| 1 |  |  | <?php | 
            
                                                                                                            
                            
            
                                    
            
            
                | 2 |  |  | /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 3 |  |  |  * @package midcom.services | 
            
                                                                                                            
                            
            
                                    
            
            
                | 4 |  |  |  * @author The Midgard Project, http://www.midgard-project.org | 
            
                                                                                                            
                            
            
                                    
            
            
                | 5 |  |  |  * @copyright The Midgard Project, http://www.midgard-project.org | 
            
                                                                                                            
                            
            
                                    
            
            
                | 6 |  |  |  * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public License | 
            
                                                                                                            
                            
            
                                    
            
            
                | 7 |  |  |  */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 8 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 9 |  |  | use Symfony\Component\HttpFoundation\Session\Session; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 10 |  |  | use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 11 |  |  | use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 12 |  |  | use Symfony\Component\HttpFoundation\RequestStack; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 13 |  |  | use Symfony\Component\HttpFoundation\Request; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 14 |  |  | use Symfony\Component\HttpKernel\Event\RequestEvent; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 15 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 16 |  |  | /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 17 |  |  |  * Base singleton class of the MidCOM sessioning service. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 18 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 19 |  |  |  * This is a singleton class, that is accessible through the MidCOM Service | 
            
                                                                                                            
                            
            
                                    
            
            
                | 20 |  |  |  * infrastructure. It manages session data of MidCOM driven applications. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 21 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 22 |  |  |  * This class provides a generic interface to store keyed session values in the | 
            
                                                                                                            
                            
            
                                    
            
            
                | 23 |  |  |  * domain of the corresponding component. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 24 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 25 |  |  |  * All requests involving this service will always be flagged as no_cache. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 26 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 27 |  |  |  * If you store class instances within a session, which is perfectly safe in | 
            
                                                                                                            
                            
            
                                    
            
            
                | 28 |  |  |  * general, there are known problems due to the fact, that a class declaration | 
            
                                                                                                            
                            
            
                                    
            
            
                | 29 |  |  |  * has to be available before it can be deserialized. As PHP sessioning does this | 
            
                                                                                                            
                            
            
                                    
            
            
                | 30 |  |  |  * deserialization automatically, this might fail with MidCOM, where the sequence | 
            
                                                                                                            
                            
            
                                    
            
            
                | 31 |  |  |  * in which the code gets loaded and the sessioning gets started up is actually | 
            
                                                                                                            
                            
            
                                    
            
            
                | 32 |  |  |  * undefined. To get around this problems, the sessioning system stores not the | 
            
                                                                                                            
                            
            
                                    
            
            
                | 33 |  |  |  * actual data in the sessioning array, but a serialized string of the data, which | 
            
                                                                                                            
                            
            
                                    
            
            
                | 34 |  |  |  * can always be deserialized on PHP sessioning startup (its a string after all). | 
            
                                                                                                            
                            
            
                                    
            
            
                | 35 |  |  |  * This has an important implication though: The sessioning system always stores | 
            
                                                                                                            
                            
            
                                    
            
            
                | 36 |  |  |  * copies of the data, not references. So if you put something in to the session | 
            
                                                                                                            
                            
            
                                    
            
            
                | 37 |  |  |  * store and modify it afterwards, this change will not be reflected in the | 
            
                                                                                                            
                            
            
                                    
            
            
                | 38 |  |  |  * sessioning store. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 39 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 40 |  |  |  * <b>Important:</b> | 
            
                                                                                                            
                            
            
                                    
            
            
                | 41 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 42 |  |  |  * Do <b>never</b> create an instance of this class directly. This is handled | 
            
                                                                                                            
                            
            
                                    
            
            
                | 43 |  |  |  * by the framework. Instead use midcom_service_session which ensures the | 
            
                                                                                                            
                            
            
                                    
            
            
                | 44 |  |  |  * singleton pattern. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 45 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 46 |  |  |  * Do <b>never</b> work directly with the $_SESSION["midcom_session_data"] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 47 |  |  |  * variable, this is a 100% must-not, as this will break functionality. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 48 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 49 |  |  |  * @package midcom.services | 
            
                                                                                                            
                            
            
                                    
            
            
                | 50 |  |  |  * @see midcom_services_session | 
            
                                                                                                            
                            
            
                                    
            
            
                | 51 |  |  |  */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 52 |  |  | class midcom_services__sessioning extends Session | 
            
                                                                                                            
                            
            
                                    
            
            
                | 53 |  |  | { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 54 | 1 |  |     public function __construct(RequestStack $stack, bool $cookie_secure) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 55 |  |  |     { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 56 | 1 |  |         $storage = $this->prepare_storage($stack->getCurrentRequest(), $cookie_secure); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 57 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 58 | 1 |  |         parent::__construct($storage, new AttributeBag('midcom_session_data')); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 59 |  |  |     } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 60 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 61 |  |  |     protected function prepare_storage(?Request $request, bool $cookie_secure) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 62 |  |  |     { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 63 |  |  |         return new NativeSessionStorage([ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 64 |  |  |             'cookie_path' => midcom_connection::get_url('prefix') ?: '/', | 
            
                                                                                                            
                            
            
                                    
            
            
                | 65 |  |  |             'cookie_secure' => $cookie_secure && $request && $request->isSecure(), | 
            
                                                                                                            
                            
            
                                    
            
            
                | 66 |  |  |             'cookie_httponly' => true | 
            
                                                                                                            
                            
            
                                    
            
            
                | 67 |  |  |         ]); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 68 |  |  |     } | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 69 |  |  |  | 
            
                                                                        
                            
            
                                    
            
            
                | 70 | 350 |  |     public function on_request(RequestEvent $event) | 
            
                                                                        
                            
            
                                    
            
            
                | 71 |  |  |     { | 
            
                                                                        
                            
            
                                    
            
            
                | 72 | 350 |  |         if ($event->isMainRequest()) { | 
            
                                                                        
                            
            
                                    
            
            
                | 73 |  |  |             $event->getRequest()->setSession($this); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 74 |  |  |         } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 75 |  |  |     } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 76 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 77 |  |  |     /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 78 |  |  |      * {@inheritdoc} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 79 |  |  |      */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 80 | 94 |  |     public function get(string $key, $default = null) : mixed | 
            
                                                                                                            
                            
            
                                    
            
            
                | 81 |  |  |     { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 82 | 94 |  |         if ($this->has($key)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 83 | 67 |  |             midcom::get()->cache->content->no_cache(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 84 |  |  |         } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 85 | 94 |  |         return parent::get($key, $default); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 86 |  |  |     } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 87 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 88 |  |  |     /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 89 |  |  |      * {@inheritdoc} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 90 |  |  |      */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 91 | 68 |  |     public function set(string $key, mixed $value) : void | 
            
                                                                                                            
                            
            
                                    
            
            
                | 92 |  |  |     { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 93 | 68 |  |         midcom::get()->cache->content->no_cache(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 94 | 68 |  |         parent::set($key, $value); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 95 |  |  |     } | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 96 |  |  | } | 
            
                                                        
            
                                    
            
            
                | 97 |  |  |  |