ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilSession.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('Services/Authentication/classes/class.ilSessionControl.php');
5 require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6 require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7 
15 class ilSession
16 {
24  const SESSION_HANDLING_FIXED = 0;
25 
33  const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34 
40  const SESSION_CLOSE_USER = 1; // manual logout
41  const SESSION_CLOSE_EXPIRE = 2; // has expired
42  const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43  const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44  const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45  const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46  const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47  const SESSION_CLOSE_TIME = 8; // account time limit reached
48  const SESSION_CLOSE_IP = 9; // wrong ip
49  const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50  const SESSION_CLOSE_INACTIVE = 11; // inactive account
51 
52  private static $closing_context = null;
53 
60  static function _getData($a_session_id)
61  {
62  global $ilDB;
63 
64  $q = "SELECT data FROM usr_session WHERE session_id = ".
65  $ilDB->quote($a_session_id, "text");
66  $set = $ilDB->query($q);
67  $rec = $ilDB->fetchAssoc($set);
68 
69  return $rec["data"];
70  }
71 
78  static function _writeData($a_session_id, $a_data)
79  {
80  global $ilDB, $ilClientIniFile;
81 
82  if ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION'])
83  {
84  // Prevent session data written for web access checker
85  // when no cookie was sent (e.g. for pdf files linking others).
86  // This would result in new session records for each request.
87  return false;
88  }
89 
90  $now = time();
91 
92  // prepare session data
93  $fields = array(
94  "user_id" => array("integer", (int) $_SESSION["AccountId"]),
95  "expires" => array("integer", self::getExpireValue()),
96  "data" => array("clob", $a_data),
97  "ctime" => array("integer", $now),
98  "type" => array("integer", (int) $_SESSION["SessionType"])
99  );
100  if ($ilClientIniFile->readVariable("session","save_ip"))
101  {
102  $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
103  }
104 
105  if (ilSession::_exists($a_session_id))
106  {
107  $ilDB->update("usr_session", $fields,
108  array("session_id" => array("text", $a_session_id)));
109  }
110  else
111  {
112  $fields["session_id"] = array("text", $a_session_id);
113  $fields["createtime"] = array("integer", $now);
114 
115  $ilDB->insert("usr_session", $fields);
116 
117  // check type against session control
118  $type = $fields["type"][1];
119  if(in_array($type, ilSessionControl::$session_types_controlled))
120  {
121  ilSessionStatistics::createRawEntry($fields["session_id"][1],
122  $type, $fields["createtime"][1], $fields["user_id"][1]);
123  }
124  }
125 
126  // finally delete deprecated sessions
127  if(rand(0, 50) == 2)
128  {
129  // get time _before_ destroying expired sessions
130  self::_destroyExpiredSessions();
131  ilSessionStatistics::aggretateRaw($now);
132  }
133 
134  return true;
135  }
136 
143  static function _exists($a_session_id)
144  {
145  global $ilDB;
146 
147  $q = "SELECT session_id FROM usr_session WHERE session_id = ".
148  $ilDB->quote($a_session_id, "text");
149  $set = $ilDB->query($q);
150  if ($ilDB->fetchAssoc($set))
151  {
152  return true;
153  }
154  return false;
155  }
156 
164  static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
165  {
166  global $ilDB;
167 
168  if(!$a_closing_context)
169  {
170  $a_closing_context = self::$closing_context;
171  }
172 
173  ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
174 
175 
176  if(!is_array($a_session_id))
177  {
178  $q = "DELETE FROM usr_session WHERE session_id = ".
179  $ilDB->quote($a_session_id, "text");
180  }
181  else
182  {
183  // array: id => timestamp - so we get rid of timestamps
184  if($a_expired_at)
185  {
186  $a_session_id = array_keys($a_session_id);
187  }
188  $q = "DELETE FROM usr_session WHERE ".
189  $ilDB->in("session_id", $a_session_id, "", "text");
190  }
191 
192  ilSessionIStorage::destroySession($a_session_id);
193 
194  $ilDB->manipulate($q);
195 
196  return true;
197  }
198 
204  static function _destroyByUserId($a_user_id)
205  {
206  global $ilDB;
207 
208  $q = "DELETE FROM usr_session WHERE user_id = ".
209  $ilDB->quote($a_user_id, "integer");
210  $ilDB->manipulate($q);
211 
212  return true;
213  }
214 
218  static function _destroyExpiredSessions()
219  {
220  global $ilDB;
221 
222  $q = "SELECT session_id,expires FROM usr_session WHERE expires < ".
223  $ilDB->quote(time(), "integer");
224  $res = $ilDB->query($q);
225  $ids = array();
226  while($row = $ilDB->fetchAssoc($res))
227  {
228  $ids[$row["session_id"]] = $row["expires"];
229  }
230  if(sizeof($ids))
231  {
232  self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
233  }
234 
235  return true;
236  }
237 
244  static function _duplicate($a_session_id)
245  {
246  global $ilDB;
247 
248  // Create new session id
249  $new_session = $a_session_id;
250  do
251  {
252  $new_session = md5($new_session);
253  $q ="SELECT * FROM usr_session WHERE ".
254  "session_id = ".$ilDB->quote($new_session, "text");
255  $res = $ilDB->query($q);
256  } while($ilDB->fetchAssoc($res));
257 
258  $query = "SELECT * FROM usr_session ".
259  "WHERE session_id = ".$ilDB->quote($a_session_id, "text");
260  $res = $ilDB->query($query);
261 
262  while ($row = $ilDB->fetchObject($res))
263  {
264  ilSession::_writeData($new_session,$row->data);
265  return $new_session;
266  }
267  return false;
268  }
269 
280  public static function getExpireValue($fixedMode = false)
281  {
282  global $ilSetting;
283 
284  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
285  {
286  // fixed session
287  return time() + ini_get('session.gc_maxlifetime');
288  }
289  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
290  {
291  // load dependent session settings
292  return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
293  }
294  }
295 
306  public static function getIdleValue($fixedMode = false)
307  {
308  global $ilSetting, $ilClientIniFile;
309 
310  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
311  {
312  // fixed session
313  return $ilClientIniFile->readVariable('session','expire');
314  }
315  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
316  {
317  // load dependent session settings
318  return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
319  }
320  }
321 
331  public static function getSessionExpireValue()
332  {
333  return self::getIdleValue(true);
334  }
335 
342  static function _getUsersWithIp($a_ip)
343  {
344  global $ilDB;
345 
346  $query = "SELECT DISTINCT user_id FROM usr_session"
347  . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
348  . " AND user_id > 0";
349  $result = $ilDB->query($query);
350 
351  $users = array();
352  while ($row = $ilDB->fetchObject($result))
353  {
354  $users[] = $row->user_id;
355  }
356  return $users;
357  }
358 
365  static function set($a_var, $a_val)
366  {
367  $_SESSION[$a_var] = $a_val;
368  }
369 
376  static function get($a_var)
377  {
378  return $_SESSION[$a_var];
379  }
380 
387  static function clear($a_var)
388  {
389  unset($_SESSION[$a_var]);
390  }
391 
397  public static function setClosingContext($a_context)
398  {
399  self::$closing_context = (int)$a_context;
400  }
401 
407  public static function getClosingContext()
408  {
409  return self::$closing_context;
410  }
411 }
412 
413 ?>