From 4b516fdb0927021dc4ebb38513127699e48b87f9 Mon Sep 17 00:00:00 2001 From: Mark Nowiasz Date: Tue, 29 Jan 2019 21:41:23 +0100 Subject: Custom sessionhandler support, as requested --- Zotlabs/Web/Session.php | 50 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 35 insertions(+), 15 deletions(-) (limited to 'Zotlabs/Web') diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 4f2a3f1f7..31979c3f6 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -15,7 +15,7 @@ class Session { private $handler = null; private $session_started = false; - + private $custom_handler = false; public function init() { $gc_probability = 50; @@ -23,25 +23,44 @@ class Session { ini_set('session.gc_probability', $gc_probability); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); - + + $this->custom_handler = boolval(get_config('system', 'session_custom', false)); + /* * Set our session storage functions. */ - - $handler = new \Zotlabs\Web\SessionHandler(); - - $this->handler = $handler; - - $x = session_set_save_handler($handler,false); - if(! $x) - logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); - + + if ($this->custom_handler) { + /* Custom handler (files, memached, redis..) */ + + $session_save_handler = strval(get_config('system', 'session_save_handler', Null)); + $session_save_path = strval(get_config('system', 'session_save_path', Null)); + $session_gc_probability = intval(get_config('system', 'session_gc_probability', 1)); + $session_gc_divisor = intval(get_config('system', 'session_gc_divisor', 100)); + if (!$session_save_handler || !$session_save_path) { + logger('Session save handler or path not set.',LOGGER_NORMAL,LOG_ERR); + } else { + ini_set('session.save_handler', $session_save_handler); + ini_set('session.save_path', $session_save_path); + ini_set('session.gc_probability', $session_gc_probability); + ini_set('session.gc_divisor', $session_gc_divisor); + + } + } else { + $handler = new \Zotlabs\Web\SessionHandler(); + + $this->handler = $handler; + + $x = session_set_save_handler($handler,false); + if(! $x) + logger('Session save handler initialisation failed.',LOGGER_NORMAL,LOG_ERR); + }; // Force cookies to be secure (https only) if this site is SSL enabled. // Must be done before session_start(). $arr = session_get_cookie_params(); - + // Note when setting cookies: set the domain to false which creates a single domain // cookie. If you use a hostname it will create a .domain.com wildcard which will // have some nasty side effects if you have any other subdomains running hubzilla. @@ -86,14 +105,15 @@ class Session { $arr = session_get_cookie_params(); - if($this->handler && $this->session_started) { + if(($this->handler || $this->custom_handler) && $this->session_started) { session_regenerate_id(true); // force SessionHandler record creation with the new session_id // which occurs as a side effect of read() - - $this->handler->read(session_id()); + if (! $this->custom_handler) { + $this->handler->read(session_id()); + } } else logger('no session handler'); -- cgit v1.2.3