89 lines
		
	
	
		
			1.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			89 lines
		
	
	
		
			1.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| namespace Zotlabs\Web;
 | |
| 
 | |
| 
 | |
| class SessionHandler implements \SessionHandlerInterface {
 | |
| 
 | |
| 
 | |
| 	function open ($s, $n) {
 | |
| 		return true;
 | |
| 	}
 | |
| 
 | |
| 	// IMPORTANT: if we read the session and it doesn't exist, create an empty record.
 | |
| 	// We rely on this due to differing PHP implementation of session_regenerate_id()
 | |
| 	// some which call read explicitly and some that do not. So we call it explicitly
 | |
| 	// just after sid regeneration to force a record to exist.
 | |
| 
 | |
| 	function read ($id) {
 | |
| 
 | |
| 		if($id) {
 | |
| 			$r = q("SELECT `sess_data` FROM `session` WHERE `sid`= '%s'", dbesc($id));
 | |
| 
 | |
| 			if($r) {
 | |
| 				return $r[0]['sess_data'];
 | |
| 			}
 | |
| 			else {
 | |
| 				q("INSERT INTO `session` (sid, expire) values ('%s', '%s')",
 | |
| 					dbesc($id),
 | |
| 					dbesc(time() + 300)
 | |
| 				);
 | |
| 			}
 | |
| 		}
 | |
| 
 | |
| 		return '';
 | |
| 	}
 | |
| 
 | |
| 
 | |
| 	function write ($id, $data) {
 | |
| 
 | |
| 		if(! $id || ! $data) {
 | |
| 			return false;
 | |
| 		}
 | |
| 
 | |
| 		// Unless we authenticate somehow, only keep a session for 5 minutes
 | |
| 		// The viewer can extend this by performing any web action using the
 | |
| 		// original cookie, but this allows us to cleanup the hundreds or 
 | |
| 		// thousands of empty sessions left around from web crawlers which are
 | |
| 		// assigned cookies on each page that they never use. 
 | |
| 
 | |
| 		$expire = time() + 300;
 | |
| 
 | |
| 		if($_SESSION) {
 | |
| 			if(array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me']))
 | |
| 				$expire = time() + (60 * 60 * 24 * 365);
 | |
| 			elseif(local_channel())
 | |
| 				$expire = time() + (60 * 60 * 24 * 3);
 | |
| 			elseif(remote_channel())
 | |
| 				$expire = time() + (60 * 60 * 24 * 1);
 | |
| 		}
 | |
| 
 | |
| 		q("UPDATE `session`
 | |
| 			SET `sess_data` = '%s', `expire` = '%s' WHERE `sid` = '%s'",
 | |
| 			dbesc($data),
 | |
| 			dbesc($expire),
 | |
| 			dbesc($id)
 | |
| 		);
 | |
| 
 | |
| 		return true;
 | |
| 	}
 | |
| 
 | |
| 	
 | |
| 	function close() {
 | |
| 		return true;
 | |
| 	}
 | |
| 
 | |
| 
 | |
| 	function destroy ($id) {
 | |
| 		q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id));
 | |
| 		return true;
 | |
| 	}
 | |
| 
 | |
| 
 | |
| 	function gc($expire) {
 | |
| 		q("DELETE FROM session WHERE expire < %d", dbesc(time()));
 | |
| 		return true;
 | |
| 	}
 | |
| 
 | |
| }
 |