aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2019-01-29 10:06:37 +0100
committerMario <mario@mariovavti.com>2019-01-29 10:06:37 +0100
commit39604d2fdc03a99e5c5463b2e3c09f131c760a18 (patch)
tree903f93c54bb21796328e261c1a555d3846ae4ae4
parent27e415e664cf4eab92b3f1f5f6c4597312d4f6ad (diff)
parent8972ca8134c16039c03ad83d26b75b9e9e21d7ea (diff)
downloadvolse-hubzilla-39604d2fdc03a99e5c5463b2e3c09f131c760a18.tar.gz
volse-hubzilla-39604d2fdc03a99e5c5463b2e3c09f131c760a18.tar.bz2
volse-hubzilla-39604d2fdc03a99e5c5463b2e3c09f131c760a18.zip
Merge branch 'sessionhandlerhook' into 'dev'
Make session handler pluggable See merge request hubzilla/core!1494
-rw-r--r--Zotlabs/Web/Session.php29
1 files changed, 20 insertions, 9 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php
index 4f2a3f1f7..1ba120fa9 100644
--- a/Zotlabs/Web/Session.php
+++ b/Zotlabs/Web/Session.php
@@ -15,6 +15,7 @@ class Session {
private $handler = null;
private $session_started = false;
+ private $custom_handler = false;
public function init() {
@@ -28,13 +29,20 @@ class Session {
* Set our session storage functions.
*/
- $handler = new \Zotlabs\Web\SessionHandler();
+ $custom_handler = $this->custom_handler;
+ call_hook('custom_session_handler',$custom_handler);
+ $this->custom_handler = $custom_handler;
- $this->handler = $handler;
- $x = session_set_save_handler($handler,false);
- if(! $x)
- logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR);
+ if (!$this->custom_handler) {
+ $handler = new \Zotlabs\Web\SessionHandler();
+
+ $this->handler = $handler;
+
+ $x = session_set_save_handler($handler,false);
+ if(! $x)
+ logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR);
+ }
// Force cookies to be secure (https only) if this site is SSL enabled.
// Must be done before session_start().
@@ -86,14 +94,17 @@ class Session {
$arr = session_get_cookie_params();
- if($this->handler && $this->session_started) {
+ if(($this->handler || $this->custom_handler) && $this->session_started) {
session_regenerate_id(true);
- // force SessionHandler record creation with the new session_id
- // which occurs as a side effect of read()
+ if (!$this->custom_handler) {
+ // force SessionHandler record creation with the new session_id
+ // which occurs as a side effect of read() since not all implementations
+ // of session_regenerate_id() call read().
- $this->handler->read(session_id());
+ $this->handler->read(session_id());
+ }
}
else
logger('no session handler');