Просмотр файла news/libraries/db/mongo/session.php

Конкурс дизайнеров на 15000 рублей
Свежие Креативы и море позитива !!!
Размер файла: 3.62Kb 
  1. <?php
  2.  
  3. /*
  4. 	Copyright (c) 2009-2014 F3::Factory/Bong Cosca, All rights reserved.
  5.  
  6. 	This file is part of the Fat-Free Framework (http://fatfree.sf.net).
  7.  
  8. 	THE SOFTWARE AND DOCUMENTATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF
  9. 	ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
  10. 	IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR
  11. 	PURPOSE.
  12.  
  13. 	Please see the license.txt file for more information.
  14. */
  15.  
  16. namespace DB\Mongo;
  17.  
  18. //! MongoDB-managed session handler
  19. class Session extends Mapper {
  20.  
  21. 	protected
  22. 		//! Session ID
  23. 		$sid;
  24.  
  25. 	/**
  26. 	*	Open session
  27. 	*	@return TRUE
  28. 	*	@param $path string
  29. 	*	@param $name string
  30. 	**/
  31. 	function open($path,$name) {
  32. 		return TRUE;
  33. 	}
  34.  
  35. 	/**
  36. 	*	Close session
  37. 	*	@return TRUE
  38. 	**/
  39. 	function close() {
  40. 		return TRUE;
  41. 	}
  42.  
  43. 	/**
  44. 	*	Return session data in serialized format
  45. 	*	@return string|FALSE
  46. 	*	@param $id string
  47. 	**/
  48. 	function read($id) {
  49. 		if ($id!=$this->sid)
  50. 			$this->load(array('session_id'=>$this->sid=$id));
  51. 		return $this->dry()?FALSE:$this->get('data');
  52. 	}
  53.  
  54. 	/**
  55. 	*	Write session data
  56. 	*	@return TRUE
  57. 	*	@param $id string
  58. 	*	@param $data string
  59. 	**/
  60. 	function write($id,$data) {
  61. 		$fw=\Base::instance();
  62. 		$sent=headers_sent();
  63. 		$headers=$fw->get('HEADERS');
  64. 		if ($id!=$this->sid)
  65. 			$this->load(array('session_id'=>$this->sid=$id));
  66. 		$csrf=$fw->hash($fw->get('ROOT').$fw->get('BASE')).'.'.
  67. 			$fw->hash(mt_rand());
  68. 		$this->set('session_id',$id);
  69. 		$this->set('data',$data);
  70. 		$this->set('csrf',$sent?$this->csrf():$csrf);
  71. 		$this->set('ip',$fw->get('IP'));
  72. 		$this->set('agent',
  73. 			isset($headers['User-Agent'])?$headers['User-Agent']:'');
  74. 		$this->set('stamp',time());
  75. 		$this->save();
  76. 		if (!$sent) {
  77. 			if (isset($_COOKIE['_']))
  78. 				setcookie('_','',strtotime('-1 year'));
  79. 			call_user_func_array('setcookie',
  80. 				array('_',$csrf)+$fw->get('JAR'));
  81. 		}
  82. 		return TRUE;
  83. 	}
  84.  
  85. 	/**
  86. 	*	Destroy session
  87. 	*	@return TRUE
  88. 	*	@param $id string
  89. 	**/
  90. 	function destroy($id) {
  91. 		$this->erase(array('session_id'=>$id));
  92. 		setcookie(session_name(),'',strtotime('-1 year'));
  93. 		unset($_COOKIE[session_name()]);
  94. 		header_remove('Set-Cookie');
  95. 		return TRUE;
  96. 	}
  97.  
  98. 	/**
  99. 	*	Garbage collector
  100. 	*	@return TRUE
  101. 	*	@param $max int
  102. 	**/
  103. 	function cleanup($max) {
  104. 		$this->erase(array('$where'=>'this.stamp+'.$max.'<'.time()));
  105. 		return TRUE;
  106. 	}
  107.  
  108. 	/**
  109. 	*	Return anti-CSRF token
  110. 	*	@return string|FALSE
  111. 	**/
  112. 	function csrf() {
  113. 		return $this->dry()?FALSE:$this->get('csrf');
  114. 	}
  115.  
  116. 	/**
  117. 	*	Return IP address
  118. 	*	@return string|FALSE
  119. 	**/
  120. 	function ip() {
  121. 		return $this->dry()?FALSE:$this->get('ip');
  122. 	}
  123.  
  124. 	/**
  125. 	*	Return Unix timestamp
  126. 	*	@return string|FALSE
  127. 	**/
  128. 	function stamp() {
  129. 		return $this->dry()?FALSE:$this->get('stamp');
  130. 	}
  131.  
  132. 	/**
  133. 	*	Return HTTP user agent
  134. 	*	@return string|FALSE
  135. 	**/
  136. 	function agent() {
  137. 		return $this->dry()?FALSE:$this->get('agent');
  138. 	}
  139.  
  140. 	/**
  141. 	*	Instantiate class
  142. 	*	@param $db object
  143. 	*	@param $table string
  144. 	**/
  145. 	function __construct(\DB\Mongo $db,$table='sessions') {
  146. 		parent::__construct($db,$table);
  147. 		session_set_save_handler(
  148. 			array($this,'open'),
  149. 			array($this,'close'),
  150. 			array($this,'read'),
  151. 			array($this,'write'),
  152. 			array($this,'destroy'),
  153. 			array($this,'cleanup')
  154. 		);
  155. 		register_shutdown_function('session_commit');
  156. 		@session_start();
  157. 		$fw=\Base::instance();
  158. 		$headers=$fw->get('HEADERS');
  159. 		if (($ip=$this->ip()) && $ip!=$fw->get('IP') ||
  160. 			($agent=$this->agent()) &&
  161. 			(!isset($headers['User-Agent']) ||
  162. 				$agent!=$headers['User-Agent'])) {
  163. 			session_destroy();
  164. 			$fw->error(403);
  165. 		}
  166. 		$csrf=$fw->hash($fw->get('ROOT').$fw->get('BASE')).'.'.
  167. 			$fw->hash(mt_rand());
  168. 		if ($this->load(array('session_id'=>$this->sid=session_id()))) {
  169. 			$this->set('csrf',$csrf);
  170. 			$this->save();
  171. 		}
  172. 	}
  173.  
  174. }