1. sfCacheSessionStorage.class.php
  2. /**
 * sfCacheSessionStorage manages session storage via a signed cookie and cache backend.
 *
 * This class stores the session data in via sfCache instance and with an id issued in a
 * signed cookie. Useful when you don't want to store the session.
 *
 * @package    symfony
 * @subpackage storage
 * @author     Dustin Whittle 
 */
  3. class sfCacheSessionStorage extends sfStorage
  4. {
  5.   protected
  6.     $id          = null,
  7.     $context     = null,
  8.     $dispatcher  = null,
  9.     $request     = null,
  10.     $response    = null,
  11.     $cache       = null,
  12.     $data        = array(),
  13.     $dataChanged = false;
  15.   /**
  16.    * Initialize this Storage.
  17.    *
  18.    * @param array $options  An associative array of initialization parameters.
  19.    *                        session_name [required] name of session to use
  20.    *                        session_cookie_path [required] cookie path
  21.    *                        session_cookie_domain [required] cookie domain
  22.    *                        session_cookie_lifetime [required] liftime of cookie
  23.    *                        session_cookie_secure [required] send only if secure connection
  24.    *                        session_cookie_http_only [required] accessible only via http protocol
  25.    *
  26.    * @return bool true, when initialization completes successfully.
  27.    *
  28.    * @throws <b>sfInitializationException</b> If an error occurs while initializing this Storage.
  29.    */
  30.   public function initialize($options = array())
  31.   {
  32.     // initialize parent
  33.     parent::initialize(array_merge(array('session_name' => 'sfproject',
  34.                                          'session_cookie_lifetime' => '+30 days',
  35.                                          'session_cookie_path' => '/',
  36.                                          'session_cookie_domain' => null,
  37.                                          'session_cookie_secure' => false,
  38.                                          'session_cookie_http_only' => true,
  39.                                          'session_cookie_secret' => 'sf$ecret'), $options));
  41.     // create cache instance
  42.     if (isset($this->options['cache']) && $this->options['cache']['class'])
  43.     {
  44.       $this->cache = new $this->options['cache']['class'](is_array($this->options['cache']['param']) ? $this->options['cache']['param'] : array());
  45.     }
  46.     else
  47.     {
  48.       throw new InvalidArgumentException('sfCacheSessionStorage requires cache option.');
  49.     }
  51.     $this->context     = sfContext::getInstance();
  53.     $this->dispatcher  = $this->context->getEventDispatcher();
  54.     $this->request     = $this->context->getRequest();
  55.     $this->response    = $this->context->getResponse();
  57.     $cookie = $this->request->getCookie($this->options['session_name']);
  59.     if(strpos($cookie, ':') !== false)
  60.     {
  61.       // split cookie data id:signature(id+secret)
  62.       list($id, $signature) = explode(':', $cookie, 2);
  64.       if($signature == sha1($id.':'.$this->options['session_cookie_secret']))
  65.       {
  66.         // cookie is valid
  67.         $this->id = $id;
  68.       }
  69.       else
  70.       {
  71.         // cookie signature broken
  72.         $this->id = null;
  73.       }
  74.     }
  75.     else
  76.     {
  77.       // cookie format wrong
  78.       $this->id = null;
  79.     }
  81.     if(empty($this->id))
  82.     {
  83.        $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'localhost';
  84.        $ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'ua';
  86.        // generate new id based on random # / ip / user agent / secret
  87.        $this->id = md5(rand(0, 999999).$ip.$ua.$this->options['session_cookie_secret']);
  89.        if(sfConfig::get('sf_logging_enabled'))
  90.        {
  91.          $this->dispatcher->notify(new sfEvent($this, 'application.log', array('New session created')));
  92.        }
  94.        // only send cookie when id is issued
  95.        $this->response->setCookie($this->options['session_name'],
  96.                                   $this->id.':'.sha1($this->id.':'.$this->options['session_cookie_secret']),
  97.                                   $this->options['session_cookie_lifetime'],
  98.                                   $this->options['session_cookie_path'],
  99.                                   $this->options['session_cookie_domain'],
  100.                                   $this->options['session_cookie_secure'],
  101.                                   $this->options['session_cookie_http_only']);
  103.        $this->data = array();
  104.     }
  105.     else
  106.     {
  107.       // load data from cache
  108.       $this->data = $this->cache->get($this->id, array());
  110.       if(sfConfig::get('sf_logging_enabled'))
  111.       {
  112.         $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Restored previous session')));
  113.       }
  114.     }
  115.     session_id($this->id);
  116.     return true;
  117.   }
  119.   /**
  120.    * Write data to this storage.
  121.    *
  122.    * The preferred format for a key is directory style so naming conflicts can be avoided.
  123.    *
  124.    * @param string $key  A unique key identifying your data.
  125.    * @param mixed  $data Data associated with your key.
  126.    *
  127.    * @return void
  128.    */
  129.   public function write($key, $data)
  130.   {
  131.     $this->dataChanged = true;
  133.     $this->data[$key] =& $data;
  134.   }
  136.   /**
  137.    * Read data from this storage.
  138.    *
  139.    * The preferred format for a key is directory style so naming conflicts can be avoided.
  140.    *
  141.    * @param string $key A unique key identifying your data.
  142.    *
  143.    * @return mixed Data associated with the key.
  144.    */
  145.   public function read($key)
  146.   {
  147.     $retval = null;
  149.     if (isset($this->data[$key]))
  150.     {
  151.       $retval =& $this->data[$key];
  152.     }
  154.     return $retval;
  155.   }
  157.   /**
  158.    * Remove data from this storage.
  159.    *
  160.    * The preferred format for a key is directory style so naming conflicts can be avoided.
  161.    *
  162.    * @param string $key A unique key identifying your data.
  163.    *
  164.    * @return mixed Data associated with the key.
  165.    */
  166.   public function remove($key)
  167.   {
  168.     $retval = null;
  170.     if (isset($this->data[$key]))
  171.     {
  172.       $this->dataChanged = true;
  174.       $retval =& $this->data[$key];
  175.       unset($this->data[$key]);
  176.     }
  178.     return $retval;
  179.   }
  181.   /**
  182.    * Regenerates id that represents this storage.
  183.    *
  184.    * @param boolean $destroy Destroy session when regenerating?
  185.    *
  186.    * @return boolean True if session regenerated, false if error
  187.    *
  188.    * @throws <b>sfStorageException</b> If an error occurs while regenerating this storage
  189.    */
  190.   public function regenerate($destroy = false)
  191.   {
  192.     if($destroy)
  193.     {
  194.       $this->data = array();
  195.       $this->cache->remove($this->id);
  196.     }
  198.     // generate session id
  199.     $this->id = md5(rand(0, 999999).$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].$this->options['session_cookie_secret']);
  201.     // save data to cache
  202.     $this->cache->set($this->id, $this->data);
  204.     // update session id in signed cookie
  205.     $this->response->setCookie($this->options['session_name'],
  206.                                $this->id.':'.sha1($this->id.':'.$this->options['session_cookie_secret']),
  207.                                $this->options['session_cookie_lifetime'],
  208.                                $this->options['session_cookie_path'],
  209.                                $this->options['session_cookie_domain'],
  210.                                $this->options['session_cookie_secure'],
  211.                                $this->options['session_cookie_http_only']);
  212.     session_id($this->id);
  213.     return true;
  214.   }
  216.   /**
  217.    * Expires the session storage instance.
  218.    */
  219.   public function expire()
  220.   {
  221.     // destroy data and regenerate id
  222.     $this->regenerate(true);
  224.     if(sfConfig::get('sf_logging_enabled'))
  225.     {
  226.       $this->dispatcher->notify(new sfEvent($this, 'application.log', array('new session created due to expiraton')));
  227.     }
  228.   }
  230.   /**
  231.    * Executes the shutdown procedure.
  232.    *
  233.    * @throws <b>sfStorageException</b> If an error occurs while shutting down this storage
  234.    */
  235.   public function shutdown()
  236.   {
  237.     // only update cache if session has changed
  238.     if($this->dataChanged === true)
  239.     {
  240.       $this->cache->set($this->id, $this->data);
  241.       if(sfConfig::get('sf_logging_enabled'))
  242.       {
  243.         $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Storing session to cache')));
  244.         // $this->dispatcher->notify(new sfEvent($this, 'application.log', array(var_export($this->data, true))));
  245.       }
  246.     }
  247.   }
  248. }
Debug toolbar