nextcloud /
server
@@ -46,178 +46,178 @@ |
||
| 46 | 46 | * @package OC\Session |
| 47 | 47 | */ |
| 48 | 48 | class Internal extends Session { |
| 49 | - /** |
|
| 50 | - * @param string $name |
|
| 51 | - * @throws \Exception |
|
| 52 | - */ |
|
| 53 | - public function __construct(string $name) { |
|
| 54 | - set_error_handler([$this, 'trapError']); |
|
| 55 | - $this->invoke('session_name', [$name]); |
|
| 56 | - try { |
|
| 57 | - $this->startSession(); |
|
| 58 | - } catch (\Exception $e) { |
|
| 59 | - setcookie($this->invoke('session_name'), '', -1, \OC::$WEBROOT ?: '/'); |
|
| 60 | - } |
|
| 61 | - restore_error_handler(); |
|
| 62 | - if (!isset($_SESSION)) { |
|
| 63 | - throw new \Exception('Failed to start session'); |
|
| 64 | - } |
|
| 65 | - } |
|
| 66 | - |
|
| 67 | - /** |
|
| 68 | - * @param string $key |
|
| 69 | - * @param integer $value |
|
| 70 | - */ |
|
| 71 | - public function set(string $key, $value) { |
|
| 72 | - $this->validateSession(); |
|
| 73 | - $_SESSION[$key] = $value; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * @param string $key |
|
| 78 | - * @return mixed |
|
| 79 | - */ |
|
| 80 | - public function get(string $key) { |
|
| 81 | - if (!$this->exists($key)) { |
|
| 82 | - return null; |
|
| 83 | - } |
|
| 84 | - return $_SESSION[$key]; |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * @param string $key |
|
| 89 | - * @return bool |
|
| 90 | - */ |
|
| 91 | - public function exists(string $key): bool { |
|
| 92 | - return isset($_SESSION[$key]); |
|
| 93 | - } |
|
| 94 | - |
|
| 95 | - /** |
|
| 96 | - * @param string $key |
|
| 97 | - */ |
|
| 98 | - public function remove(string $key) { |
|
| 99 | - if (isset($_SESSION[$key])) { |
|
| 100 | - unset($_SESSION[$key]); |
|
| 101 | - } |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - public function clear() { |
|
| 105 | - $this->invoke('session_unset'); |
|
| 106 | - $this->regenerateId(); |
|
| 107 | - $this->startSession(true); |
|
| 108 | - $_SESSION = []; |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - public function close() { |
|
| 112 | - $this->invoke('session_write_close'); |
|
| 113 | - parent::close(); |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - /** |
|
| 117 | - * Wrapper around session_regenerate_id |
|
| 118 | - * |
|
| 119 | - * @param bool $deleteOldSession Whether to delete the old associated session file or not. |
|
| 120 | - * @param bool $updateToken Wheater to update the associated auth token |
|
| 121 | - * @return void |
|
| 122 | - */ |
|
| 123 | - public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) { |
|
| 124 | - $oldId = null; |
|
| 125 | - |
|
| 126 | - if ($updateToken) { |
|
| 127 | - // Get the old id to update the token |
|
| 128 | - try { |
|
| 129 | - $oldId = $this->getId(); |
|
| 130 | - } catch (SessionNotAvailableException $e) { |
|
| 131 | - // We can't update a token if there is no previous id |
|
| 132 | - $updateToken = false; |
|
| 133 | - } |
|
| 134 | - } |
|
| 135 | - |
|
| 136 | - try { |
|
| 137 | - @session_regenerate_id($deleteOldSession); |
|
| 138 | - } catch (\Error $e) { |
|
| 139 | - $this->trapError($e->getCode(), $e->getMessage()); |
|
| 140 | - } |
|
| 141 | - |
|
| 142 | - if ($updateToken) { |
|
| 143 | - // Get the new id to update the token |
|
| 144 | - $newId = $this->getId(); |
|
| 145 | - |
|
| 146 | - /** @var IProvider $tokenProvider */ |
|
| 147 | - $tokenProvider = \OC::$server->query(IProvider::class); |
|
| 148 | - |
|
| 149 | - try { |
|
| 150 | - $tokenProvider->renewSessionToken($oldId, $newId); |
|
| 151 | - } catch (InvalidTokenException $e) { |
|
| 152 | - // Just ignore |
|
| 153 | - } |
|
| 154 | - } |
|
| 155 | - } |
|
| 156 | - |
|
| 157 | - /** |
|
| 158 | - * Wrapper around session_id |
|
| 159 | - * |
|
| 160 | - * @return string |
|
| 161 | - * @throws SessionNotAvailableException |
|
| 162 | - * @since 9.1.0 |
|
| 163 | - */ |
|
| 164 | - public function getId(): string { |
|
| 165 | - $id = $this->invoke('session_id', [], true); |
|
| 166 | - if ($id === '') { |
|
| 167 | - throw new SessionNotAvailableException(); |
|
| 168 | - } |
|
| 169 | - return $id; |
|
| 170 | - } |
|
| 171 | - |
|
| 172 | - /** |
|
| 173 | - * @throws \Exception |
|
| 174 | - */ |
|
| 175 | - public function reopen() { |
|
| 176 | - throw new \Exception('The session cannot be reopened - reopen() is ony to be used in unit testing.'); |
|
| 177 | - } |
|
| 178 | - |
|
| 179 | - /** |
|
| 180 | - * @param int $errorNumber |
|
| 181 | - * @param string $errorString |
|
| 182 | - * @throws \ErrorException |
|
| 183 | - */ |
|
| 184 | - public function trapError(int $errorNumber, string $errorString) { |
|
| 185 | - throw new \ErrorException($errorString); |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * @throws \Exception |
|
| 190 | - */ |
|
| 191 | - private function validateSession() { |
|
| 192 | - if ($this->sessionClosed) { |
|
| 193 | - throw new SessionNotAvailableException('Session has been closed - no further changes to the session are allowed'); |
|
| 194 | - } |
|
| 195 | - } |
|
| 196 | - |
|
| 197 | - /** |
|
| 198 | - * @param string $functionName the full session_* function name |
|
| 199 | - * @param array $parameters |
|
| 200 | - * @param bool $silence whether to suppress warnings |
|
| 201 | - * @throws \ErrorException via trapError |
|
| 202 | - * @return mixed |
|
| 203 | - */ |
|
| 204 | - private function invoke(string $functionName, array $parameters = [], bool $silence = false) { |
|
| 205 | - try { |
|
| 206 | - if ($silence) { |
|
| 207 | - return @call_user_func_array($functionName, $parameters); |
|
| 208 | - } else { |
|
| 209 | - return call_user_func_array($functionName, $parameters); |
|
| 210 | - } |
|
| 211 | - } catch (\Error $e) { |
|
| 212 | - $this->trapError($e->getCode(), $e->getMessage()); |
|
| 213 | - } |
|
| 214 | - } |
|
| 215 | - |
|
| 216 | - private function startSession(bool $silence = false) { |
|
| 217 | - if (PHP_VERSION_ID < 70300) { |
|
| 218 | - $this->invoke('session_start', [], $silence); |
|
| 219 | - } else { |
|
| 220 | - $this->invoke('session_start', [['cookie_samesite' => 'Lax']], $silence); |
|
| 221 | - } |
|
| 222 | - } |
|
| 49 | + /** |
|
| 50 | + * @param string $name |
|
| 51 | + * @throws \Exception |
|
| 52 | + */ |
|
| 53 | + public function __construct(string $name) { |
|
| 54 | + set_error_handler([$this, 'trapError']); |
|
| 55 | + $this->invoke('session_name', [$name]); |
|
| 56 | + try { |
|
| 57 | + $this->startSession(); |
|
| 58 | + } catch (\Exception $e) { |
|
| 59 | + setcookie($this->invoke('session_name'), '', -1, \OC::$WEBROOT ?: '/'); |
|
| 60 | + } |
|
| 61 | + restore_error_handler(); |
|
| 62 | + if (!isset($_SESSION)) { |
|
| 63 | + throw new \Exception('Failed to start session'); |
|
| 64 | + } |
|
| 65 | + } |
|
| 66 | + |
|
| 67 | + /** |
|
| 68 | + * @param string $key |
|
| 69 | + * @param integer $value |
|
| 70 | + */ |
|
| 71 | + public function set(string $key, $value) { |
|
| 72 | + $this->validateSession(); |
|
| 73 | + $_SESSION[$key] = $value; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * @param string $key |
|
| 78 | + * @return mixed |
|
| 79 | + */ |
|
| 80 | + public function get(string $key) { |
|
| 81 | + if (!$this->exists($key)) { |
|
| 82 | + return null; |
|
| 83 | + } |
|
| 84 | + return $_SESSION[$key]; |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * @param string $key |
|
| 89 | + * @return bool |
|
| 90 | + */ |
|
| 91 | + public function exists(string $key): bool { |
|
| 92 | + return isset($_SESSION[$key]); |
|
| 93 | + } |
|
| 94 | + |
|
| 95 | + /** |
|
| 96 | + * @param string $key |
|
| 97 | + */ |
|
| 98 | + public function remove(string $key) { |
|
| 99 | + if (isset($_SESSION[$key])) { |
|
| 100 | + unset($_SESSION[$key]); |
|
| 101 | + } |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + public function clear() { |
|
| 105 | + $this->invoke('session_unset'); |
|
| 106 | + $this->regenerateId(); |
|
| 107 | + $this->startSession(true); |
|
| 108 | + $_SESSION = []; |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + public function close() { |
|
| 112 | + $this->invoke('session_write_close'); |
|
| 113 | + parent::close(); |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + /** |
|
| 117 | + * Wrapper around session_regenerate_id |
|
| 118 | + * |
|
| 119 | + * @param bool $deleteOldSession Whether to delete the old associated session file or not. |
|
| 120 | + * @param bool $updateToken Wheater to update the associated auth token |
|
| 121 | + * @return void |
|
| 122 | + */ |
|
| 123 | + public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) { |
|
| 124 | + $oldId = null; |
|
| 125 | + |
|
| 126 | + if ($updateToken) { |
|
| 127 | + // Get the old id to update the token |
|
| 128 | + try { |
|
| 129 | + $oldId = $this->getId(); |
|
| 130 | + } catch (SessionNotAvailableException $e) { |
|
| 131 | + // We can't update a token if there is no previous id |
|
| 132 | + $updateToken = false; |
|
| 133 | + } |
|
| 134 | + } |
|
| 135 | + |
|
| 136 | + try { |
|
| 137 | + @session_regenerate_id($deleteOldSession); |
|
| 138 | + } catch (\Error $e) { |
|
| 139 | + $this->trapError($e->getCode(), $e->getMessage()); |
|
| 140 | + } |
|
| 141 | + |
|
| 142 | + if ($updateToken) { |
|
| 143 | + // Get the new id to update the token |
|
| 144 | + $newId = $this->getId(); |
|
| 145 | + |
|
| 146 | + /** @var IProvider $tokenProvider */ |
|
| 147 | + $tokenProvider = \OC::$server->query(IProvider::class); |
|
| 148 | + |
|
| 149 | + try { |
|
| 150 | + $tokenProvider->renewSessionToken($oldId, $newId); |
|
| 151 | + } catch (InvalidTokenException $e) { |
|
| 152 | + // Just ignore |
|
| 153 | + } |
|
| 154 | + } |
|
| 155 | + } |
|
| 156 | + |
|
| 157 | + /** |
|
| 158 | + * Wrapper around session_id |
|
| 159 | + * |
|
| 160 | + * @return string |
|
| 161 | + * @throws SessionNotAvailableException |
|
| 162 | + * @since 9.1.0 |
|
| 163 | + */ |
|
| 164 | + public function getId(): string { |
|
| 165 | + $id = $this->invoke('session_id', [], true); |
|
| 166 | + if ($id === '') { |
|
| 167 | + throw new SessionNotAvailableException(); |
|
| 168 | + } |
|
| 169 | + return $id; |
|
| 170 | + } |
|
| 171 | + |
|
| 172 | + /** |
|
| 173 | + * @throws \Exception |
|
| 174 | + */ |
|
| 175 | + public function reopen() { |
|
| 176 | + throw new \Exception('The session cannot be reopened - reopen() is ony to be used in unit testing.'); |
|
| 177 | + } |
|
| 178 | + |
|
| 179 | + /** |
|
| 180 | + * @param int $errorNumber |
|
| 181 | + * @param string $errorString |
|
| 182 | + * @throws \ErrorException |
|
| 183 | + */ |
|
| 184 | + public function trapError(int $errorNumber, string $errorString) { |
|
| 185 | + throw new \ErrorException($errorString); |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * @throws \Exception |
|
| 190 | + */ |
|
| 191 | + private function validateSession() { |
|
| 192 | + if ($this->sessionClosed) { |
|
| 193 | + throw new SessionNotAvailableException('Session has been closed - no further changes to the session are allowed'); |
|
| 194 | + } |
|
| 195 | + } |
|
| 196 | + |
|
| 197 | + /** |
|
| 198 | + * @param string $functionName the full session_* function name |
|
| 199 | + * @param array $parameters |
|
| 200 | + * @param bool $silence whether to suppress warnings |
|
| 201 | + * @throws \ErrorException via trapError |
|
| 202 | + * @return mixed |
|
| 203 | + */ |
|
| 204 | + private function invoke(string $functionName, array $parameters = [], bool $silence = false) { |
|
| 205 | + try { |
|
| 206 | + if ($silence) { |
|
| 207 | + return @call_user_func_array($functionName, $parameters); |
|
| 208 | + } else { |
|
| 209 | + return call_user_func_array($functionName, $parameters); |
|
| 210 | + } |
|
| 211 | + } catch (\Error $e) { |
|
| 212 | + $this->trapError($e->getCode(), $e->getMessage()); |
|
| 213 | + } |
|
| 214 | + } |
|
| 215 | + |
|
| 216 | + private function startSession(bool $silence = false) { |
|
| 217 | + if (PHP_VERSION_ID < 70300) { |
|
| 218 | + $this->invoke('session_start', [], $silence); |
|
| 219 | + } else { |
|
| 220 | + $this->invoke('session_start', [['cookie_samesite' => 'Lax']], $silence); |
|
| 221 | + } |
|
| 222 | + } |
|
| 223 | 223 | } |
