ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilSession.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('Services/Authentication/classes/class.ilSessionControl.php');
5 require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6 require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7 
15 class ilSession
16 {
24  const SESSION_HANDLING_FIXED = 0;
25 
33  const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34 
40  const SESSION_CLOSE_USER = 1; // manual logout
41  const SESSION_CLOSE_EXPIRE = 2; // has expired
42  const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43  const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44  const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45  const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46  const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47  const SESSION_CLOSE_TIME = 8; // account time limit reached
48  const SESSION_CLOSE_IP = 9; // wrong ip
49  const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50  const SESSION_CLOSE_INACTIVE = 11; // inactive account
51  const SESSION_CLOSE_CAPTCHA = 12; // invalid captcha
52 
53  private static $closing_context = null;
54 
58  protected static $enable_web_access_without_session = false;
59 
69  static function _getData($a_session_id)
70  {
71  if(!$a_session_id) {
72  // fix for php #70520
73  return '';
74  }
75  global $ilDB;
76 
77  $q = "SELECT data FROM usr_session WHERE session_id = ".
78  $ilDB->quote($a_session_id, "text");
79  $set = $ilDB->query($q);
80  $rec = $ilDB->fetchAssoc($set);
81 
82  // fix for php #70520
83  return (string) $rec["data"];
84  }
85 
92  public static function lookupExpireTime($a_session_id)
93  {
94  global $ilDB;
95 
96  $query = 'SELECT expires FROM usr_session WHERE session_id = '.
97  $ilDB->quote($a_session_id, 'text');
98  $res = $ilDB->query($query);
99  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
100  {
101  return (int) $row->expires;
102  }
103  return 0;
104  }
105 
106 
113  static function _writeData($a_session_id, $a_data)
114  {
115  global $ilDB, $ilClientIniFile;
116 
117  if (self::isWebAccessWithoutSessionEnabled())
118  {
119  // Prevent session data written for web access checker
120  // when no cookie was sent (e.g. for pdf files linking others).
121  // This would result in new session records for each request.
122  return true;
123  }
124 
125  $now = time();
126 
127  // prepare session data
128  $fields = array(
129  "user_id" => array("integer", (int) $_SESSION['_authsession_user_id']),
130  "expires" => array("integer", self::getExpireValue()),
131  "data" => array("clob", $a_data),
132  "ctime" => array("integer", $now),
133  "type" => array("integer", (int) $_SESSION["SessionType"])
134  );
135  if ($ilClientIniFile->readVariable("session","save_ip"))
136  {
137  $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
138  }
139 
140  if (ilSession::_exists($a_session_id))
141  {
142  $ilDB->update("usr_session", $fields,
143  array("session_id" => array("text", $a_session_id)));
144  }
145  else
146  {
147  $fields["session_id"] = array("text", $a_session_id);
148  $fields["createtime"] = array("integer", $now);
149 
150  $ilDB->insert("usr_session", $fields);
151 
152  // check type against session control
153  $type = $fields["type"][1];
154  if(in_array($type, ilSessionControl::$session_types_controlled))
155  {
156  ilSessionStatistics::createRawEntry($fields["session_id"][1],
157  $type, $fields["createtime"][1], $fields["user_id"][1]);
158  }
159  }
160 
161  // finally delete deprecated sessions
162  if(rand(0, 50) == 2)
163  {
164  // get time _before_ destroying expired sessions
165  self::_destroyExpiredSessions();
166  ilSessionStatistics::aggretateRaw($now);
167  }
168 
169  return true;
170  }
171 
172 
173 
180  static function _exists($a_session_id)
181  {
182  if (! $a_session_id) {
183  return false;
184  }
185  global $ilDB;
186 
187  $q = "SELECT 1 FROM usr_session WHERE session_id = " . $ilDB->quote($a_session_id, "text");
188  $set = $ilDB->query($q);
189 
190  return $ilDB->numRows($set) > 0;
191  }
192 
200  static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
201  {
202  global $ilDB;
203 
204  if(!$a_closing_context)
205  {
206  $a_closing_context = self::$closing_context;
207  }
208 
209  ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
210 
211 
212  if(!is_array($a_session_id))
213  {
214  $q = "DELETE FROM usr_session WHERE session_id = ".
215  $ilDB->quote($a_session_id, "text");
216  }
217  else
218  {
219  // array: id => timestamp - so we get rid of timestamps
220  if($a_expired_at)
221  {
222  $a_session_id = array_keys($a_session_id);
223  }
224  $q = "DELETE FROM usr_session WHERE ".
225  $ilDB->in("session_id", $a_session_id, "", "text");
226  }
227 
228  ilSessionIStorage::destroySession($a_session_id);
229 
230  $ilDB->manipulate($q);
231 
232  return true;
233  }
234 
240  static function _destroyByUserId($a_user_id)
241  {
242  global $ilDB;
243 
244  $q = "DELETE FROM usr_session WHERE user_id = ".
245  $ilDB->quote($a_user_id, "integer");
246  $ilDB->manipulate($q);
247 
248  return true;
249  }
250 
254  static function _destroyExpiredSessions()
255  {
256  global $ilDB;
257 
258  $q = "SELECT session_id,expires FROM usr_session WHERE expires < ".
259  $ilDB->quote(time(), "integer");
260  $res = $ilDB->query($q);
261  $ids = array();
262  while($row = $ilDB->fetchAssoc($res))
263  {
264  $ids[$row["session_id"]] = $row["expires"];
265  }
266  if(sizeof($ids))
267  {
268  self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
269  }
270 
271  return true;
272  }
273 
280  static function _duplicate($a_session_id)
281  {
282  global $ilDB;
283 
284  // Create new session id
285  $new_session = $a_session_id;
286  do
287  {
288  $new_session = md5($new_session);
289  $q ="SELECT * FROM usr_session WHERE ".
290  "session_id = ".$ilDB->quote($new_session, "text");
291  $res = $ilDB->query($q);
292  } while($ilDB->fetchAssoc($res));
293 
294  $query = "SELECT * FROM usr_session ".
295  "WHERE session_id = ".$ilDB->quote($a_session_id, "text");
296  $res = $ilDB->query($query);
297 
298  while ($row = $ilDB->fetchObject($res))
299  {
300  ilSession::_writeData($new_session,$row->data);
301  return $new_session;
302  }
303  return false;
304  }
305 
316  public static function getExpireValue($fixedMode = false)
317  {
318  global $ilSetting;
319 
320  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
321  {
322  // fixed session
323  return time() + self::getIdleValue($fixedMode);
324  }
325  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
326  {
327  // load dependent session settings
328  return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
329  }
330  }
331 
342  public static function getIdleValue($fixedMode = false)
343  {
344  global $ilSetting, $ilClientIniFile;
345 
346  if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
347  {
348  // fixed session
349  return $ilClientIniFile->readVariable('session','expire');
350  }
351  else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
352  {
353  // load dependent session settings
354  return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
355  }
356  }
357 
367  public static function getSessionExpireValue()
368  {
369  return self::getIdleValue(true);
370  }
371 
378  static function _getUsersWithIp($a_ip)
379  {
380  global $ilDB;
381 
382  $query = "SELECT DISTINCT user_id FROM usr_session"
383  . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
384  . " AND user_id > 0";
385  $result = $ilDB->query($query);
386 
387  $users = array();
388  while ($row = $ilDB->fetchObject($result))
389  {
390  $users[] = $row->user_id;
391  }
392  return $users;
393  }
394 
401  static function set($a_var, $a_val)
402  {
403  $_SESSION[$a_var] = $a_val;
404  }
405 
412  static function get($a_var)
413  {
414  return $_SESSION[$a_var];
415  }
416 
423  static function clear($a_var)
424  {
425  unset($_SESSION[$a_var]);
426  }
427 
433  public static function setClosingContext($a_context)
434  {
435  self::$closing_context = (int)$a_context;
436  }
437 
443  public static function getClosingContext()
444  {
445  return self::$closing_context;
446  }
447 
448 
449 
453  public static function isWebAccessWithoutSessionEnabled()
454  {
455  return (bool)self::$enable_web_access_without_session;
456  }
457 
461  public static function enableWebAccessWithoutSession($enable_web_access_without_session)
462  {
463  self::$enable_web_access_without_session = (bool)$enable_web_access_without_session;
464  }
465 }
466 
467 ?>
ilSession\SESSION_CLOSE_IDLE
const SESSION_CLOSE_IDLE
Definition: class.ilSession.php:43
ilSession\_destroy
static _destroy($a_session_id, $a_closing_context=null, $a_expired_at=null)
Destroy session.
Definition: class.ilSession.php:200
ilSession\enableWebAccessWithoutSession
static enableWebAccessWithoutSession($enable_web_access_without_session)
Definition: class.ilSession.php:461
ilSession\SESSION_CLOSE_CAPTCHA
const SESSION_CLOSE_CAPTCHA
Definition: class.ilSession.php:51
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$result
$result
Definition: CleanUpTest.php:407
ilSession\SESSION_CLOSE_INACTIVE
const SESSION_CLOSE_INACTIVE
Definition: class.ilSession.php:50
ilSession\SESSION_CLOSE_LOGIN
const SESSION_CLOSE_LOGIN
Definition: class.ilSession.php:45
ilSession\SESSION_CLOSE_TIME
const SESSION_CLOSE_TIME
Definition: class.ilSession.php:47
ilSession\SESSION_HANDLING_FIXED
const SESSION_HANDLING_FIXED
Definition: class.ilSession.php:24
ilSession\_destroyExpiredSessions
static _destroyExpiredSessions()
Destroy expired sessions.
Definition: class.ilSession.php:254
ilSession\SESSION_CLOSE_EXPIRE
const SESSION_CLOSE_EXPIRE
Definition: class.ilSession.php:41
ilSession\getExpireValue
static getExpireValue($fixedMode=false)
Returns the expiration timestamp in seconds.
Definition: class.ilSession.php:316
ilSession\_exists
static _exists($a_session_id)
Check whether session exists.
Definition: class.ilSession.php:180
ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40
ilSessionIStorage\destroySession
static destroySession($a_session_id)
Destroy session(s).
Definition: class.ilSessionIStorage.php:108
ilSession\clear
static clear($a_var)
Unset a value.
Definition: class.ilSession.php:423
ilSession\_getData
static _getData($a_session_id)
Get session data from table.
Definition: class.ilSession.php:69
ilSessionStatistics\createRawEntry
static createRawEntry($a_session_id, $a_session_type, $a_timestamp, $a_user_id)
Create raw data entry.
Definition: class.ilSessionStatistics.php:40
ilSession\_destroyByUserId
static _destroyByUserId($a_user_id)
Destroy session.
Definition: class.ilSession.php:240
ilSession\getIdleValue
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
Definition: class.ilSession.php:342
ilSession\isWebAccessWithoutSessionEnabled
static isWebAccessWithoutSessionEnabled()
Definition: class.ilSession.php:453
ilSession\SESSION_CLOSE_LIMIT
const SESSION_CLOSE_LIMIT
Definition: class.ilSession.php:44
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilSession\lookupExpireTime
static lookupExpireTime($a_session_id)
Lookup expire time for a specific session ilDB $ilDB.
Definition: class.ilSession.php:92
ilSession\$enable_web_access_without_session
static $enable_web_access_without_session
Definition: class.ilSession.php:58
ilSession\SESSION_CLOSE_PUBLIC
const SESSION_CLOSE_PUBLIC
Definition: class.ilSession.php:46
ilSession\SESSION_CLOSE_SIMUL
const SESSION_CLOSE_SIMUL
Definition: class.ilSession.php:49
ilSession\_writeData
static _writeData($a_session_id, $a_data)
Write session data.
Definition: class.ilSession.php:113
ilSession\_duplicate
static _duplicate($a_session_id)
Duplicate session.
Definition: class.ilSession.php:280
ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:433
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilSession\SESSION_HANDLING_LOAD_DEPENDENT
const SESSION_HANDLING_LOAD_DEPENDENT
Definition: class.ilSession.php:33
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:378
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
ilSession\getClosingContext
static getClosingContext()
get closing context (for statistics)
Definition: class.ilSession.php:443
ilSession\getSessionExpireValue
static getSessionExpireValue()
Returns the session expiration value.
Definition: class.ilSession.php:367
ilSessionStatistics\aggretateRaw
static aggretateRaw($a_now)
Aggregate raw session data (older than given time)
Definition: class.ilSessionStatistics.php:266
ilSession\$closing_context
static $closing_context
Definition: class.ilSession.php:53
ilSession\SESSION_CLOSE_FIRST
const SESSION_CLOSE_FIRST
Definition: class.ilSession.php:42
ilSession\SESSION_CLOSE_IP
const SESSION_CLOSE_IP
Definition: class.ilSession.php:48
ilSessionStatistics\closeRawEntry
static closeRawEntry($a_session_id, $a_context=null, $a_expired_at=null)
Close raw data entry.
Definition: class.ilSessionStatistics.php:72