Session::start() - Code Metrics - Inspection of "Allow application of HTTPMiddleware to Director" - silverstripe/silverstripe-framework - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#7057)

by Damian

created 2017-06-26 00:40 UTC

Session::start() D

↳ Parent: Session

Complexity

Conditions	15
Paths	409

Size

Total Lines	57
Code Lines	31

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	15
eloc	31
nc	409
nop	1
dl	0
loc	57
rs	4.7713
c	0
b	0
f	0

How to fix Long Method Complexity

<?php

namespace SilverStripe\Control;

use BadMethodCallException;
use SilverStripe\Core\Config\Configurable;

/**
 * Handles all manipulation of the session.
 *
 * The static methods are used to manipulate the currently active controller's session.
 * The instance methods are used to manipulate a particular session.  There can be more than one of these created.
 *
 * In order to support things like testing, the session is associated with a particular Controller.  In normal usage,
 * this is loaded from and saved to the regular PHP session, but for things like static-page-generation and
 * unit-testing, you can create multiple Controllers, each with their own session.
 *
 * The instance object is basically just a way of manipulating a set of nested maps, and isn't specific to session
 * data.
 *
 * <b>Saving Data</b>
 *
 * You can write a value to a users session from your PHP code using the static function {@link Session::set()}. You
 * can add this line in any function or file you wish to save the value.
 *
 * <code>
 *  Session::set('MyValue', 6);
 * </code>
 *
 * Saves the value of "6" to the MyValue session data. You can also save arrays or serialized objects in session (but
 * note there may be size restrictions as to how much you can save)
 *
 * <code>
 *  // save a variable
 *  $var = 1;
 *  Session::set('MyVar', $var);
 *
 *  // saves an array
 *  Session::set('MyArrayOfValues', array('1', '2', '3'));
 *
 *  // saves an object (you'll have to unserialize it back)
 *  $object = new Object();
 *
 *  Session::set('MyObject', serialize($object));
 * </code>
 *
 * <b>Accessing Data</b>
 *
 * Once you have saved a value to the Session you can access it by using the {@link Session::get()} function.
 * Like the {@link Session::set()} function you can use this anywhere in your PHP files.
 *
 * The values in the comments are the values stored from the previous example.
 *
 * <code>
 * public function bar() {
 *  $value = Session::get('MyValue'); // $value = 6
 *  $var   = Session::get('MyVar'); // $var = 1
 *  $array = Session::get('MyArrayOfValues'); // $array = array(1,2,3)
 *  $object = Session::get('MyObject', unserialize($object)); // $object = Object()
 * }
 * </code>
 *
 * You can also get all the values in the session at once. This is useful for debugging.
 *
 * <code>
 * Session::get_all(); // returns an array of all the session values.
 * </code>
 *
 * <b>Clearing Data</b>
 *
 * Once you have accessed a value from the Session it doesn't automatically wipe the value from the Session, you have
 * to specifically remove it. To clear a value you can either delete 1 session value by the name that you saved it
 *
 * <code>
 * Session::clear('MyValue'); // MyValue is no longer 6.
 * </code>
 *
 * Or you can clear every single value in the session at once. Note SilverStripe stores some of its own session data
 * including form and page comment information. None of this is vital but clear_all will clear everything.
 *
 * <code>
 *  Session::clear_all();
 * </code>
 *
 * @see Cookie
 * @todo This class is currently really basic and could do with a more well-thought-out implementation.
 */
class Session
{
    use Configurable;

    /**
     * Set session timeout in seconds.
     *
     * @var int
     * @config
     */
    private static $timeout = 0;

    /**
     * @config
     * @var array
     */
    private static $session_ips = array();

    /**
     * @config
     * @var string
     */
    private static $cookie_domain;

    /**
     * @config
     * @var string
     */
    private static $cookie_path;

    /**
     * @config
     * @var string
     */
    private static $session_store_path;

    /**
     * @config
     * @var boolean
     */
    private static $cookie_secure = false;

    /**
     * Session data.
     * Will be null if session has not been started
     *
     * @var array|null
     */
    protected $data = null;

    /**
     * @var array
     */
    protected $changedData = array();

    /**
     * Get user agent for this request
     *
     * @return string
     */
    protected function userAgent($request)
    {
        return $request->getHeader('User-Agent');
    }

    /**
     * Start PHP session, then create a new Session object with the given start data.
     *
     * @param array|null|Session $data Can be an array of data (such as $_SESSION) or another Session object to clone.
     * If null, this session is treated as unstarted.
     */
    public function __construct($data)
    {
        if ($data instanceof Session) {
            $data = $data->getAll();
        }

        $this->data = $data;
    }

    /**
     * Init this session instance before usage
     */
    public function init(HTTPRequest $request)
    {
        if (!$this->isStarted()) {
            $this->start($request);
        }

        // Funny business detected!
        if (isset($this->data['HTTP_USER_AGENT'])) {
            if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent($request)) {
                $this->clearAll();
                $this->destroy();
                $this->start($request);
            }
        }
    }

    /**
     * Destroy existing session and restart
     */
    public function restart(HTTPRequest $request)
    {
        $this->destroy();
        $this->init($request);
    }

    /**
     * Determine if this session has started
     *
     * @return bool
     */
    public function isStarted()
    {
        return isset($this->data);
    }

    /**
     * Begin session
     *
     * @param $request The request for which to start a session
     */
    public function start(HTTPRequest $request)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        if ($this->isStarted()) {
            throw new BadMethodCallException("Session has already started");
        }

        $path = $this->config()->get('cookie_path');
        if (!$path) {
            $path = Director::baseURL();
        }
        $domain = $this->config()->get('cookie_domain');
        $secure = Director::is_https($request) && $this->config()->get('cookie_secure');
        $session_path = $this->config()->get('session_store_path');
        $timeout = $this->config()->get('timeout');

        // Director::baseURL can return absolute domain names - this extracts the relevant parts
        // for the session otherwise we can get broken session cookies
        if (Director::is_absolute_url($path)) {
            $urlParts = parse_url($path);
            $path = $urlParts['path'];
            if (!$domain) {
                $domain = $urlParts['host'];
            }
        }

        if (!session_id() && !headers_sent()) {
            if ($domain) {
                session_set_cookie_params($timeout, $path, $domain, $secure, true);
            } else {
                session_set_cookie_params($timeout, $path, null, $secure, true);
            }

            // Allow storing the session in a non standard location
            if ($session_path) {
                session_save_path($session_path);
            }

            // If we want a secure cookie for HTTPS, use a seperate session name. This lets us have a
            // seperate (less secure) session for non-HTTPS requests
            if ($secure) {
                session_name('SECSESSID');
            }

            session_start();

            $this->data = isset($_SESSION) ? $_SESSION : array();
        } else {
            $this->data = [];
        }

        // Modify the timeout behaviour so it's the *inactive* time before the session expires.
        // By default it's the total session lifetime
        if ($timeout && !headers_sent()) {
            Cookie::set(session_name(), session_id(), $timeout/86400, $path, $domain ? $domain
                : null, $secure, true);
        }
    }

    /**
     * Destroy this session
     *
     * @param bool $removeCookie
     */
    public function destroy($removeCookie = true)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        if (session_id()) {
            if ($removeCookie) {
                $path = $this->config()->get('cookie_path') ?: Director::baseURL();
                $domain = $this->config()->get('cookie_domain');
                $secure = $this->config()->get('cookie_secure');
                Cookie::force_expiry(session_name(), $path, $domain, $secure, true);
            }
            session_destroy();
        }
        // Clean up the superglobal - session_destroy does not do it.
        // http://nz1.php.net/manual/en/function.session-destroy.php
        unset($_SESSION);
        $this->data = null;
    }

    /**
     * Set session value
     *
     * @param string $name
     * @param mixed $val
     * @return $this
     */
    public function set($name, $val)
    {
        if (!$this->isStarted()) {
            throw new BadMethodCallException("Session cannot be modified until it's started");
        }

        // Quicker execution path for "."-free names
        if (strpos($name, '.') === false) {
            $this->data[$name] = $val;
            $this->changedData[$name] = $val;
        } else {
            $names = explode('.', $name);

            // We still want to do this even if we have strict path checking for legacy code
            $var = &$this->data;
            $diffVar = &$this->changedData;

            // Iterate twice over the names - once to see if the value needs to be changed,
            // and secondly to get the changed data value. This is done to solve a problem
            // where iterating over the diff var would create empty arrays, and the value
            // would then not be set, inadvertently clearing session values.
            foreach ($names as $n) {
                $var = &$var[$n];
            }

            if ($var !== $val) {
                foreach ($names as $n) {
                    $diffVar = &$diffVar[$n];
                }

                $var = $val;
                $diffVar = $val;
            }
        }
        return $this;
    }

    /**
     * Merge value with array
     *
     * @param string $name
     * @param mixed $val
     */
    public function addToArray($name, $val)
    {
        if (!$this->isStarted()) {
            throw new BadMethodCallException("Session cannot be modified until it's started");
        }

        $names = explode('.', $name);

        // We still want to do this even if we have strict path checking for legacy code
        $var = &$this->data;
        $diffVar = &$this->changedData;

        foreach ($names as $n) {
            $var = &$var[$n];
            $diffVar = &$diffVar[$n];
        }

        $var[] = $val;
        $diffVar[sizeof($var)-1] = $val;
    }

    /**
     * Get session value
     *
     * @param string $name
     * @return mixed
     */
    public function get($name)
    {
        if (!$this->isStarted()) {
            throw new BadMethodCallException("Session cannot be accessed until it's started");
        }

        // Quicker execution path for "."-free names
        if (strpos($name, '.') === false) {
            if (isset($this->data[$name])) {
                return $this->data[$name];
            }
            return null;
        } else {
            $names = explode('.', $name);

            if (!isset($this->data)) {
                return null;
            }

            $var = $this->data;

            foreach ($names as $n) {
                if (!isset($var[$n])) {
                    return null;
                }
                $var = $var[$n];
            }

            return $var;
        }
    }

    /**
     * Clear session value
     *
     * @param string $name
     * @return $this
     */
    public function clear($name)
    {
        if (!$this->isStarted()) {
            throw new BadMethodCallException("Session cannot be modified until it's started");
        }

        $names = explode('.', $name);

        // We still want to do this even if we have strict path checking for legacy code
        $var = &$this->data;
        $diffVar = &$this->changedData;

        foreach ($names as $n) {
            // don't clear a record that doesn't exist
            if (!isset($var[$n])) {
                return $this;
            }
            $var = &$var[$n];
        }

        // only loop to find data within diffVar if var is proven to exist in the above loop
        foreach ($names as $n) {
            $diffVar = &$diffVar[$n];
        }

        if ($var !== null) {
            $var = null;
            $diffVar = null;
        }
        return $this;
    }

    /**
     * Clear all values
     */
    public function clearAll()
    {
        if (!$this->isStarted()) {
            throw new BadMethodCallException("Session cannot be modified until it's started");
        }

        if ($this->data && is_array($this->data)) {
            foreach (array_keys($this->data) as $key) {
                $this->clear($key);
            }
        }
    }

    /**
     * Get all values
     *
     * @return array|null
     */
    public function getAll()
    {
        return $this->data;
    }

    /**
     * Set user agent key
     */
    public function finalize(HTTPRequest $request)
    {
        $this->set('HTTP_USER_AGENT', $this->userAgent($request));
    }

    /**
     * Save data to session
     * Only save the changes, so that anyone manipulating $_SESSION directly doesn't get burned.
     */
    public function save(HTTPRequest $request)
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        if ($this->changedData) {

            $this->finalize($request);

            if (!$this->isStarted()) {
                $this->start($request);
            }

            $this->recursivelyApply($this->changedData, $_SESSION);
        }
    }

    /**
     * Recursively apply the changes represented in $data to $dest.
     * Used to update $_SESSION
     *
     * @param array $data
     * @param array $dest
     */
    protected function recursivelyApply($data, &$dest)
    {
        foreach ($data as $k => $v) {
            if (is_array($v)) {
                if (!isset($dest[$k]) || !is_array($dest[$k])) {
                    $dest[$k] = array();
                }
                $this->recursivelyApply($v, $dest[$k]);
            } else {
                $dest[$k] = $v;
            }
        }
    }

    /**
     * Return the changed data, for debugging purposes.
     *
     * @return array
     */
    public function changedData()
    {
        return $this->changedData;
    }
}


1			<?php
2
3			namespace SilverStripe\Control;
4
5			use BadMethodCallException;
6			use SilverStripe\Core\Config\Configurable;
7
8			/**
9			* Handles all manipulation of the session.
10			*
11			* The static methods are used to manipulate the currently active controller's session.
12			* The instance methods are used to manipulate a particular session. There can be more than one of these created.
13			*
14			* In order to support things like testing, the session is associated with a particular Controller. In normal usage,
15			* this is loaded from and saved to the regular PHP session, but for things like static-page-generation and
16			* unit-testing, you can create multiple Controllers, each with their own session.
17			*
18			* The instance object is basically just a way of manipulating a set of nested maps, and isn't specific to session
19			* data.
20			*
21			* <b>Saving Data</b>
22			*
23			* You can write a value to a users session from your PHP code using the static function {@link Session::set()}. You
24			* can add this line in any function or file you wish to save the value.
25			*
26			* <code>
27			* Session::set('MyValue', 6);
28			* </code>
29			*
30			* Saves the value of "6" to the MyValue session data. You can also save arrays or serialized objects in session (but
31			* note there may be size restrictions as to how much you can save)
32			*
33			* <code>
34			* // save a variable
35			* $var = 1;
36			* Session::set('MyVar', $var);
37			*
38			* // saves an array
39			* Session::set('MyArrayOfValues', array('1', '2', '3'));
40			*
41			* // saves an object (you'll have to unserialize it back)
42			* $object = new Object();
43			*
44			* Session::set('MyObject', serialize($object));
45			* </code>
46			*
47			* <b>Accessing Data</b>
48			*
49			* Once you have saved a value to the Session you can access it by using the {@link Session::get()} function.
50			* Like the {@link Session::set()} function you can use this anywhere in your PHP files.
51			*
52			* The values in the comments are the values stored from the previous example.
53			*
54			* <code>
55			* public function bar() {
56			* $value = Session::get('MyValue'); // $value = 6
57			* $var = Session::get('MyVar'); // $var = 1
58			* $array = Session::get('MyArrayOfValues'); // $array = array(1,2,3)
59			* $object = Session::get('MyObject', unserialize($object)); // $object = Object()
60			* }
61			* </code>
62			*
63			* You can also get all the values in the session at once. This is useful for debugging.
64			*
65			* <code>
66			* Session::get_all(); // returns an array of all the session values.
67			* </code>
68			*
69			* <b>Clearing Data</b>
70			*
71			* Once you have accessed a value from the Session it doesn't automatically wipe the value from the Session, you have
72			* to specifically remove it. To clear a value you can either delete 1 session value by the name that you saved it
73			*
74			* <code>
75			* Session::clear('MyValue'); // MyValue is no longer 6.
76			* </code>
77			*
78			* Or you can clear every single value in the session at once. Note SilverStripe stores some of its own session data
79			* including form and page comment information. None of this is vital but clear_all will clear everything.
80			*
81			* <code>
82			* Session::clear_all();
83			* </code>
84			*
85			* @see Cookie
86			* @todo This class is currently really basic and could do with a more well-thought-out implementation.
87			*/
88			class Session
89			{
90			use Configurable;
91
92			/**
93			* Set session timeout in seconds.
94			*
95			* @var int
96			* @config
97			*/
98			private static $timeout = 0;
99
100			/**
101			* @config
102			* @var array
103			*/
104			private static $session_ips = array();
105
106			/**
107			* @config
108			* @var string
109			*/
110			private static $cookie_domain;
111
112			/**
113			* @config
114			* @var string
115			*/
116			private static $cookie_path;
117
118			/**
119			* @config
120			* @var string
121			*/
122			private static $session_store_path;
123
124			/**
125			* @config
126			* @var boolean
127			*/
128			private static $cookie_secure = false;
129
130			/**
131			* Session data.
132			* Will be null if session has not been started
133			*
134			* @var array\|null
135			*/
136			protected $data = null;
137
138			/**
139			* @var array
140			*/
141			protected $changedData = array();
142
143			/**
144			* Get user agent for this request
145			*
146			* @return string
147			*/
148			protected function userAgent($request)
149			{
150			return $request->getHeader('User-Agent');
151			}
152
153			/**
154			* Start PHP session, then create a new Session object with the given start data.
155			*
156			* @param array\|null\|Session $data Can be an array of data (such as $_SESSION) or another Session object to clone.
157			* If null, this session is treated as unstarted.
158			*/
159			public function __construct($data)
160			{
161			if ($data instanceof Session) {
162			$data = $data->getAll();
163			}
164
165			$this->data = $data;
166			}
167
168			/**
169			* Init this session instance before usage
170			*/
171			public function init(HTTPRequest $request)
172			{
173			if (!$this->isStarted()) {
174			$this->start($request);
175			}
176
177			// Funny business detected!
178			if (isset($this->data['HTTP_USER_AGENT'])) {
179			if ($this->data['HTTP_USER_AGENT'] !== $this->userAgent($request)) {
180			$this->clearAll();
181			$this->destroy();
182			$this->start($request);
183			}
184			}
185			}
186
187			/**
188			* Destroy existing session and restart
189			*/
190			public function restart(HTTPRequest $request)
191			{
192			$this->destroy();
193			$this->init($request);
194			}
195
196			/**
197			* Determine if this session has started
198			*
199			* @return bool
200			*/
201			public function isStarted()
202			{
203			return isset($this->data);
204			}
205
206			/**
207			* Begin session
208			*
209			* @param $request The request for which to start a session
210			*/
211			public function start(HTTPRequest $request)
			0 ignored issues – show Coding Style introduced 2017-06-25 06:16 UTC by Report Bug Copy Issue Report `start` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
212			{
213			if ($this->isStarted()) {
214			throw new BadMethodCallException("Session has already started");
215			}
216
217			$path = $this->config()->get('cookie_path');
218			if (!$path) {
219			$path = Director::baseURL();
220			}
221			$domain = $this->config()->get('cookie_domain');
222			$secure = Director::is_https($request) && $this->config()->get('cookie_secure');
223			$session_path = $this->config()->get('session_store_path');
224			$timeout = $this->config()->get('timeout');
225
226			// Director::baseURL can return absolute domain names - this extracts the relevant parts
227			// for the session otherwise we can get broken session cookies
228			if (Director::is_absolute_url($path)) {
229			$urlParts = parse_url($path);
230			$path = $urlParts['path'];
231			if (!$domain) {
232			$domain = $urlParts['host'];
233			}
234			}
235
236			if (!session_id() && !headers_sent()) {
237			if ($domain) {
238			session_set_cookie_params($timeout, $path, $domain, $secure, true);
239			} else {
240			session_set_cookie_params($timeout, $path, null, $secure, true);
241			}
242
243			// Allow storing the session in a non standard location
244			if ($session_path) {
245			session_save_path($session_path);
246			}
247
248			// If we want a secure cookie for HTTPS, use a seperate session name. This lets us have a
249			// seperate (less secure) session for non-HTTPS requests
250			if ($secure) {
251			session_name('SECSESSID');
252			}
253
254			session_start();
255
256			$this->data = isset($_SESSION) ? $_SESSION : array();
257			} else {
258			$this->data = [];
259			}
260
261			// Modify the timeout behaviour so it's the inactive time before the session expires.
262			// By default it's the total session lifetime
263			if ($timeout && !headers_sent()) {
264			Cookie::set(session_name(), session_id(), $timeout/86400, $path, $domain ? $domain
265			: null, $secure, true);
266			}
267			}
268
269			/**
270			* Destroy this session
271			*
272			* @param bool $removeCookie
273			*/
274			public function destroy($removeCookie = true)
			0 ignored issues – show Coding Style introduced 2017-06-20 05:19 UTC by Report Bug Copy Issue Report `destroy` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
275			{
276			if (session_id()) {
277			if ($removeCookie) {
278			$path = $this->config()->get('cookie_path') ?: Director::baseURL();
279			$domain = $this->config()->get('cookie_domain');
280			$secure = $this->config()->get('cookie_secure');
281			Cookie::force_expiry(session_name(), $path, $domain, $secure, true);
282			}
283			session_destroy();
284			}
285			// Clean up the superglobal - session_destroy does not do it.
286			// http://nz1.php.net/manual/en/function.session-destroy.php
287			unset($_SESSION);
288			$this->data = null;
289			}
290
291			/**
292			* Set session value
293			*
294			* @param string $name
295			* @param mixed $val
296			* @return $this
297			*/
298			public function set($name, $val)
299			{
300			if (!$this->isStarted()) {
301			throw new BadMethodCallException("Session cannot be modified until it's started");
302			}
303
304			// Quicker execution path for "."-free names
305			if (strpos($name, '.') === false) {
306			$this->data[$name] = $val;
307			$this->changedData[$name] = $val;
308			} else {
309			$names = explode('.', $name);
310
311			// We still want to do this even if we have strict path checking for legacy code
312			$var = &$this->data;
313			$diffVar = &$this->changedData;
314
315			// Iterate twice over the names - once to see if the value needs to be changed,
316			// and secondly to get the changed data value. This is done to solve a problem
317			// where iterating over the diff var would create empty arrays, and the value
318			// would then not be set, inadvertently clearing session values.
319			foreach ($names as $n) {
320			$var = &$var[$n];
321			}
322
323			if ($var !== $val) {
324			foreach ($names as $n) {
325			$diffVar = &$diffVar[$n];
326			}
327
328			$var = $val;
329			$diffVar = $val;
330			}
331			}
332			return $this;
333			}
334
335			/**
336			* Merge value with array
337			*
338			* @param string $name
339			* @param mixed $val
340			*/
341			public function addToArray($name, $val)
342			{
343			if (!$this->isStarted()) {
344			throw new BadMethodCallException("Session cannot be modified until it's started");
345			}
346
347			$names = explode('.', $name);
348
349			// We still want to do this even if we have strict path checking for legacy code
350			$var = &$this->data;
351			$diffVar = &$this->changedData;
352
353			foreach ($names as $n) {
354			$var = &$var[$n];
355			$diffVar = &$diffVar[$n];
356			}
357
358			$var[] = $val;
359			$diffVar[sizeof($var)-1] = $val;
360			}
361
362			/**
363			* Get session value
364			*
365			* @param string $name
366			* @return mixed
367			*/
368			public function get($name)
369			{
370			if (!$this->isStarted()) {
371			throw new BadMethodCallException("Session cannot be accessed until it's started");
372			}
373
374			// Quicker execution path for "."-free names
375			if (strpos($name, '.') === false) {
376			if (isset($this->data[$name])) {
377			return $this->data[$name];
378			}
379			return null;
380			} else {
381			$names = explode('.', $name);
382
383			if (!isset($this->data)) {
384			return null;
385			}
386
387			$var = $this->data;
388
389			foreach ($names as $n) {
390			if (!isset($var[$n])) {
391			return null;
392			}
393			$var = $var[$n];
394			}
395
396			return $var;
397			}
398			}
399
400			/**
401			* Clear session value
402			*
403			* @param string $name
404			* @return $this
405			*/
406			public function clear($name)
407			{
408			if (!$this->isStarted()) {
409			throw new BadMethodCallException("Session cannot be modified until it's started");
410			}
411
412			$names = explode('.', $name);
413
414			// We still want to do this even if we have strict path checking for legacy code
415			$var = &$this->data;
416			$diffVar = &$this->changedData;
417
418			foreach ($names as $n) {
419			// don't clear a record that doesn't exist
420			if (!isset($var[$n])) {
421			return $this;
422			}
423			$var = &$var[$n];
424			}
425
426			// only loop to find data within diffVar if var is proven to exist in the above loop
427			foreach ($names as $n) {
428			$diffVar = &$diffVar[$n];
429			}
430
431			if ($var !== null) {
432			$var = null;
433			$diffVar = null;
434			}
435			return $this;
436			}
437
438			/**
439			* Clear all values
440			*/
441			public function clearAll()
442			{
443			if (!$this->isStarted()) {
444			throw new BadMethodCallException("Session cannot be modified until it's started");
445			}
446
447			if ($this->data && is_array($this->data)) {
448			foreach (array_keys($this->data) as $key) {
449			$this->clear($key);
450			}
451			}
452			}
453
454			/**
455			* Get all values
456			*
457			* @return array\|null
458			*/
459			public function getAll()
460			{
461			return $this->data;
462			}
463
464			/**
465			* Set user agent key
466			*/
467			public function finalize(HTTPRequest $request)
468			{
469			$this->set('HTTP_USER_AGENT', $this->userAgent($request));
470			}
471
472			/**
473			* Save data to session
474			* Only save the changes, so that anyone manipulating $_SESSION directly doesn't get burned.
475			*/
476			public function save(HTTPRequest $request)
			0 ignored issues – show Coding Style introduced 2017-06-25 06:16 UTC by Report Bug Copy Issue Report `save` uses the super-global variable `$_SESSION` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
477			{
478			if ($this->changedData) {
			0 ignored issues – show Bug Best Practice introduced 2016-11-01 00:55 UTC by Report Bug Copy Issue Report The expression `$this->changedData` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
479			$this->finalize($request);
480
481			if (!$this->isStarted()) {
482			$this->start($request);
483			}
484
485			$this->recursivelyApply($this->changedData, $_SESSION);
486			}
487			}
488
489			/**
490			* Recursively apply the changes represented in $data to $dest.
491			* Used to update $_SESSION
492			*
493			* @param array $data
494			* @param array $dest
495			*/
496			protected function recursivelyApply($data, &$dest)
497			{
498			foreach ($data as $k => $v) {
499			if (is_array($v)) {
500			if (!isset($dest[$k]) \|\| !is_array($dest[$k])) {
501			$dest[$k] = array();
502			}
503			$this->recursivelyApply($v, $dest[$k]);
504			} else {
505			$dest[$k] = $v;
506			}
507			}
508			}
509
510			/**
511			* Return the changed data, for debugging purposes.
512			*
513			* @return array
514			*/
515			public function changedData()
516			{
517			return $this->changedData;
518			}
519			}
520

silverstripe / silverstripe-framework

Pull Request — master (#7057)

Session::start() D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like