ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilSession.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('Services/Authentication/classes/class.ilSessionControl.php');
5 require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6 require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7 
15 class ilSession
16 {
24  const SESSION_HANDLING_FIXED = 0;
25 
33  const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34 
40  const SESSION_CLOSE_USER = 1; // manual logout
41  const SESSION_CLOSE_EXPIRE = 2; // has expired
42  const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43  const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44  const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45  const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46  const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47  const SESSION_CLOSE_TIME = 8; // account time limit reached
48  const SESSION_CLOSE_IP = 9; // wrong ip
49  const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50  const SESSION_CLOSE_INACTIVE = 11; // inactive account
51  const SESSION_CLOSE_CAPTCHA = 12; // invalid captcha
52 
53  private static $closing_context = null;
54 
61  static function _getData($a_session_id)
62  {
63  if(!$a_session_id) {
64  return NULL;
65  }
66  global $ilDB;
67 
68  $q = "SELECT data FROM usr_session WHERE session_id = ".
69  $ilDB->quote($a_session_id, "text");
70  $set = $ilDB->query($q);
71  $rec = $ilDB->fetchAssoc($set);
72 
73  return $rec["data"];
74  }
75 
82  static function _writeData($a_session_id, $a_data)
83  {
84  global $ilDB, $ilClientIniFile;
85 
86  if ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'])
87  {
88  // Prevent session data written for web access checker
89  // when no cookie was sent (e.g. for pdf files linking others).
90  // This would result in new session records for each request.
91  return false;
92  }
93 
94  $now = time();
95 
96  // prepare session data
97  $fields = array(
98  "user_id" => array("integer", (int) $_SESSION["AccountId"]),
99  "expires" => array("integer", self::getExpireValue()),
100  "data" => array("clob", $a_data),
101  "ctime" => array("integer", $now),
102  "type" => array("integer", (int) $_SESSION["SessionType"])
103  );
104  if ($ilClientIniFile->readVariable("session","save_ip"))
105  {
106  $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
107  }
108 
109  if (ilSession::_exists($a_session_id))
110  {
111  $ilDB->update("usr_session", $fields,
112  array("session_id" => array("text", $a_session_id)));
113  }
114  else
115  {
116  $fields["session_id"] = array("text", $a_session_id);
117  $fields["createtime"] = array("integer", $now);
118 
119  $ilDB->insert("usr_session", $fields);
120 
121  // check type against session control
122  $type = $fields["type"][1];
123  if(in_array($type, ilSessionControl::$session_types_controlled))
124  {
125  ilSessionStatistics::createRawEntry($fields["session_id"][1],
126  $type, $fields["createtime"][1], $fields["user_id"][1]);
127  }
128  }
129 
130  // finally delete deprecated sessions
131  if(rand(0, 50) == 2)
132  {
133  // get time _before_ destroying expired sessions
134  self::_destroyExpiredSessions();
135  ilSessionStatistics::aggretateRaw($now);
136  }
137 
138  return true;
139  }
140 
141 
142 
149  static function _exists($a_session_id)
150  {
151  if (! $a_session_id) {
152  return false;
153  }
154  global $ilDB;
155 
156  $q = "SELECT 1 FROM usr_session WHERE session_id = " . $ilDB->quote($a_session_id, "text");
157  $set = $ilDB->query($q);
158 
159  return $ilDB->numRows($set) > 0;
160  }
161 
169  static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
170  {
171  global $ilDB;
172 
173  if(!$a_closing_context)
174  {
175  $a_closing_context = self::$closing_context;
176  }
177 
178  ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
179 
180 
181  if(!is_array($a_session_id))
182  {
183  $q = "DELETE FROM usr_session WHERE session_id = ".
184  $ilDB->quote($a_session_id, "text");
185  }
186  else
187  {
188  // array: id => timestamp - so we get rid of timestamps
189  if($a_expired_at)
190  {
191  $a_session_id = array_keys($a_session_id);
192  }
193  $q = "DELETE FROM usr_session WHERE ".
194  $ilDB->in("session_id", $a_session_id, "", "text");
195  }
196 
197  ilSessionIStorage::destroySession($a_session_id);
198 
199  $ilDB->manipulate($q);
200 
201  return true;
202  }
203 
209  static function _destroyByUserId($a_user_id)
210  {
211  global $ilDB;
212 
213  $q = "DELETE FROM usr_session WHERE user_id = ".
214  $ilDB->quote($a_user_id, "integer");
215  $ilDB->manipulate($q);
216 
217  return true;
218  }
219 
223  static function _destroyExpiredSessions()
224  {
225  global $ilDB;
226 
227  $q = "SELECT session_id,expires FROM usr_session WHERE expires < ".
228  $ilDB->quote(time(), "integer");
229  $res = $ilDB->query($q);
230  $ids = array();
231  while($row = $ilDB->fetchAssoc($res))
232  {
233  $ids[$row["session_id"]] = $row["expires"];
234  }
235  if(sizeof($ids))
236  {
237  self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
238  }
239 
240  return true;
241  }
242 
249  static function _duplicate($a_session_id)
250  {
251  global $ilDB;
252 
253  // Create new session id
254  $new_session = $a_session_id;
255  do
256  {
257  $new_session = md5($new_session);
258  $q ="SELECT * FROM usr_session WHERE ".
259  "session_id = ".$ilDB->quote($new_session, "text");
260  $res = $ilDB->query($q);
261  } while($ilDB->fetchAssoc($res));
262 
263  $query = "SELECT * FROM usr_session ".
264  "WHERE session_id = ".$ilDB->quote($a_session_id, "text");
265  $res = $ilDB->query($query);
266 
267  while ($row = $ilDB->fetchObject($res))
268  {
269  ilSession::_writeData($new_session,$row->data);
270  return $new_session;
271  }
272  return false;
273  }
274 
285  public static function getExpireValue($fixedMode = false)
286  {
287  global $ilSetting;
288 
289  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
290  {
291  // fixed session
292  return time() + ini_get('session.gc_maxlifetime');
293  }
294  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
295  {
296  // load dependent session settings
297  return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
298  }
299  }
300 
311  public static function getIdleValue($fixedMode = false)
312  {
313  global $ilSetting, $ilClientIniFile;
314 
315  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
316  {
317  // fixed session
318  return $ilClientIniFile->readVariable('session','expire');
319  }
320  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
321  {
322  // load dependent session settings
323  return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
324  }
325  }
326 
336  public static function getSessionExpireValue()
337  {
338  return self::getIdleValue(true);
339  }
340 
347  static function _getUsersWithIp($a_ip)
348  {
349  global $ilDB;
350 
351  $query = "SELECT DISTINCT user_id FROM usr_session"
352  . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
353  . " AND user_id > 0";
354  $result = $ilDB->query($query);
355 
356  $users = array();
357  while ($row = $ilDB->fetchObject($result))
358  {
359  $users[] = $row->user_id;
360  }
361  return $users;
362  }
363 
370  static function set($a_var, $a_val)
371  {
372  $_SESSION[$a_var] = $a_val;
373  }
374 
381  static function get($a_var)
382  {
383  return $_SESSION[$a_var];
384  }
385 
392  static function clear($a_var)
393  {
394  unset($_SESSION[$a_var]);
395  }
396 
402  public static function setClosingContext($a_context)
403  {
404  self::$closing_context = (int)$a_context;
405  }
406 
412  public static function getClosingContext()
413  {
414  return self::$closing_context;
415  }
416 }
417 
418 ?>