diff options
author | DM42.Net (Matt Dent) <dentm42@dm42.net> | 2019-01-28 14:20:46 -0500 |
---|---|---|
committer | DM42.Net (Matt Dent) <dentm42@dm42.net> | 2019-01-28 14:20:46 -0500 |
commit | 8972ca8134c16039c03ad83d26b75b9e9e21d7ea (patch) | |
tree | 234bf405d68e37dc617a8dcd93f97bef5fa7db6e | |
parent | 671b6d2edaa344ef4d41743322e8090265bf8f9a (diff) | |
download | volse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.tar.gz volse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.tar.bz2 volse-hubzilla-8972ca8134c16039c03ad83d26b75b9e9e21d7ea.zip |
Make session handler pluggable
-rw-r--r-- | Zotlabs/Web/Session.php | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 4f2a3f1f7..1ba120fa9 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -15,6 +15,7 @@ class Session { private $handler = null; private $session_started = false; + private $custom_handler = false; public function init() { @@ -28,13 +29,20 @@ class Session { * Set our session storage functions. */ - $handler = new \Zotlabs\Web\SessionHandler(); + $custom_handler = $this->custom_handler; + call_hook('custom_session_handler',$custom_handler); + $this->custom_handler = $custom_handler; - $this->handler = $handler; - $x = session_set_save_handler($handler,false); - if(! $x) - logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + if (!$this->custom_handler) { + $handler = new \Zotlabs\Web\SessionHandler(); + + $this->handler = $handler; + + $x = session_set_save_handler($handler,false); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + } // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). @@ -86,14 +94,17 @@ class Session { $arr = session_get_cookie_params(); - if($this->handler && $this->session_started) { + if(($this->handler || $this->custom_handler) && $this->session_started) { session_regenerate_id(true); - // force SessionHandler record creation with the new session_id - // which occurs as a side effect of read() + if (!$this->custom_handler) { + // force SessionHandler record creation with the new session_id + // which occurs as a side effect of read() since not all implementations + // of session_regenerate_id() call read(). - $this->handler->read(session_id()); + $this->handler->read(session_id()); + } } else logger('no session handler'); |