joshtronic/pickles
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions
pickles/classes/Session.php
Josh Sherman df0ef6d959 Reworked sessions and added Redis handler 
Requires phpredis to be installed.
2013-02-20 19:03:51 -05:00

340 lines
8.3 KiB
PHP
Raw Blame History

<?php
/**
* Session Handling for PICKLES
*
* PHP version 5
*
* Licensed under The MIT License
* Redistribution of these files must retain the above copyright notice.
*
* @author Josh Sherman <pickles@joshtronic.com>
* @copyright Copyright 2007-2013, Josh Sherman
* @license http://www.opensource.org/licenses/mit-license.html
* @package PICKLES
* @link https://github.com/joshtronic/pickles
*/
/**
* Session Class
*
* Provides session handling via database instead of the file based session
* handling built into PHP. Using this class requires an array to be
* defined in place of the boolean true/false (on/off). If simply array(),
* the datasource will default to the value in
* $config['pickles']['datasource'] and if the table will default to
* "sessions". The format is as follows:
*
* $config = array(
* 'pickles' => array(
* 'session' => array(
* 'datasource' => 'mysql',
* 'table' => 'sessions',
* )
* )
* );
*
* In addition to the configuration variables, a table in your database
* must be created. The [MySQL] table schema is as follows:
*
* CREATE TABLE sessions (
* id varchar(32) COLLATE utf8_unicode_ci NOT NULL,
* session text COLLATE utf8_unicode_ci NOT NULL,
* expires_at datetime NOT NULL,
* PRIMARY KEY (id),
* INDEX (expires_at)
* ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
*
* Note: The reason for not using a model class was to avoid a naming
* conflict between the Session model and the Session class itself. This
* will eventually be resolved when I abandon full 5.x support and migrate
* to 5.3+ (assuming that ever happens).
*/
class Session extends Object
{
/**
* Handler
*
* What the session is being handled by.
*
* @access private
* @var string
*/
private $handler = false;
/**
* Accessed At
*
* The UNIX timestamp of when the page was accessed.
*
* @access private
* @var integer
*/
private $accessed_at = null;
/**
* Time to Live
*
* The number of seconds the session should remain active. Corresponds
* to the INI variable session.gc_maxlifetime
*
* @access private
* @var integer
*/
private $time_to_live = null;
/**
* Datasource
*
* Name of the datasource, defaults to whatever the default datasource
* is defined to in config.php
*
* @access private
* @var string
*/
private $datasource = null;
/**
* Table
*
* Name of the database table in the aforementioned datasource that
* holds the session data. The expected schema is defined above.
*
* @access private
* @var string
*/
private $table = null;
/**
* Database
*
* Our database object to interact with the aforementioned datasource
* and table. This object is shared with other PICKLES internals.
*
* @access private
* @var object
*/
private $db = null;
/**
* Constructor
*
* All of our set up logic for the session in contained here. This
* object is initially instantiated from pickles.php and the session
* callbacks are established here. All variables are driven from
* php.ini and/or the site config. Once configured, the session is
* started automatically.
*/
public function __construct()
{
if (!IS_CLI)
{
parent::__construct();
// Sets up our configuration variables
if (isset($this->config->pickles['session']))
{
$session = $this->config->pickles['session'];
$version = 1;
}
if (isset($this->config->pickles['sessions']))
{
$session = $this->config->pickles['sessions'];
$version = 2;
}
$datasources = $this->config->datasources;
$this->handler = 'files';
$datasource = false;
$table = 'sessions';
if (isset($datasources[$session]))
{
$datasource = $datasources[$session];
$this->handler = $datasource['type'];
if (isset($datasource['hostname'], $datasource['port']))
{
$host = 'tcp://' . $datasource['hostname'] . ':' . $datasource['port'];
}
}
switch ($this->handler)
{
case 'memcache':
ini_set('session.save_handler', 'memcache');
ini_set('session.save_path', $host . '?persistent=1&amp;weight=1&amp;timeout=1&amp;retry_interval=15');
break;
// @todo memcached
case 'mysql':
// Sets our access time and time to live
$this->accessed_at = time();
$this->time_to_live = ini_get('session.gc_maxlifetime');
$this->datasource = $datasource;
$this->table = $table;
// Gets a database instance
$this->db = Database::getInstance($this->datasource);
// Initializes the session
$this->initialize();
break;
case 'redis':
ini_set('session.save_handler', 'redis');
ini_set('session.save_path', $host . '?weight=1' . (isset($datasource['database']) ? '&amp;database=' . $datasource['database'] : ''));
break;
default:
case 'files':
ini_set('session.save_handler', 'files');
break;
}
if (isset($_SERVER['HTTP_USER_AGENT'])
&& !String::isEmpty($_SERVER['HTTP_USER_AGENT'])
&& !preg_match('/(Baidu|Gigabot|Googlebot|libwww-perl|lwp-trivial|msnbot|SiteUptime|Slurp|WordPress|ZIBB|ZyBorg)/i', $_SERVER['HTTP_USER_AGENT']))
{
session_start();
}
}
}
/**
* Destructor
*
* Runs garbage collection and closes the session. I'm not sure if the
* garbage collection should stay as it could be accomplished via
* php.ini variables. The session_write_close() is present to combat a
* chicken and egg scenario in earlier versions of PHP 5.
*/
public function __destruct()
{
if ($this->handler == 'mysql')
{
$this->gc($this->time_to_live);
session_write_close();
}
}
/**
* Initializes the Session
*
* This method exists to combat the fact that calling session_destroy()
* also clears out the save handler. Upon destorying a session this
* method is called again so the save handler is all set.
*/
public function initialize()
{
// Sets up the session handler
session_set_save_handler(
array($this, 'open'),
array($this, 'close'),
array($this, 'read'),
array($this, 'write'),
array($this, 'destroy'),
array($this, 'gc')
);
register_shutdown_function('session_write_close');
}
/**
* Opens the Session
*
* Since the session is in the database, opens the database connection.
* This step isn't really necessary as the Database object is smart
* enough to open itself up upon execute.
*/
public function open()
{
session_regenerate_id();
return $this->db->open();
}
/**
* Closes the Session
*
* Same as above, but in reverse.
*/
public function close()
{
return $this->db->close();
}
/**
* Reads the Session
*
* Checks the database for the session ID and returns the session data.
*
* @param string $id session ID
* @return string serialized session data
*/
public function read($id)
{
$sql = 'SELECT session FROM `' . $this->table . '` WHERE id = ?;';
$session = $this->db->fetch($sql, array($id));
return isset($session[0]['session']) ? $session[0]['session'] : '';
}
/**
* Writes the Session
*
* When there's changes to the session, writes the data to the
* database.
*
* @param string $id session ID
* @param string $session serialized session data
* @return boolean whether the query executed correctly
*/
public function write($id, $session)
{
$sql = 'REPLACE INTO `' . $this->table . '` VALUES (?, ? ,?);';
$parameters = array($id, $session, date('Y-m-d H:i:s', strtotime('+' . $this->time_to_live . ' seconds')));
return $this->db->execute($sql, $parameters);
}
/**
* Destroys the Session
*
* Deletes the session from the database.
*
* @param string $id session ID
* @return boolean whether the query executed correctly
*/
public function destroy($id)
{
$sql = 'DELETE FROM `' . $this->table . '` WHERE id = ?;';
return $this->db->execute($sql, array($id));
}
/**
* Garbage Collector
*
* This is who you call when you got trash to be taken out.
*
* @param integer $time_to_live number of seconds a session is active
* @return boolean whether the query executed correctly
*/
public function gc($time_to_live)
{
$sql = 'DELETE FROM `' . $this->table . '` WHERE expires_at < ?;';
$parameters = array(date('Y-m-d H:i:s', $this->accessed_at - $time_to_live));
return $this->db->execute($sql, $parameters);
}
}
?>
Reference in a new issue View git blame Copy permalink