CI_Session Class Reference
Public Member Functions | |
| CI_Session () | |
| Session Constructor. | |
| sess_run () | |
| Run the session routines. | |
| sess_read () | |
| Fetch the current session data if it exists. | |
| sess_write () | |
| Write the session cookie. | |
| sess_create () | |
| Create a new session. | |
| sess_update () | |
| Update an existing session. | |
| sess_destroy () | |
| Destroy the current session. | |
| sess_gc () | |
| Garbage collection. | |
| userdata ($item) | |
| Fetch a specific item from the session array. | |
| all_userdata () | |
| Fetch all session data. | |
| set_userdata ($newdata=array(), $newval= '') | |
| Add or change data in the "userdata" array. | |
| unset_userdata ($newdata=array()) | |
| Delete a session variable from the "userdata" array. | |
| strip_slashes ($vals) | |
| Strip slashes. | |
| set_flashdata ($newdata=array(), $newval= '') | |
| Add or change flashdata, only available until the next request. | |
| keep_flashdata ($key) | |
| Keeps existing flashdata available to next request. | |
| flashdata ($key) | |
| Fetch a specific flashdata item from the session array. | |
| _flashdata_mark () | |
| Identifies flashdata as 'old' for removal when _flashdata_sweep() runs. | |
| _flashdata_sweep () | |
| Removes all flashdata marked as 'old'. | |
Public Attributes | |
| $CI | |
| $now | |
| $encryption = TRUE | |
| $use_database = FALSE | |
| $session_table = FALSE | |
| $sess_length = 7200 | |
| $sess_cookie = 'ci_session' | |
| $userdata = array() | |
| $gc_probability = 5 | |
| $flashdata_key = 'flash' | |
| $time_to_update = 300 | |
Detailed Description
Definition at line 27 of file Session.php.
Member Function Documentation
| CI_Session::_flashdata_mark | ( | ) |
Identifies flashdata as 'old' for removal when _flashdata_sweep() runs.
private
- Returns:
- void
Definition at line 613 of file Session.php.
References $userdata, all_userdata(), set_userdata(), and unset_userdata().
Referenced by sess_run().
00614 { 00615 $userdata = $this->all_userdata(); 00616 foreach ($userdata as $name => $value) 00617 { 00618 $parts = explode(':new:', $name); 00619 if (is_array($parts) && count($parts) === 2) 00620 { 00621 $new_name = $this->flashdata_key.':old:'.$parts[1]; 00622 $this->set_userdata($new_name, $value); 00623 $this->unset_userdata($name); 00624 } 00625 } 00626 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::_flashdata_sweep | ( | ) |
Removes all flashdata marked as 'old'.
private
- Returns:
- void
Definition at line 637 of file Session.php.
References $userdata, all_userdata(), and unset_userdata().
Referenced by sess_run().
00638 { 00639 $userdata = $this->all_userdata(); 00640 foreach ($userdata as $key => $value) 00641 { 00642 if (strpos($key, ':old:')) 00643 { 00644 $this->unset_userdata($key); 00645 } 00646 } 00647 00648 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::all_userdata | ( | ) |
Fetch all session data.
public
- Returns:
- mixed
Definition at line 453 of file Session.php.
References userdata().
Referenced by _flashdata_mark(), and _flashdata_sweep().
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::CI_Session | ( | ) |
Session Constructor.
The constructor runs the session routines automatically whenever the class is instantiated.
Definition at line 47 of file Session.php.
References get_instance(), log_message(), and sess_run().
00048 { 00049 $this->CI =& get_instance(); 00050 00051 log_message('debug', "Session Class Initialized"); 00052 $this->sess_run(); 00053 }
Here is the call graph for this function:
| CI_Session::flashdata | ( | $ | key | ) |
Fetch a specific flashdata item from the session array.
public
- Parameters:
-
string
- Returns:
- string
Definition at line 598 of file Session.php.
References $flashdata_key, and userdata().
00599 { 00600 $flashdata_key = $this->flashdata_key.':old:'.$key; 00601 return $this->userdata($flashdata_key); 00602 }
Here is the call graph for this function:
| CI_Session::keep_flashdata | ( | $ | key | ) |
Keeps existing flashdata available to next request.
public
- Parameters:
-
string
- Returns:
- void
Definition at line 576 of file Session.php.
References set_userdata(), and userdata().
00577 { 00578 // 'old' flashdata gets removed. Here we mark all 00579 // flashdata as 'new' to preserve it from _flashdata_sweep() 00580 // Note the function will return FALSE if the $key 00581 // provided cannot be found 00582 $old_flashdata_key = $this->flashdata_key.':old:'.$key; 00583 $value = $this->userdata($old_flashdata_key); 00584 00585 $new_flashdata_key = $this->flashdata_key.':new:'.$key; 00586 $this->set_userdata($new_flashdata_key, $value); 00587 }
Here is the call graph for this function:
| CI_Session::sess_create | ( | ) |
Create a new session.
public
- Returns:
- void
Definition at line 326 of file Session.php.
References sess_write(), and userdata().
Referenced by sess_run().
00327 { 00328 $sessid = ''; 00329 while (strlen($sessid) < 32) 00330 { 00331 $sessid .= mt_rand(0, mt_getrandmax()); 00332 } 00333 00334 $this->userdata = array( 00335 'session_id' => md5(uniqid($sessid, TRUE)), 00336 'ip_address' => $this->CI->input->ip_address(), 00337 'user_agent' => substr($this->CI->input->user_agent(), 0, 50), 00338 'last_activity' => $this->now 00339 ); 00340 00341 00342 // Save the session in the DB if needed 00343 if ($this->use_database === TRUE) 00344 { 00345 $this->CI->db->query($this->CI->db->insert_string($this->session_table, $this->userdata)); 00346 } 00347 00348 // Write the cookie 00349 $this->sess_write(); 00350 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::sess_destroy | ( | ) |
Destroy the current session.
public
- Returns:
- void
Definition at line 394 of file Session.php.
Referenced by sess_read().
00395 { 00396 setcookie( 00397 $this->sess_cookie, 00398 addslashes(serialize(array())), 00399 ($this->now - 31500000), 00400 $this->CI->config->item('cookie_path'), 00401 $this->CI->config->item('cookie_domain'), 00402 0 00403 ); 00404 }
Here is the caller graph for this function:
| CI_Session::sess_gc | ( | ) |
Garbage collection.
This deletes expired session rows from database if the probability percentage is met
public
- Returns:
- void
Definition at line 417 of file Session.php.
References log_message().
Referenced by sess_run().
00418 { 00419 srand(time()); 00420 if ((rand() % 100) < $this->gc_probability) 00421 { 00422 $expire = $this->now - $this->sess_length; 00423 00424 $this->CI->db->where("last_activity < {$expire}"); 00425 $this->CI->db->delete($this->session_table); 00426 00427 log_message('debug', 'Session garbage collection performed.'); 00428 } 00429 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::sess_read | ( | ) |
Fetch the current session data if it exists.
public
- Returns:
- void
Definition at line 183 of file Session.php.
References log_message(), sess_destroy(), strip_slashes(), and userdata().
Referenced by sess_run().
00184 { 00185 // Fetch the cookie 00186 $session = $this->CI->input->cookie($this->sess_cookie); 00187 00188 if ($session === FALSE) 00189 { 00190 log_message('debug', 'A session cookie was not found.'); 00191 return FALSE; 00192 } 00193 00194 // Decrypt and unserialize the data 00195 if ($this->encryption == TRUE) 00196 { 00197 $session = $this->CI->encrypt->decode($session); 00198 } 00199 else 00200 { 00201 // encryption was not used, so we need to check the md5 hash 00202 $hash = substr($session, strlen($session)-32); // get last 32 chars 00203 $session = substr($session, 0, strlen($session)-32); 00204 00205 // Does the md5 hash match? This is to prevent manipulation of session data 00206 // in userspace 00207 if ($hash !== md5($session.$this->CI->config->item('encryption_key'))) 00208 { 00209 log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); 00210 $this->sess_destroy(); 00211 return FALSE; 00212 } 00213 } 00214 00215 $session = @unserialize($this->strip_slashes($session)); 00216 00217 if ( ! is_array($session) OR ! isset($session['last_activity'])) 00218 { 00219 log_message('error', 'The session cookie data did not contain a valid array. This could be a possible hacking attempt.'); 00220 return FALSE; 00221 } 00222 00223 // Is the session current? 00224 if (($session['last_activity'] + $this->sess_length) < $this->now) 00225 { 00226 $this->sess_destroy(); 00227 return FALSE; 00228 } 00229 00230 // Does the IP Match? 00231 if ($this->CI->config->item('sess_match_ip') == TRUE AND $session['ip_address'] != $this->CI->input->ip_address()) 00232 { 00233 $this->sess_destroy(); 00234 return FALSE; 00235 } 00236 00237 // Does the User Agent Match? 00238 if ($this->CI->config->item('sess_match_useragent') == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 50))) 00239 { 00240 $this->sess_destroy(); 00241 return FALSE; 00242 } 00243 00244 // Is there a corresponding session in the DB? 00245 if ($this->use_database === TRUE) 00246 { 00247 $this->CI->db->where('session_id', $session['session_id']); 00248 00249 if ($this->CI->config->item('sess_match_ip') == TRUE) 00250 { 00251 $this->CI->db->where('ip_address', $session['ip_address']); 00252 } 00253 00254 if ($this->CI->config->item('sess_match_useragent') == TRUE) 00255 { 00256 $this->CI->db->where('user_agent', $session['user_agent']); 00257 } 00258 00259 $query = $this->CI->db->get($this->session_table); 00260 00261 if ($query->num_rows() == 0) 00262 { 00263 $this->sess_destroy(); 00264 return FALSE; 00265 } 00266 else 00267 { 00268 $row = $query->row(); 00269 if (($row->last_activity + $this->sess_length) < $this->now) 00270 { 00271 $this->CI->db->where('session_id', $session['session_id']); 00272 $this->CI->db->delete($this->session_table); 00273 $this->sess_destroy(); 00274 return FALSE; 00275 } 00276 } 00277 } 00278 00279 // Session is valid! 00280 $this->userdata = $session; 00281 unset($session); 00282 00283 return TRUE; 00284 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::sess_run | ( | ) |
Run the session routines.
public
- Returns:
- void
Definition at line 63 of file Session.php.
References $now, _flashdata_mark(), _flashdata_sweep(), log_message(), sess_create(), sess_gc(), sess_read(), sess_update(), and userdata().
Referenced by CI_Session().
00064 { 00065 /* 00066 * Set the "now" time 00067 * 00068 * It can either set to GMT or time(). The pref 00069 * is set in the config file. If the developer 00070 * is doing any sort of time localization they 00071 * might want to set the session time to GMT so 00072 * they can offset the "last_activity" time 00073 * based on each user's locale. 00074 * 00075 */ 00076 00077 if (is_numeric($this->CI->config->item('sess_time_to_update'))) 00078 { 00079 $this->time_to_update = $this->CI->config->item('sess_time_to_update'); 00080 } 00081 00082 if (strtolower($this->CI->config->item('time_reference')) == 'gmt') 00083 { 00084 $now = time(); 00085 $this->now = mktime(gmdate("H", $now), gmdate("i", $now), gmdate("s", $now), gmdate("m", $now), gmdate("d", $now), gmdate("Y", $now)); 00086 00087 if (strlen($this->now) < 10) 00088 { 00089 $this->now = time(); 00090 log_message('error', 'The session class could not set a proper GMT timestamp so the local time() value was used.'); 00091 } 00092 } 00093 else 00094 { 00095 $this->now = time(); 00096 } 00097 00098 /* 00099 * Set the session length 00100 * 00101 * If the session expiration is set to zero in 00102 * the config file we'll set the expiration 00103 * two years from now. 00104 * 00105 */ 00106 $expiration = $this->CI->config->item('sess_expiration'); 00107 00108 if (is_numeric($expiration)) 00109 { 00110 if ($expiration > 0) 00111 { 00112 $this->sess_length = $this->CI->config->item('sess_expiration'); 00113 } 00114 else 00115 { 00116 $this->sess_length = (60*60*24*365*2); 00117 } 00118 } 00119 00120 // Do we need encryption? 00121 $this->encryption = $this->CI->config->item('sess_encrypt_cookie'); 00122 00123 if ($this->encryption == TRUE) 00124 { 00125 $this->CI->load->library('encrypt'); 00126 } 00127 00128 // Are we using a database? 00129 if ($this->CI->config->item('sess_use_database') === TRUE AND $this->CI->config->item('sess_table_name') != '') 00130 { 00131 $this->use_database = TRUE; 00132 $this->session_table = $this->CI->config->item('sess_table_name'); 00133 $this->CI->load->database(); 00134 } 00135 00136 // Set the cookie name 00137 if ($this->CI->config->item('sess_cookie_name') != FALSE) 00138 { 00139 $this->sess_cookie = $this->CI->config->item('cookie_prefix').$this->CI->config->item('sess_cookie_name'); 00140 } 00141 00142 /* 00143 * Fetch the current session 00144 * 00145 * If a session doesn't exist we'll create 00146 * a new one. If it does, we'll update it. 00147 * 00148 */ 00149 if ( ! $this->sess_read()) 00150 { 00151 $this->sess_create(); 00152 } 00153 else 00154 { 00155 // We only update the session every five minutes 00156 if (($this->userdata['last_activity'] + $this->time_to_update) < $this->now) 00157 { 00158 $this->sess_update(); 00159 } 00160 } 00161 00162 // Delete expired sessions if necessary 00163 if ($this->use_database === TRUE) 00164 { 00165 $this->sess_gc(); 00166 } 00167 00168 // Delete 'old' flashdata (from last request) 00169 $this->_flashdata_sweep(); 00170 00171 // Mark all new flashdata as old (data will be deleted before next request) 00172 $this->_flashdata_mark(); 00173 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::sess_update | ( | ) |
Update an existing session.
public
- Returns:
- void
Definition at line 360 of file Session.php.
References sess_write(), and userdata().
Referenced by sess_run().
00361 { 00362 // Save the old session id so we know which record to 00363 // update in the database if we need it 00364 $old_sessid = $this->userdata['session_id']; 00365 $new_sessid = ''; 00366 while (strlen($new_sessid) < 32) 00367 { 00368 $new_sessid .= mt_rand(0, mt_getrandmax()); 00369 } 00370 $new_sessid = md5(uniqid($new_sessid, TRUE)); 00371 00372 // Update the session data in the session data array 00373 $this->userdata['session_id'] = $new_sessid; 00374 $this->userdata['last_activity'] = $this->now; 00375 00376 // Update the session in the DB if needed 00377 if ($this->use_database === TRUE) 00378 { 00379 $this->CI->db->query($this->CI->db->update_string($this->session_table, array('last_activity' => $this->now, 'session_id' => $new_sessid), array('session_id' => $old_sessid))); 00380 } 00381 00382 // Write the cookie 00383 $this->sess_write(); 00384 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::sess_write | ( | ) |
Write the session cookie.
public
- Returns:
- void
Definition at line 294 of file Session.php.
References userdata().
Referenced by sess_create(), sess_update(), set_userdata(), and unset_userdata().
00295 { 00296 $cookie_data = serialize($this->userdata); 00297 00298 if ($this->encryption == TRUE) 00299 { 00300 $cookie_data = $this->CI->encrypt->encode($cookie_data); 00301 } 00302 else 00303 { 00304 // if encryption is not used, we provide an md5 hash to prevent userside tampering 00305 $cookie_data = $cookie_data . md5($cookie_data.$this->CI->config->item('encryption_key')); 00306 } 00307 00308 setcookie( 00309 $this->sess_cookie, 00310 $cookie_data, 00311 $this->sess_length + time(), 00312 $this->CI->config->item('cookie_path'), 00313 $this->CI->config->item('cookie_domain'), 00314 0 00315 ); 00316 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::set_flashdata | ( | $ | newdata = array(), |
|
| $ | newval = '' | |||
| ) |
Add or change flashdata, only available until the next request.
public
- Parameters:
-
mixed string
- Returns:
- void
Definition at line 550 of file Session.php.
References $flashdata_key, and set_userdata().
00551 { 00552 if (is_string($newdata)) 00553 { 00554 $newdata = array($newdata => $newval); 00555 } 00556 00557 if (count($newdata) > 0) 00558 { 00559 foreach ($newdata as $key => $val) 00560 { 00561 $flashdata_key = $this->flashdata_key.':new:'.$key; 00562 $this->set_userdata($flashdata_key, $val); 00563 } 00564 } 00565 }
Here is the call graph for this function:
| CI_Session::set_userdata | ( | $ | newdata = array(), |
|
| $ | newval = '' | |||
| ) |
Add or change data in the "userdata" array.
public
- Parameters:
-
mixed string
- Returns:
- void
Definition at line 468 of file Session.php.
References sess_write(), and userdata().
Referenced by _flashdata_mark(), keep_flashdata(), and set_flashdata().
00469 { 00470 if (is_string($newdata)) 00471 { 00472 $newdata = array($newdata => $newval); 00473 } 00474 00475 if (count($newdata) > 0) 00476 { 00477 foreach ($newdata as $key => $val) 00478 { 00479 $this->userdata[$key] = $val; 00480 } 00481 } 00482 00483 $this->sess_write(); 00484 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::strip_slashes | ( | $ | vals | ) |
Strip slashes.
public
- Parameters:
-
mixed
- Returns:
- mixed
Definition at line 521 of file Session.php.
Referenced by sess_read().
00522 { 00523 if (is_array($vals)) 00524 { 00525 foreach ($vals as $key=>$val) 00526 { 00527 $vals[$key] = $this->strip_slashes($val); 00528 } 00529 } 00530 else 00531 { 00532 $vals = stripslashes($vals); 00533 } 00534 00535 return $vals; 00536 }
Here is the caller graph for this function:
| CI_Session::unset_userdata | ( | $ | newdata = array() |
) |
Delete a session variable from the "userdata" array.
array
- Returns:
- void
Definition at line 494 of file Session.php.
References sess_write(), and userdata().
Referenced by _flashdata_mark(), and _flashdata_sweep().
00495 { 00496 if (is_string($newdata)) 00497 { 00498 $newdata = array($newdata => ''); 00499 } 00500 00501 if (count($newdata) > 0) 00502 { 00503 foreach ($newdata as $key => $val) 00504 { 00505 unset($this->userdata[$key]); 00506 } 00507 } 00508 00509 $this->sess_write(); 00510 }
Here is the call graph for this function:
Here is the caller graph for this function:
| CI_Session::userdata | ( | $ | item | ) |
Fetch a specific item from the session array.
public
- Parameters:
-
string
- Returns:
- string
Definition at line 440 of file Session.php.
Referenced by all_userdata(), flashdata(), keep_flashdata(), sess_create(), sess_read(), sess_run(), sess_update(), sess_write(), set_userdata(), and unset_userdata().
Here is the caller graph for this function:
Member Data Documentation
| CI_Session::$CI |
Definition at line 29 of file Session.php.
| CI_Session::$encryption = TRUE |
Definition at line 31 of file Session.php.
| CI_Session::$flashdata_key = 'flash' |
| CI_Session::$gc_probability = 5 |
Definition at line 37 of file Session.php.
| CI_Session::$now |
| CI_Session::$sess_cookie = 'ci_session' |
Definition at line 35 of file Session.php.
| CI_Session::$sess_length = 7200 |
Definition at line 34 of file Session.php.
| CI_Session::$session_table = FALSE |
Definition at line 33 of file Session.php.
| CI_Session::$time_to_update = 300 |
Definition at line 39 of file Session.php.
| CI_Session::$use_database = FALSE |
Definition at line 32 of file Session.php.
| CI_Session::$userdata = array() |
The documentation for this class was generated from the following file: