $this->fail();
}
//--------------------------------------------------------------------
/**
* Lock the session.
*
* @param string $sessionID
* @return boolean
*/
protected function lockSession(string $sessionID): bool
{
if ($this->platform === 'mysql')
{
$arg = md5($sessionID . ($this->matchIP ? '_' . $this->ipAddress : ''));
if ($this->db->query("SELECT GET_LOCK('{$arg}', 300) AS ci_session_lock")->getRow()->ci_session_lock)
{
$this->lock = $arg;
return true;
}
return $this->fail();
}
elseif ($this->platform === 'postgre')
{
$arg = "hashtext('{$sessionID}')" . ($this->matchIP ? ", hashtext('{$this->ipAddress}')" : '');
if ($this->db->simpleQuery("SELECT pg_advisory_lock({$arg})"))
{
$this->lock = $arg;
return true;
}
return $this->fail();
}
// Unsupported DB? Let the parent handle the simplified version.
return parent::lockSession($sessionID);
}
//--------------------------------------------------------------------
/**
* Releases the lock, if any.
*
* @return boolean
*/
protected function releaseLock(): bool
{
if (! $this->lock)
{
return true;
}
if ($this->platform === 'mysql')
{
if ($this->db->query("SELECT RELEASE_LOCK('{$this->lock}') AS ci_session_lock")->getRow()->ci_session_lock)
{
$this->lock = false;
return true;
}
return $this->fail();
}
elseif ($this->platform === 'postgre')
{
if ($this->db->simpleQuery("SELECT pg_advisory_unlock({$this->lock})"))
{
$this->lock = false;
return true;
}
return $this->fail();
}
// Unsupported DB? Let the parent handle the simple version.
return parent::releaseLock();
}
//--------------------------------------------------------------------
}

422
system/Session/Handlers/FileHandler.php Normal file
View File

@@ -0,0 +1,422 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Exceptions\SessionException;
/**
* Session handler using file system for storage
*/
class FileHandler extends BaseHandler implements \SessionHandlerInterface
{
/**
* Where to save the session files to.
*
* @var string
*/
protected $savePath;
/**
* The file handle
*
* @var resource
*/
protected $fileHandle;
/**
* File Name
*
* @var resource
*/
protected $filePath;
/**
* Whether this is a new file.
*
* @var boolean
*/
protected $fileNew;
/**
* Whether IP addresses should be matched.
*
* @var boolean
*/
protected $matchIP = false;
//--------------------------------------------------------------------
/**
* Constructor
*
* @param BaseConfig $config
* @param string $ipAddress
*/
public function __construct($config, string $ipAddress)
{
parent::__construct($config, $ipAddress);
if (! empty($config->sessionSavePath))
{
$this->savePath = rtrim($config->sessionSavePath, '/\\');
ini_set('session.save_path', $config->sessionSavePath);
}
else
{
$sessionPath = rtrim(ini_get('session.save_path'), '/\\');
if (! $sessionPath)
{
$sessionPath = WRITEPATH . 'session';
}
$this->savePath = $sessionPath;
}
$this->matchIP = $config->sessionMatchIP;
$this->configureSessionIDRegex();
}
//--------------------------------------------------------------------
/**
* Open
*
* Sanitizes the save_path directory.
*
* @param string $savePath Path to session files' directory
* @param string $name Session cookie name
*
* @return boolean
* @throws \Exception
*/
public function open($savePath, $name): bool
{
if (! is_dir($savePath))
{
if (! mkdir($savePath, 0700, true))
{
throw SessionException::forInvalidSavePath($this->savePath);
}
}
elseif (! is_writable($savePath))
{
throw SessionException::forWriteProtectedSavePath($this->savePath);
}
$this->savePath = $savePath;
$this->filePath = $this->savePath . '/'
. $name // we'll use the session cookie name as a prefix to avoid collisions
. ($this->matchIP ? md5($this->ipAddress) : '');
return true;
}
//--------------------------------------------------------------------
/**
* Read
*
* Reads session data and acquires a lock
*
* @param string $sessionID Session ID
*
* @return string Serialized session data
*/
public function read($sessionID): string
{
// This might seem weird, but PHP 5.6 introduced session_reset(),
// which re-reads session data
if ($this->fileHandle === null)
{
$this->fileNew = ! is_file($this->filePath . $sessionID);
if (($this->fileHandle = fopen($this->filePath . $sessionID, 'c+b')) === false)
{
$this->logger->error("Session: Unable to open file '" . $this->filePath . $sessionID . "'.");
return false;
}
if (flock($this->fileHandle, LOCK_EX) === false)
{
$this->logger->error("Session: Unable to obtain lock for file '" . $this->filePath . $sessionID . "'.");
fclose($this->fileHandle);
$this->fileHandle = null;
return false;
}
// Needed by write() to detect session_regenerate_id() calls
if (is_null($this->sessionID))
{
$this->sessionID = $sessionID;
}
if ($this->fileNew)
{
chmod($this->filePath . $sessionID, 0600);
$this->fingerprint = md5('');
return '';
}
}
else
{
rewind($this->fileHandle);
}
$session_data = '';
clearstatcache(); // Address https://github.com/codeigniter4/CodeIgniter4/issues/2056
for ($read = 0, $length = filesize($this->filePath . $sessionID); $read < $length; $read += strlen($buffer))
{
if (($buffer = fread($this->fileHandle, $length - $read)) === false)
{
break;
}
$session_data .= $buffer;
}
$this->fingerprint = md5($session_data);
return $session_data;
}
//--------------------------------------------------------------------
/**
* Write
*
* Writes (create / update) session data
*
* @param string $sessionID Session ID
* @param string $sessionData Serialized session data
*
* @return boolean
*/
public function write($sessionID, $sessionData): bool
{
// If the two IDs don't match, we have a session_regenerate_id() call
if ($sessionID !== $this->sessionID)
{
$this->sessionID = $sessionID;
}
if (! is_resource($this->fileHandle))
{
return false;
}
elseif ($this->fingerprint === md5($sessionData))
{
return ($this->fileNew) ? true : touch($this->filePath . $sessionID);
}
if (! $this->fileNew)
{
ftruncate($this->fileHandle, 0);
rewind($this->fileHandle);
}
if (($length = strlen($sessionData)) > 0)
{
for ($written = 0; $written < $length; $written += $result)
{
if (($result = fwrite($this->fileHandle, substr($sessionData, $written))) === false)
{
break;
}
}
if (! is_int($result))
{
$this->fingerprint = md5(substr($sessionData, 0, $written));
$this->logger->error('Session: Unable to write data.');
return false;
}
}
$this->fingerprint = md5($sessionData);
return true;
}
//--------------------------------------------------------------------
/**
* Close
*
* Releases locks and closes file descriptor.
*
* @return boolean
*/
public function close(): bool
{
if (is_resource($this->fileHandle))
{
flock($this->fileHandle, LOCK_UN);
fclose($this->fileHandle);
$this->fileHandle = $this->fileNew = null;
return true;
}
return true;
}
//--------------------------------------------------------------------
/**
* Destroy
*
* Destroys the current session.
*
* @param string $session_id Session ID
*
* @return boolean
*/
public function destroy($session_id): bool
{
if ($this->close())
{
return is_file($this->filePath . $session_id)
? (unlink($this->filePath . $session_id) && $this->destroyCookie()) : true;
}
elseif ($this->filePath !== null)
{
clearstatcache();
return is_file($this->filePath . $session_id)
? (unlink($this->filePath . $session_id) && $this->destroyCookie()) : true;
}
return false;
}
//--------------------------------------------------------------------
/**
* Garbage Collector
*
* Deletes expired sessions
*
* @param integer $maxlifetime Maximum lifetime of sessions
*
* @return boolean
*/
public function gc($maxlifetime): bool
{
if (! is_dir($this->savePath) || ($directory = opendir($this->savePath)) === false)
{
$this->logger->debug("Session: Garbage collector couldn't list files under directory '" . $this->savePath . "'.");
return false;
}
$ts = time() - $maxlifetime;
$pattern = $this->matchIP === true
? '[0-9a-f]{32}'
: '';
$pattern = sprintf(
'#\A%s' . $pattern . $this->sessionIDRegex . '\z#',
preg_quote($this->cookieName)
);
while (($file = readdir($directory)) !== false)
{
// If the filename doesn't match this pattern, it's either not a session file or is not ours
if (! preg_match($pattern, $file)
|| ! is_file($this->savePath . DIRECTORY_SEPARATOR . $file)
|| ($mtime = filemtime($this->savePath . DIRECTORY_SEPARATOR . $file)) === false
|| $mtime > $ts
)
{
continue;
}
unlink($this->savePath . DIRECTORY_SEPARATOR . $file);
}
closedir($directory);
return true;
}
//--------------------------------------------------------------------
/**
* Configure Session ID regular expression
*/
protected function configureSessionIDRegex()
{
$bitsPerCharacter = (int)ini_get('session.sid_bits_per_character');
$SIDLength = (int)ini_get('session.sid_length');
if (($bits = $SIDLength * $bitsPerCharacter) < 160)
{
// Add as many more characters as necessary to reach at least 160 bits
$SIDLength += (int)ceil((160 % $bits) / $bitsPerCharacter);
ini_set('session.sid_length', $SIDLength);
}
// Yes, 4,5,6 are the only known possible values as of 2016-10-27
switch ($bitsPerCharacter)
{
case 4:
$this->sessionIDRegex = '[0-9a-f]';
break;
case 5:
$this->sessionIDRegex = '[0-9a-v]';
break;
case 6:
$this->sessionIDRegex = '[0-9a-zA-Z,-]';
break;
}
$this->sessionIDRegex .= '{' . $SIDLength . '}';
}
}

405
system/Session/Handlers/MemcachedHandler.php Normal file
View File

@@ -0,0 +1,405 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Exceptions\SessionException;
/**
* Session handler using Memcache for persistence
*/
class MemcachedHandler extends BaseHandler implements \SessionHandlerInterface
{
/**
* Memcached instance
*
* @var \Memcached
*/
protected $memcached;
/**
* Key prefix
*
* @var string
*/
protected $keyPrefix = 'ci_session:';
/**
* Lock key
*
* @var string
*/
protected $lockKey;
/**
* Number of seconds until the session ends.
*
* @var integer
*/
protected $sessionExpiration = 7200;
//--------------------------------------------------------------------
/**
* Constructor
*
* @param BaseConfig $config
* @param string $ipAddress
* @throws \CodeIgniter\Session\Exceptions\SessionException
*/
public function __construct(BaseConfig $config, string $ipAddress)
{
parent::__construct($config, $ipAddress);
if (empty($this->savePath))
{
throw SessionException::forEmptySavepath();
}
if ($this->matchIP === true)
{
$this->keyPrefix .= $this->ipAddress . ':';
}
if (! empty($this->keyPrefix))
{
ini_set('memcached.sess_prefix', $this->keyPrefix);
}
$this->sessionExpiration = $config->sessionExpiration;
}
//--------------------------------------------------------------------
/**
* Open
*
* Sanitizes save_path and initializes connections.
*
* @param string $save_path Server path(s)
* @param string $name Session cookie name, unused
*
* @return boolean
*/
public function open($save_path, $name): bool
{
$this->memcached = new \Memcached();
$this->memcached->setOption(\Memcached::OPT_BINARY_PROTOCOL, true); // required for touch() usage
$server_list = [];
foreach ($this->memcached->getServerList() as $server)
{
$server_list[] = $server['host'] . ':' . $server['port'];
}
if (! preg_match_all('#,?([^,:]+)\:(\d{1,5})(?:\:(\d+))?#', $this->savePath, $matches, PREG_SET_ORDER)
)
{
$this->memcached = null;
$this->logger->error('Session: Invalid Memcached save path format: ' . $this->savePath);
return false;
}
foreach ($matches as $match)
{
// If Memcached already has this server (or if the port is invalid), skip it
if (in_array($match[1] . ':' . $match[2], $server_list, true))
{
$this->logger->debug('Session: Memcached server pool already has ' . $match[1] . ':' . $match[2]);
continue;
}
if (! $this->memcached->addServer($match[1], $match[2], $match[3] ?? 0))
{
$this->logger->error('Could not add ' . $match[1] . ':' . $match[2] . ' to Memcached server pool.');
}
else
{
$server_list[] = $match[1] . ':' . $match[2];
}
}
if (empty($server_list))
{
$this->logger->error('Session: Memcached server pool is empty.');
return false;
}
return true;
}
//--------------------------------------------------------------------
/**
* Read
*
* Reads session data and acquires a lock
*
* @param string $sessionID Session ID
*
* @return string Serialized session data
*/
public function read($sessionID): string
{
if (isset($this->memcached) && $this->lockSession($sessionID))
{
// Needed by write() to detect session_regenerate_id() calls
if (is_null($this->sessionID))
{
$this->sessionID = $sessionID;
}
$session_data = (string) $this->memcached->get($this->keyPrefix . $sessionID);
$this->fingerprint = md5($session_data);
return $session_data;
}
return '';
}
//--------------------------------------------------------------------
/**
* Write
*
* Writes (create / update) session data
*
* @param string $sessionID Session ID
* @param string $sessionData Serialized session data
*
* @return boolean
*/
public function write($sessionID, $sessionData): bool
{
if (! isset($this->memcached))
{
return false;
}
// Was the ID regenerated?
elseif ($sessionID !== $this->sessionID)
{
if (! $this->releaseLock() || ! $this->lockSession($sessionID))
{
return false;
}
$this->fingerprint = md5('');
$this->sessionID = $sessionID;
}
if (isset($this->lockKey))
{
$this->memcached->replace($this->lockKey, time(), 300);
if ($this->fingerprint !== ($fingerprint = md5($sessionData)))
{
if ($this->memcached->set($this->keyPrefix . $sessionID, $sessionData, $this->sessionExpiration))
{
$this->fingerprint = $fingerprint;
return true;
}
return false;
}
return $this->memcached->touch($this->keyPrefix . $sessionID, $this->sessionExpiration);
}
return false;
}
//--------------------------------------------------------------------
/**
* Close
*
* Releases locks and closes connection.
*
* @return boolean
*/
public function close(): bool
{
if (isset($this->memcached))
{
isset($this->lockKey) && $this->memcached->delete($this->lockKey);
if (! $this->memcached->quit())
{
return false;
}
$this->memcached = null;
return true;
}
return false;
}
//--------------------------------------------------------------------
/**
* Destroy
*
* Destroys the current session.
*
* @param string $session_id Session ID
*
* @return boolean
*/
public function destroy($session_id): bool
{
if (isset($this->memcached, $this->lockKey))
{
$this->memcached->delete($this->keyPrefix . $session_id);
return $this->destroyCookie();
}
return false;
}
//--------------------------------------------------------------------
/**
* Garbage Collector
*
* Deletes expired sessions
*
* @param integer $maxlifetime Maximum lifetime of sessions
*
* @return boolean
*/
public function gc($maxlifetime): bool
{
// Not necessary, Memcached takes care of that.
return true;
}
//--------------------------------------------------------------------
/**
* Get lock
*
* Acquires an (emulated) lock.
*
* @param string $sessionID Session ID
*
* @return boolean
*/
protected function lockSession(string $sessionID): bool
{
if (isset($this->lockKey))
{
return $this->memcached->replace($this->lockKey, time(), 300);
}
// 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->keyPrefix . $sessionID . ':lock';
$attempt = 0;
do
{
if ($this->memcached->get($lock_key))
{
sleep(1);
continue;
}
if (! $this->memcached->set($lock_key, time(), 300))
{
$this->logger->error('Session: Error while trying to obtain lock for ' . $this->keyPrefix . $sessionID);
return false;
}
$this->lockKey = $lock_key;
break;
}
while (++ $attempt < 30);
if ($attempt === 30)
{
$this->logger->error('Session: Unable to obtain lock for ' . $this->keyPrefix . $sessionID . ' after 30 attempts, aborting.');
return false;
}
$this->lock = true;
return true;
}
//--------------------------------------------------------------------
/**
* Release lock
*
* Releases a previously acquired lock
*
* @return boolean
*/
protected function releaseLock(): bool
{
if (isset($this->memcached, $this->lockKey) && $this->lock)
{
if (! $this->memcached->delete($this->lockKey) &&
$this->memcached->getResultCode() !== \Memcached::RES_NOTFOUND
)
{
$this->logger->error('Session: Error while trying to free lock for ' . $this->lockKey);
return false;
}
$this->lockKey = null;
$this->lock = false;
}
return true;
}
//--------------------------------------------------------------------
}

422
system/Session/Handlers/RedisHandler.php Normal file
View File

@@ -0,0 +1,422 @@
<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014-2019 British Columbia Institute of Technology
* Copyright (c) 2019 CodeIgniter Foundation
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author CodeIgniter Dev Team
* @copyright 2019 CodeIgniter Foundation
* @license https://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 4.0.0
* @filesource
*/
namespace CodeIgniter\Session\Handlers;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Exceptions\SessionException;
/**
* Session handler using Redis for persistence
*/
class RedisHandler extends BaseHandler implements \SessionHandlerInterface
{
/**
* phpRedis instance
*
* @var resource
*/
protected $redis;
/**
* Key prefix
*
* @var string
*/
protected $keyPrefix = 'ci_session:';
/**
* Lock key
*
* @var string
*/
protected $lockKey;
/**
* Key exists flag
*
* @var boolean
*/
protected $keyExists = false;
/**
* Number of seconds until the session ends.
*
* @var integer
*/
protected $sessionExpiration = 7200;
//--------------------------------------------------------------------
/**
* Constructor
*
* @param BaseConfig $config
* @param string $ipAddress
*
* @throws \Exception
*/
public function __construct(BaseConfig $config, string $ipAddress)
{
parent::__construct($config, $ipAddress);
if (empty($this->savePath))
{
throw SessionException::forEmptySavepath();
}
elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->savePath, $matches))
{
isset($matches[3]) || $matches[3] = ''; // Just to avoid undefined index notices below
$this->savePath = [
'host' => $matches[1],
'port' => empty($matches[2]) ? null : $matches[2],
'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : null,
'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : null,
'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : null,
];
preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->keyPrefix = $match[1];
}
else
{
throw SessionException::forInvalidSavePathFormat($this->savePath);
}
if ($this->matchIP === true)
{
$this->keyPrefix .= $this->ipAddress . ':';
}
$this->sessionExpiration = $config->sessionExpiration;
}
//--------------------------------------------------------------------
/**
* Open
*
* Sanitizes save_path and initializes connection.
*
* @param string $save_path Server path
* @param string $name Session cookie name, unused
* @return boolean
*/
public function open($save_path, $name): bool
{
if (empty($this->savePath))
{
return false;
}
$redis = new \Redis();
if (! $redis->connect($this->savePath['host'], $this->savePath['port'], $this->savePath['timeout']))
{
$this->logger->error('Session: Unable to connect to Redis with the configured settings.');
}
elseif (isset($this->savePath['password']) && ! $redis->auth($this->savePath['password']))
{
$this->logger->error('Session: Unable to authenticate to Redis instance.');
}
elseif (isset($this->savePath['database']) && ! $redis->select($this->savePath['database']))
{
$this->logger->error('Session: Unable to select Redis database with index ' . $this->savePath['database']);
}
else
{
$this->redis = $redis;
return true;
}
return false;
}
//--------------------------------------------------------------------
/**
* Read
*
* Reads session data and acquires a lock
*
* @param string $sessionID Session ID
*
* @return string|false Serialized session data
*/
public function read($sessionID): string
{
if (isset($this->redis) && $this->lockSession($sessionID))
{
// Needed by write() to detect session_regenerate_id() calls
if (is_null($this->sessionID))
{
$this->sessionID = $sessionID;
}
$session_data = $this->redis->get($this->keyPrefix . $sessionID);
is_string($session_data) ? $this->keyExists = true : $session_data = '';
$this->fingerprint = md5($session_data);
return $session_data;
}
return '';
}
//--------------------------------------------------------------------
/**
* Write
*
* Writes (create / update) session data
*
* @param string $sessionID Session ID
* @param string $sessionData Serialized session data
*
* @return boolean
*/
public function write($sessionID, $sessionData): bool
{
if (! isset($this->redis))
{
return false;
}
// Was the ID regenerated?
elseif ($sessionID !== $this->sessionID)
{
if (! $this->releaseLock() || ! $this->lockSession($sessionID))
{
return false;
}
$this->keyExists = false;
$this->sessionID = $sessionID;
}
if (isset($this->lockKey))
{
$this->redis->expire($this->lockKey, 300);
if ($this->fingerprint !== ($fingerprint = md5($sessionData)) || $this->keyExists === false)
{
if ($this->redis->set($this->keyPrefix . $sessionID, $sessionData, $this->sessionExpiration))
{
$this->fingerprint = $fingerprint;
$this->keyExists = true;
return true;
}
return false;
}
return $this->redis->expire($this->keyPrefix . $sessionID, $this->sessionExpiration);
}
return false;
}
//--------------------------------------------------------------------
/**
* Close
*
* Releases locks and closes connection.
*
* @return boolean
*/
public function close(): bool
{
if (isset($this->redis))
{
try
{
$ping_reply = $this->redis->ping();
if (($ping_reply === true) || ($ping_reply === '+PONG'))
{
isset($this->lockKey) && $this->redis->del($this->lockKey);
if (! $this->redis->close())
{
return false;
}
}
}
catch (\RedisException $e)
{
$this->logger->error('Session: Got RedisException on close(): ' . $e->getMessage());
}
$this->redis = null;
return true;
}
return true;
}
//--------------------------------------------------------------------
/**
* Destroy
*
* Destroys the current session.
*
* @param string $sessionID
*
* @return boolean
*/
public function destroy($sessionID): bool
{
if (isset($this->redis, $this->lockKey))
{
if (($result = $this->redis->del($this->keyPrefix . $sessionID)) !== 1)
{
$this->logger->debug('Session: Redis::del() expected to return 1, got ' . var_export($result, true) . ' instead.');
}
return $this->destroyCookie();
}
return false;
}
//--------------------------------------------------------------------
/**
* Garbage Collector
*
* Deletes expired sessions
*
* @param integer $maxlifetime Maximum lifetime of sessions
* @return boolean
*/
public function gc($maxlifetime): bool
{
// Not necessary, Redis takes care of that.
return true;
}
//--------------------------------------------------------------------
/**
* Get lock
*
* Acquires an (emulated) lock.
*
* @param string $sessionID Session ID
*
* @return boolean
*/
protected function lockSession(string $sessionID): bool
{
// PHP 7 reuses the SessionHandler object on regeneration,
// so we need to check here if the lock key is for the
// correct session ID.
if ($this->lockKey === $this->keyPrefix . $sessionID . ':lock')
{
return $this->redis->expire($this->lockKey, 300);
}
// 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->keyPrefix . $sessionID . ':lock';
$attempt = 0;
do
{
if (($ttl = $this->redis->ttl($lock_key)) > 0)
{
sleep(1);
continue;
}
if (! $this->redis->setex($lock_key, 300, time()))
{
$this->logger->error('Session: Error while trying to obtain lock for ' . $this->keyPrefix . $sessionID);
return false;
}
$this->lockKey = $lock_key;
break;
}
while (++ $attempt < 30);
if ($attempt === 30)
{
log_message('error', 'Session: Unable to obtain lock for ' . $this->keyPrefix . $sessionID . ' after 30 attempts, aborting.');
return false;
}
elseif ($ttl === -1)
{
log_message('debug', 'Session: Lock for ' . $this->keyPrefix . $sessionID . ' had no TTL, overriding.');
}
$this->lock = true;
return true;
}
//--------------------------------------------------------------------
/**
* Release lock
*
* Releases a previously acquired lock
*
* @return boolean
*/
protected function releaseLock(): bool
{
if (isset($this->redis, $this->lockKey) && $this->lock)
{
if (! $this->redis->del($this->lockKey))
{
$this->logger->error('Session: Error while trying to free lock for ' . $this->lockKey);
return false;
}
$this->lockKey = null;
$this->lock = false;
}
return true;
}
//--------------------------------------------------------------------
}