ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilSession.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('Services/Authentication/classes/class.ilSessionControl.php');
5 require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6 require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7 
15 class ilSession
16 {
24  const SESSION_HANDLING_FIXED = 0;
25 
33  const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34 
40  const SESSION_CLOSE_USER = 1; // manual logout
41  const SESSION_CLOSE_EXPIRE = 2; // has expired
42  const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43  const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44  const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45  const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46  const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47  const SESSION_CLOSE_TIME = 8; // account time limit reached
48  const SESSION_CLOSE_IP = 9; // wrong ip
49  const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50  const SESSION_CLOSE_INACTIVE = 11; // inactive account
51  const SESSION_CLOSE_CAPTCHA = 12; // invalid captcha
52 
53  private static $closing_context = null;
54 
61  static function _getData($a_session_id)
62  {
63  global $ilDB;
64 
65  $q = "SELECT data FROM usr_session WHERE session_id = ".
66  $ilDB->quote($a_session_id, "text");
67  $set = $ilDB->query($q);
68  $rec = $ilDB->fetchAssoc($set);
69 
70  return $rec["data"];
71  }
72 
79  static function _writeData($a_session_id, $a_data)
80  {
81  global $ilDB, $ilClientIniFile;
82 
83  if ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'])
84  {
85  // Prevent session data written for web access checker
86  // when no cookie was sent (e.g. for pdf files linking others).
87  // This would result in new session records for each request.
88  return false;
89  }
90 
91  $now = time();
92 
93  // prepare session data
94  $fields = array(
95  "user_id" => array("integer", (int) $_SESSION["AccountId"]),
96  "expires" => array("integer", self::getExpireValue()),
97  "data" => array("clob", $a_data),
98  "ctime" => array("integer", $now),
99  "type" => array("integer", (int) $_SESSION["SessionType"])
100  );
101  if ($ilClientIniFile->readVariable("session","save_ip"))
102  {
103  $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
104  }
105 
106  if (ilSession::_exists($a_session_id))
107  {
108  $ilDB->update("usr_session", $fields,
109  array("session_id" => array("text", $a_session_id)));
110  }
111  else
112  {
113  $fields["session_id"] = array("text", $a_session_id);
114  $fields["createtime"] = array("integer", $now);
115 
116  $ilDB->insert("usr_session", $fields);
117 
118  // check type against session control
119  $type = $fields["type"][1];
120  if(in_array($type, ilSessionControl::$session_types_controlled))
121  {
122  ilSessionStatistics::createRawEntry($fields["session_id"][1],
123  $type, $fields["createtime"][1], $fields["user_id"][1]);
124  }
125  }
126 
127  // finally delete deprecated sessions
128  if(rand(0, 50) == 2)
129  {
130  // get time _before_ destroying expired sessions
131  self::_destroyExpiredSessions();
132  ilSessionStatistics::aggretateRaw($now);
133  }
134 
135  return true;
136  }
137 
144  static function _exists($a_session_id)
145  {
146  global $ilDB;
147 
148  $q = "SELECT session_id FROM usr_session WHERE session_id = ".
149  $ilDB->quote($a_session_id, "text");
150  $set = $ilDB->query($q);
151  if ($ilDB->fetchAssoc($set))
152  {
153  return true;
154  }
155  return false;
156  }
157 
165  static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
166  {
167  global $ilDB;
168 
169  if(!$a_closing_context)
170  {
171  $a_closing_context = self::$closing_context;
172  }
173 
174  ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
175 
176 
177  if(!is_array($a_session_id))
178  {
179  $q = "DELETE FROM usr_session WHERE session_id = ".
180  $ilDB->quote($a_session_id, "text");
181  }
182  else
183  {
184  // array: id => timestamp - so we get rid of timestamps
185  if($a_expired_at)
186  {
187  $a_session_id = array_keys($a_session_id);
188  }
189  $q = "DELETE FROM usr_session WHERE ".
190  $ilDB->in("session_id", $a_session_id, "", "text");
191  }
192 
193  ilSessionIStorage::destroySession($a_session_id);
194 
195  $ilDB->manipulate($q);
196 
197  return true;
198  }
199 
205  static function _destroyByUserId($a_user_id)
206  {
207  global $ilDB;
208 
209  $q = "DELETE FROM usr_session WHERE user_id = ".
210  $ilDB->quote($a_user_id, "integer");
211  $ilDB->manipulate($q);
212 
213  return true;
214  }
215 
219  static function _destroyExpiredSessions()
220  {
221  global $ilDB;
222 
223  $q = "SELECT session_id,expires FROM usr_session WHERE expires < ".
224  $ilDB->quote(time(), "integer");
225  $res = $ilDB->query($q);
226  $ids = array();
227  while($row = $ilDB->fetchAssoc($res))
228  {
229  $ids[$row["session_id"]] = $row["expires"];
230  }
231  if(sizeof($ids))
232  {
233  self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
234  }
235 
236  return true;
237  }
238 
245  static function _duplicate($a_session_id)
246  {
247  global $ilDB;
248 
249  // Create new session id
250  $new_session = $a_session_id;
251  do
252  {
253  $new_session = md5($new_session);
254  $q ="SELECT * FROM usr_session WHERE ".
255  "session_id = ".$ilDB->quote($new_session, "text");
256  $res = $ilDB->query($q);
257  } while($ilDB->fetchAssoc($res));
258 
259  $query = "SELECT * FROM usr_session ".
260  "WHERE session_id = ".$ilDB->quote($a_session_id, "text");
261  $res = $ilDB->query($query);
262 
263  while ($row = $ilDB->fetchObject($res))
264  {
265  ilSession::_writeData($new_session,$row->data);
266  return $new_session;
267  }
268  return false;
269  }
270 
281  public static function getExpireValue($fixedMode = false)
282  {
283  global $ilSetting;
284 
285  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
286  {
287  // fixed session
288  return time() + ini_get('session.gc_maxlifetime');
289  }
290  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
291  {
292  // load dependent session settings
293  return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
294  }
295  }
296 
307  public static function getIdleValue($fixedMode = false)
308  {
309  global $ilSetting, $ilClientIniFile;
310 
311  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
312  {
313  // fixed session
314  return $ilClientIniFile->readVariable('session','expire');
315  }
316  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
317  {
318  // load dependent session settings
319  return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
320  }
321  }
322 
332  public static function getSessionExpireValue()
333  {
334  return self::getIdleValue(true);
335  }
336 
343  static function _getUsersWithIp($a_ip)
344  {
345  global $ilDB;
346 
347  $query = "SELECT DISTINCT user_id FROM usr_session"
348  . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
349  . " AND user_id > 0";
350  $result = $ilDB->query($query);
351 
352  $users = array();
353  while ($row = $ilDB->fetchObject($result))
354  {
355  $users[] = $row->user_id;
356  }
357  return $users;
358  }
359 
366  static function set($a_var, $a_val)
367  {
368  $_SESSION[$a_var] = $a_val;
369  }
370 
377  static function get($a_var)
378  {
379  return $_SESSION[$a_var];
380  }
381 
388  static function clear($a_var)
389  {
390  unset($_SESSION[$a_var]);
391  }
392 
398  public static function setClosingContext($a_context)
399  {
400  self::$closing_context = (int)$a_context;
401  }
402 
408  public static function getClosingContext()
409  {
410  return self::$closing_context;
411  }
412 }
413 
414 ?>