aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDM42.Net (Matt Dent) <dentm42@dm42.net>2019-01-28 14:20:46 -0500
committerDM42.Net (Matt Dent) <dentm42@dm42.net>2019-01-28 14:20:46 -0500
commit8972ca8134c16039c03ad83d26b75b9e9e21d7ea (patch)
tree234bf405d68e37dc617a8dcd93f97bef5fa7db6e
parent671b6d2edaa344ef4d41743322e8090265bf8f9a (diff)
downloadvolse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.tar.gz
volse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.tar.bz2
volse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.zip
Make session handler pluggable
-rw-r--r--Zotlabs/Web/Session.php29
1 files changed, 20 insertions, 9 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php
index 4f2a3f1f7..1ba120fa9 100644
--- a/Zotlabs/Web/Session.php
+++ b/Zotlabs/Web/Session.php
@@ -15,6 +15,7 @@ class Session {
private $handler = null;
private $session_started = false;
+ private $custom_handler = false;
public function init() {
@@ -28,13 +29,20 @@ class Session {
* Set our session storage functions.
*/
- $handler = new \Zotlabs\Web\SessionHandler();
+ $custom_handler = $this->custom_handler;
+ call_hook('custom_session_handler',$custom_handler);
+ $this->custom_handler = $custom_handler;
- $this->handler = $handler;
- $x = session_set_save_handler($handler,false);
- if(! $x)
- logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR);
+ if (!$this->custom_handler) {
+ $handler = new \Zotlabs\Web\SessionHandler();
+
+ $this->handler = $handler;
+
+ $x = session_set_save_handler($handler,false);
+ if(! $x)
+ logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR);
+ }
// Force cookies to be secure (https only) if this site is SSL enabled.
// Must be done before session_start().
@@ -86,14 +94,17 @@ class Session {
$arr = session_get_cookie_params();
- if($this->handler && $this->session_started) {
+ if(($this->handler || $this->custom_handler) && $this->session_started) {
session_regenerate_id(true);
- // force SessionHandler record creation with the new session_id
- // which occurs as a side effect of read()
+ if (!$this->custom_handler) {
+ // force SessionHandler record creation with the new session_id
+ // which occurs as a side effect of read() since not all implementations
+ // of session_regenerate_id() call read().
- $this->handler->read(session_id());
+ $this->handler->read(session_id());
+ }
}
else
logger('no session handler');