1 | <?php |
||||
2 | namespace Elgg\Http; |
||||
3 | |||||
4 | /** |
||||
5 | * Database session handler |
||||
6 | * |
||||
7 | * @access private |
||||
8 | * |
||||
9 | * @package Elgg.Core |
||||
10 | * @subpackage Http |
||||
11 | */ |
||||
12 | class DatabaseSessionHandler implements \SessionHandlerInterface { |
||||
13 | |||||
14 | /** @var \Elgg\Database $db */ |
||||
15 | protected $db; |
||||
16 | |||||
17 | /** |
||||
18 | * Constructor |
||||
19 | * |
||||
20 | * @param \Elgg\Database $db The database |
||||
21 | */ |
||||
22 | public function __construct(\Elgg\Database $db) { |
||||
23 | $this->db = $db; |
||||
24 | } |
||||
25 | |||||
26 | /** |
||||
27 | * {@inheritDoc} |
||||
28 | */ |
||||
29 | public function open($save_path, $name) { |
||||
30 | return true; |
||||
31 | } |
||||
32 | |||||
33 | /** |
||||
34 | * {@inheritDoc} |
||||
35 | */ |
||||
36 | public function read($session_id) { |
||||
37 | |||||
38 | $id = sanitize_string($session_id); |
||||
0 ignored issues
–
show
|
|||||
39 | $query = "SELECT * FROM {$this->db->prefix}users_sessions WHERE session='$id'"; |
||||
40 | $result = $this->db->getDataRow($query); |
||||
41 | if ($result) { |
||||
42 | return (string) $result->data; |
||||
43 | } else { |
||||
44 | return ''; |
||||
45 | } |
||||
46 | } |
||||
47 | |||||
48 | /** |
||||
49 | * {@inheritDoc} |
||||
50 | */ |
||||
51 | public function write($session_id, $session_data) { |
||||
52 | $id = sanitize_string($session_id); |
||||
0 ignored issues
–
show
The function
sanitize_string() has been deprecated: Use query parameters where possible
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This function has been deprecated. The supplier of the function has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.
Loading history...
|
|||||
53 | $time = time(); |
||||
54 | $sess_data_sanitised = sanitize_string($session_data); |
||||
0 ignored issues
–
show
The function
sanitize_string() has been deprecated: Use query parameters where possible
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This function has been deprecated. The supplier of the function has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.
Loading history...
|
|||||
55 | |||||
56 | $query = "INSERT INTO {$this->db->prefix}users_sessions |
||||
57 | (session, ts, data) VALUES |
||||
58 | ('$id', '$time', '$sess_data_sanitised') |
||||
59 | ON DUPLICATE KEY UPDATE ts = '$time', data = '$sess_data_sanitised'"; |
||||
60 | |||||
61 | if ($this->db->insertData($query) !== false) { |
||||
62 | return true; |
||||
63 | } else { |
||||
64 | return false; |
||||
65 | } |
||||
66 | } |
||||
67 | |||||
68 | /** |
||||
69 | * {@inheritDoc} |
||||
70 | */ |
||||
71 | public function close() { |
||||
72 | return true; |
||||
73 | } |
||||
74 | |||||
75 | /** |
||||
76 | * {@inheritDoc} |
||||
77 | */ |
||||
78 | public function destroy($session_id) { |
||||
79 | |||||
80 | $id = sanitize_string($session_id); |
||||
0 ignored issues
–
show
The function
sanitize_string() has been deprecated: Use query parameters where possible
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This function has been deprecated. The supplier of the function has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.
Loading history...
|
|||||
81 | $query = "DELETE FROM {$this->db->prefix}users_sessions WHERE session='$id'"; |
||||
82 | return (bool) $this->db->deleteData($query); |
||||
83 | } |
||||
84 | |||||
85 | /** |
||||
86 | * {@inheritDoc} |
||||
87 | */ |
||||
88 | public function gc($max_lifetime) { |
||||
89 | |||||
90 | $life = time() - $max_lifetime; |
||||
91 | $query = "DELETE FROM {$this->db->prefix}users_sessions WHERE ts < '$life'"; |
||||
92 | return (bool) $this->db->deleteData($query); |
||||
93 | } |
||||
94 | } |
||||
95 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.