Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

classes/Elgg/Http/DatabaseSessionHandler.php (1 issue)

1
<?php
2
namespace Elgg\Http;
3
4
/**
5
 * Database session handler
6
 *
7
 * @access private
8
 *
9
 * @package    Elgg.Core
10
 * @subpackage Http
11
 */
12
class DatabaseSessionHandler implements \SessionHandlerInterface {
13
14
	/** @var \Elgg\Database $db */
15
	protected $db;
16
17
	/**
18
	 * Constructor
19
	 *
20
	 * @param \Elgg\Database $db The database
21
	 */
22
	public function __construct(\Elgg\Database $db) {
23
		$this->db = $db;
24
	}
25
26
	/**
27
	 * {@inheritDoc}
28
	 */
29
	public function open($save_path, $name) {
30
		return true;
31
	}
32
33
	/**
34
	 * {@inheritDoc}
35
	 */
36
	public function read($session_id) {
37
		
38
		$id = sanitize_string($session_id);
39
		$query = "SELECT * FROM {$this->db->prefix}users_sessions WHERE session='$id'";
40
		$result = $this->db->getDataRow($query);
41
		if ($result) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $result of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
42
			return (string) $result->data;
43
		} else {
44
			return '';
45
		}
46
	}
47
48
	/**
49
	 * {@inheritDoc}
50
	 */
51
	public function write($session_id, $session_data) {
52
		$id = sanitize_string($session_id);
53
		$time = time();
54
		$sess_data_sanitised = sanitize_string($session_data);
55
56
		$query = "INSERT INTO {$this->db->prefix}users_sessions
57
			(session, ts, data) VALUES
58
			('$id', '$time', '$sess_data_sanitised')
59
			ON DUPLICATE KEY UPDATE ts = '$time', data = '$sess_data_sanitised'";
60
61
		if ($this->db->insertData($query) !== false) {
62
			return true;
63
		} else {
64
			return false;
65
		}
66
	}
67
68
	/**
69
	 * {@inheritDoc}
70
	 */
71
	public function close() {
72
		return true;
73
	}
74
75
	/**
76
	 * {@inheritDoc}
77
	 */
78
	public function destroy($session_id) {
79
		
80
		$id = sanitize_string($session_id);
81
		$query = "DELETE FROM {$this->db->prefix}users_sessions WHERE session='$id'";
82
		return (bool) $this->db->deleteData($query);
83
	}
84
85
	/**
86
	 * {@inheritDoc}
87
	 */
88
	public function gc($max_lifetime) {
89
		
90
		$life = time() - $max_lifetime;
91
		$query = "DELETE FROM {$this->db->prefix}users_sessions WHERE ts < '$life'";
92
		return (bool) $this->db->deleteData($query);
93
	}
94
}
95