implicit conversion of array to boolean.
1 | <?php |
||
2 | namespace Elgg\Http; |
||
3 | |||
4 | /** |
||
5 | * Database session handler |
||
6 | * |
||
7 | * @access private |
||
8 | * |
||
9 | * @package Elgg.Core |
||
10 | * @subpackage Http |
||
11 | */ |
||
12 | class DatabaseSessionHandler implements \SessionHandlerInterface { |
||
13 | |||
14 | /** @var \Elgg\Database $db */ |
||
15 | protected $db; |
||
16 | |||
17 | /** |
||
18 | * Constructor |
||
19 | * |
||
20 | * @param \Elgg\Database $db The database |
||
21 | */ |
||
22 | public function __construct(\Elgg\Database $db) { |
||
23 | $this->db = $db; |
||
24 | } |
||
25 | |||
26 | /** |
||
27 | * {@inheritDoc} |
||
28 | */ |
||
29 | public function open($save_path, $name) { |
||
30 | return true; |
||
31 | } |
||
32 | |||
33 | /** |
||
34 | * {@inheritDoc} |
||
35 | */ |
||
36 | public function read($session_id) { |
||
37 | |||
38 | $id = sanitize_string($session_id); |
||
39 | $query = "SELECT * FROM {$this->db->prefix}users_sessions WHERE session='$id'"; |
||
40 | $result = $this->db->getDataRow($query); |
||
41 | if ($result) { |
||
0 ignored issues
–
show
|
|||
42 | return (string) $result->data; |
||
43 | } else { |
||
44 | return ''; |
||
45 | } |
||
46 | } |
||
47 | |||
48 | /** |
||
49 | * {@inheritDoc} |
||
50 | */ |
||
51 | public function write($session_id, $session_data) { |
||
52 | $id = sanitize_string($session_id); |
||
53 | $time = time(); |
||
54 | $sess_data_sanitised = sanitize_string($session_data); |
||
55 | |||
56 | $query = "INSERT INTO {$this->db->prefix}users_sessions |
||
57 | (session, ts, data) VALUES |
||
58 | ('$id', '$time', '$sess_data_sanitised') |
||
59 | ON DUPLICATE KEY UPDATE ts = '$time', data = '$sess_data_sanitised'"; |
||
60 | |||
61 | if ($this->db->insertData($query) !== false) { |
||
62 | return true; |
||
63 | } else { |
||
64 | return false; |
||
65 | } |
||
66 | } |
||
67 | |||
68 | /** |
||
69 | * {@inheritDoc} |
||
70 | */ |
||
71 | public function close() { |
||
72 | return true; |
||
73 | } |
||
74 | |||
75 | /** |
||
76 | * {@inheritDoc} |
||
77 | */ |
||
78 | public function destroy($session_id) { |
||
79 | |||
80 | $id = sanitize_string($session_id); |
||
81 | $query = "DELETE FROM {$this->db->prefix}users_sessions WHERE session='$id'"; |
||
82 | return (bool) $this->db->deleteData($query); |
||
83 | } |
||
84 | |||
85 | /** |
||
86 | * {@inheritDoc} |
||
87 | */ |
||
88 | public function gc($max_lifetime) { |
||
89 | |||
90 | $life = time() - $max_lifetime; |
||
91 | $query = "DELETE FROM {$this->db->prefix}users_sessions WHERE ts < '$life'"; |
||
92 | return (bool) $this->db->deleteData($query); |
||
93 | } |
||
94 | } |
||
95 |
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)
or! empty(...)
instead.