336 lines
		
	
	
		
			8.6 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			336 lines
		
	
	
		
			8.6 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| /**
 | |
|  * elFinder - file manager for web.
 | |
|  * Session Wrapper Class.
 | |
|  *
 | |
|  * @package elfinder
 | |
|  * @author  Naoki Sawada
 | |
|  **/
 | |
| 
 | |
| class elFinderSession implements elFinderSessionInterface
 | |
| {
 | |
|     /**
 | |
|      * A flag of session started
 | |
|      *
 | |
|      * @var        boolean
 | |
|      */
 | |
|     protected $started = false;
 | |
| 
 | |
|     /**
 | |
|      * To fix PHP bug that duplicate Set-Cookie header to be sent
 | |
|      *
 | |
|      * @var        boolean
 | |
|      * @see        https://bugs.php.net/bug.php?id=75554
 | |
|      */
 | |
|     protected $fixCookieRegist = false;
 | |
| 
 | |
|     /**
 | |
|      * Array of session keys of this instance
 | |
|      *
 | |
|      * @var        array
 | |
|      */
 | |
|     protected $keys = array();
 | |
| 
 | |
|     /**
 | |
|      * Is enabled base64encode
 | |
|      *
 | |
|      * @var        boolean
 | |
|      */
 | |
|     protected $base64encode = false;
 | |
| 
 | |
|     /**
 | |
|      * Default options array
 | |
|      *
 | |
|      * @var        array
 | |
|      */
 | |
|     protected $opts = array(
 | |
|         'base64encode' => false,
 | |
|         'keys' => array(
 | |
|             'default' => 'elFinderCaches',
 | |
|             'netvolume' => 'elFinderNetVolumes'
 | |
|         ),
 | |
|         'cookieParams' => array()
 | |
|     );
 | |
| 
 | |
|     /**
 | |
|      * Constractor
 | |
|      *
 | |
|      * @param      array $opts The options
 | |
|      *
 | |
|      * @return     self    Instanse of this class
 | |
|      */
 | |
|     public function __construct($opts)
 | |
|     {
 | |
|         $this->opts = array_merge($this->opts, $opts);
 | |
|         $this->base64encode = !empty($this->opts['base64encode']);
 | |
|         $this->keys = $this->opts['keys'];
 | |
|         if (function_exists('apache_get_version') || $this->opts['cookieParams']) {
 | |
|             $this->fixCookieRegist = true;
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * {@inheritdoc}
 | |
|      */
 | |
|     public function get($key, $empty = null)
 | |
|     {
 | |
|         $closed = false;
 | |
|         if (!$this->started) {
 | |
|             $closed = true;
 | |
|             $this->start();
 | |
|         }
 | |
| 
 | |
|         $data = null;
 | |
| 
 | |
|         if ($this->started) {
 | |
|             $session =& $this->getSessionRef($key);
 | |
|             $data = $session;
 | |
|             if ($data && $this->base64encode) {
 | |
|                 $data = $this->decodeData($data);
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         $checkFn = null;
 | |
|         if (!is_null($empty)) {
 | |
|             if (is_string($empty)) {
 | |
|                 $checkFn = 'is_string';
 | |
|             } elseif (is_array($empty)) {
 | |
|                 $checkFn = 'is_array';
 | |
|             } elseif (is_object($empty)) {
 | |
|                 $checkFn = 'is_object';
 | |
|             } elseif (is_float($empty)) {
 | |
|                 $checkFn = 'is_float';
 | |
|             } elseif (is_int($empty)) {
 | |
|                 $checkFn = 'is_int';
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if (is_null($data) || ($checkFn && !$checkFn($data))) {
 | |
|             $session = $data = $empty;
 | |
|         }
 | |
| 
 | |
|         if ($closed) {
 | |
|             $this->close();
 | |
|         }
 | |
| 
 | |
|         return $data;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * {@inheritdoc}
 | |
|      */
 | |
|     public function start()
 | |
|     {
 | |
|         set_error_handler(array($this, 'session_start_error'), E_NOTICE | E_WARNING);
 | |
| 
 | |
|         // apache2 SAPI has a bug of session cookie register
 | |
|         // see https://bugs.php.net/bug.php?id=75554
 | |
|         // see https://github.com/php/php-src/pull/3231
 | |
|         if ($this->fixCookieRegist === true) {
 | |
|             if ((int)ini_get('session.use_cookies') === 1) {
 | |
|                 if (ini_set('session.use_cookies', 0) === false) {
 | |
|                     $this->fixCookieRegist = false;
 | |
|                 }
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
 | |
|             if (session_status() !== PHP_SESSION_ACTIVE) {
 | |
|                 session_start();
 | |
|             }
 | |
|         } else {
 | |
|             session_start();
 | |
|         }
 | |
|         $this->started = session_id() ? true : false;
 | |
| 
 | |
|         restore_error_handler();
 | |
| 
 | |
|         return $this;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * Get variable reference of $_SESSION
 | |
|      *
 | |
|      * @param string $key key of $_SESSION array
 | |
|      *
 | |
|      * @return mixed|null
 | |
|      */
 | |
|     protected function & getSessionRef($key)
 | |
|     {
 | |
|         $session = null;
 | |
|         if ($this->started) {
 | |
|             list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
 | |
|             if (is_null($name)) {
 | |
|                 if (!isset($this->keys[$cat])) {
 | |
|                     $name = $cat;
 | |
|                     $cat = 'default';
 | |
|                 }
 | |
|             }
 | |
|             if (isset($this->keys[$cat])) {
 | |
|                 $cat = $this->keys[$cat];
 | |
|             } else {
 | |
|                 $name = $cat . '.' . $name;
 | |
|                 $cat = $this->keys['default'];
 | |
|             }
 | |
|             if (is_null($name)) {
 | |
|                 if (!isset($_SESSION[$cat])) {
 | |
|                     $_SESSION[$cat] = null;
 | |
|                 }
 | |
|                 $session =& $_SESSION[$cat];
 | |
|             } else {
 | |
|                 if (!isset($_SESSION[$cat]) || !is_array($_SESSION[$cat])) {
 | |
|                     $_SESSION[$cat] = array();
 | |
|                 }
 | |
|                 if (!isset($_SESSION[$cat][$name])) {
 | |
|                     $_SESSION[$cat][$name] = null;
 | |
|                 }
 | |
|                 $session =& $_SESSION[$cat][$name];
 | |
|             }
 | |
|         }
 | |
|         return $session;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * base64 decode of session val
 | |
|      *
 | |
|      * @param $data
 | |
|      *
 | |
|      * @return bool|mixed|string|null
 | |
|      */
 | |
|     protected function decodeData($data)
 | |
|     {
 | |
|         if ($this->base64encode) {
 | |
|             if (is_string($data)) {
 | |
|                 if (($data = base64_decode($data)) !== false) {
 | |
|                     $data = unserialize($data);
 | |
|                 } else {
 | |
|                     $data = null;
 | |
|                 }
 | |
|             } else {
 | |
|                 $data = null;
 | |
|             }
 | |
|         }
 | |
|         return $data;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * {@inheritdoc}
 | |
|      */
 | |
|     public function close()
 | |
|     {
 | |
|         if ($this->started) {
 | |
|             if ($this->fixCookieRegist === true) {
 | |
|                 // regist cookie only once for apache2 SAPI
 | |
|                 $cParm = session_get_cookie_params();
 | |
|                 if ($this->opts['cookieParams'] && is_array($this->opts['cookieParams'])) {
 | |
|                     $cParm = array_merge($cParm, $this->opts['cookieParams']);
 | |
|                 }
 | |
|                 if (version_compare(PHP_VERSION, '7.3', '<')) {
 | |
|                     setcookie(session_name(), session_id(), 0, $cParm['path'] . (!empty($cParm['SameSite'])? '; SameSite=' . $cParm['SameSite'] : ''), $cParm['domain'], $cParm['secure'], $cParm['httponly']);
 | |
|                 } else {
 | |
|                     $allows = array('expires' => true, 'path' => true, 'domain' => true, 'secure' => true, 'httponly' => true, 'samesite' => true);
 | |
|                     foreach(array_keys($cParm) as $_k) {
 | |
|                         if (!isset($allows[$_k])) {
 | |
|                             unset($cParm[$_k]);
 | |
|                         }
 | |
|                     }
 | |
|                     setcookie(session_name(), session_id(), $cParm);
 | |
|                 }
 | |
|                 $this->fixCookieRegist = false;
 | |
|             }
 | |
|             session_write_close();
 | |
|         }
 | |
|         $this->started = false;
 | |
| 
 | |
|         return $this;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * {@inheritdoc}
 | |
|      */
 | |
|     public function set($key, $data)
 | |
|     {
 | |
|         $closed = false;
 | |
|         if (!$this->started) {
 | |
|             $closed = true;
 | |
|             $this->start();
 | |
|         }
 | |
|         $session =& $this->getSessionRef($key);
 | |
|         if ($this->base64encode) {
 | |
|             $data = $this->encodeData($data);
 | |
|         }
 | |
|         $session = $data;
 | |
| 
 | |
|         if ($closed) {
 | |
|             $this->close();
 | |
|         }
 | |
| 
 | |
|         return $this;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * base64 encode for session val
 | |
|      *
 | |
|      * @param $data
 | |
|      *
 | |
|      * @return string
 | |
|      */
 | |
|     protected function encodeData($data)
 | |
|     {
 | |
|         if ($this->base64encode) {
 | |
|             $data = base64_encode(serialize($data));
 | |
|         }
 | |
|         return $data;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * {@inheritdoc}
 | |
|      */
 | |
|     public function remove($key)
 | |
|     {
 | |
|         $closed = false;
 | |
|         if (!$this->started) {
 | |
|             $closed = true;
 | |
|             $this->start();
 | |
|         }
 | |
| 
 | |
|         list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
 | |
|         if (is_null($name)) {
 | |
|             if (!isset($this->keys[$cat])) {
 | |
|                 $name = $cat;
 | |
|                 $cat = 'default';
 | |
|             }
 | |
|         }
 | |
|         if (isset($this->keys[$cat])) {
 | |
|             $cat = $this->keys[$cat];
 | |
|         } else {
 | |
|             $name = $cat . '.' . $name;
 | |
|             $cat = $this->keys['default'];
 | |
|         }
 | |
|         if (is_null($name)) {
 | |
|             unset($_SESSION[$cat]);
 | |
|         } else {
 | |
|             if (isset($_SESSION[$cat]) && is_array($_SESSION[$cat])) {
 | |
|                 unset($_SESSION[$cat][$name]);
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         if ($closed) {
 | |
|             $this->close();
 | |
|         }
 | |
| 
 | |
|         return $this;
 | |
|     }
 | |
| 
 | |
|     /**
 | |
|      * sessioin error handler (Only for suppression of error at session start)
 | |
|      *
 | |
|      * @param $errno
 | |
|      * @param $errstr
 | |
|      */
 | |
|     protected function session_start_error($errno, $errstr)
 | |
|     {
 | |
|     }
 | |
| }
 |