ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilSession.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once('Services/Authentication/classes/class.ilSessionControl.php');
5require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7
15class ilSession
16{
24 const SESSION_HANDLING_FIXED = 0;
25
33 const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34
40 const SESSION_CLOSE_USER = 1; // manual logout
41 const SESSION_CLOSE_EXPIRE = 2; // has expired
42 const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43 const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44 const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45 const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46 const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47 const SESSION_CLOSE_TIME = 8; // account time limit reached
48 const SESSION_CLOSE_IP = 9; // wrong ip
49 const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50 const SESSION_CLOSE_INACTIVE = 11; // inactive account
51 const SESSION_CLOSE_CAPTCHA = 12; // invalid captcha
52
53 private static $closing_context = null;
54
58 protected static $enable_web_access_without_session = false;
59
69 static function _getData($a_session_id)
70 {
71 if(!$a_session_id) {
72 // fix for php #70520
73 return '';
74 }
75 global $ilDB;
76
77 $q = "SELECT data FROM usr_session WHERE session_id = ".
78 $ilDB->quote($a_session_id, "text");
79 $set = $ilDB->query($q);
80 $rec = $ilDB->fetchAssoc($set);
81
82 // fix for php #70520
83 return (string) $rec["data"];
84 }
85
92 public static function lookupExpireTime($a_session_id)
93 {
94 global $ilDB;
95
96 $query = 'SELECT expires FROM usr_session WHERE session_id = '.
97 $ilDB->quote($a_session_id, 'text');
98 $res = $ilDB->query($query);
99 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
100 {
101 return (int) $row->expires;
102 }
103 return 0;
104 }
105
106
113 static function _writeData($a_session_id, $a_data)
114 {
115 global $ilDB, $ilClientIniFile;
116
117 if (self::isWebAccessWithoutSessionEnabled())
118 {
119 // Prevent session data written for web access checker
120 // when no cookie was sent (e.g. for pdf files linking others).
121 // This would result in new session records for each request.
122 return true;
123 }
124
125 $now = time();
126
127 // prepare session data
128 $fields = array(
129 "user_id" => array("integer", (int) $_SESSION['_authsession_user_id']),
130 "expires" => array("integer", self::getExpireValue()),
131 "data" => array("clob", $a_data),
132 "ctime" => array("integer", $now),
133 "type" => array("integer", (int) $_SESSION["SessionType"])
134 );
135 if ($ilClientIniFile->readVariable("session","save_ip"))
136 {
137 $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
138 }
139
140 if (ilSession::_exists($a_session_id))
141 {
142 $ilDB->update("usr_session", $fields,
143 array("session_id" => array("text", $a_session_id)));
144 }
145 else
146 {
147 $fields["session_id"] = array("text", $a_session_id);
148 $fields["createtime"] = array("integer", $now);
149
150 $ilDB->insert("usr_session", $fields);
151
152 // check type against session control
153 $type = $fields["type"][1];
154 if(in_array($type, ilSessionControl::$session_types_controlled))
155 {
156 ilSessionStatistics::createRawEntry($fields["session_id"][1],
157 $type, $fields["createtime"][1], $fields["user_id"][1]);
158 }
159 }
160
161 // finally delete deprecated sessions
162 if(rand(0, 50) == 2)
163 {
164 // get time _before_ destroying expired sessions
165 self::_destroyExpiredSessions();
166 ilSessionStatistics::aggretateRaw($now);
167 }
168
169 return true;
170 }
171
172
173
180 static function _exists($a_session_id)
181 {
182 if (! $a_session_id) {
183 return false;
184 }
185 global $ilDB;
186
187 $q = "SELECT 1 FROM usr_session WHERE session_id = " . $ilDB->quote($a_session_id, "text");
188 $set = $ilDB->query($q);
189
190 return $ilDB->numRows($set) > 0;
191 }
192
200 static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
201 {
202 global $ilDB;
203
204 if(!$a_closing_context)
205 {
206 $a_closing_context = self::$closing_context;
207 }
208
209 ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
210
211
212 if(!is_array($a_session_id))
213 {
214 $q = "DELETE FROM usr_session WHERE session_id = ".
215 $ilDB->quote($a_session_id, "text");
216 }
217 else
218 {
219 // array: id => timestamp - so we get rid of timestamps
220 if($a_expired_at)
221 {
222 $a_session_id = array_keys($a_session_id);
223 }
224 $q = "DELETE FROM usr_session WHERE ".
225 $ilDB->in("session_id", $a_session_id, "", "text");
226 }
227
228 ilSessionIStorage::destroySession($a_session_id);
229
230 $ilDB->manipulate($q);
231
232 return true;
233 }
234
240 static function _destroyByUserId($a_user_id)
241 {
242 global $ilDB;
243
244 $q = "DELETE FROM usr_session WHERE user_id = ".
245 $ilDB->quote($a_user_id, "integer");
246 $ilDB->manipulate($q);
247
248 return true;
249 }
250
254 static function _destroyExpiredSessions()
255 {
256 global $ilDB;
257
258 $q = "SELECT session_id,expires FROM usr_session WHERE expires < ".
259 $ilDB->quote(time(), "integer");
260 $res = $ilDB->query($q);
261 $ids = array();
262 while($row = $ilDB->fetchAssoc($res))
263 {
264 $ids[$row["session_id"]] = $row["expires"];
265 }
266 if(sizeof($ids))
267 {
268 self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
269 }
270
271 return true;
272 }
273
280 static function _duplicate($a_session_id)
281 {
282 global $ilDB;
283
284 // Create new session id
285 $new_session = $a_session_id;
286 do
287 {
288 $new_session = md5($new_session);
289 $q ="SELECT * FROM usr_session WHERE ".
290 "session_id = ".$ilDB->quote($new_session, "text");
291 $res = $ilDB->query($q);
292 } while($ilDB->fetchAssoc($res));
293
294 $query = "SELECT * FROM usr_session ".
295 "WHERE session_id = ".$ilDB->quote($a_session_id, "text");
296 $res = $ilDB->query($query);
297
298 while ($row = $ilDB->fetchObject($res))
299 {
300 ilSession::_writeData($new_session,$row->data);
301 return $new_session;
302 }
303 return false;
304 }
305
316 public static function getExpireValue($fixedMode = false)
317 {
318 global $ilSetting;
319
320 if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
321 {
322 // fixed session
323 return time() + self::getIdleValue($fixedMode);
324 }
325 else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
326 {
327 // load dependent session settings
328 return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
329 }
330 }
331
342 public static function getIdleValue($fixedMode = false)
343 {
344 global $ilSetting, $ilClientIniFile;
345
346 if( $fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED )
347 {
348 // fixed session
349 return $ilClientIniFile->readVariable('session','expire');
350 }
351 else if( $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT )
352 {
353 // load dependent session settings
354 return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
355 }
356 }
357
367 public static function getSessionExpireValue()
368 {
369 return self::getIdleValue(true);
370 }
371
378 static function _getUsersWithIp($a_ip)
379 {
380 global $ilDB;
381
382 $query = "SELECT DISTINCT user_id FROM usr_session"
383 . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
384 . " AND user_id > 0";
385 $result = $ilDB->query($query);
386
387 $users = array();
388 while ($row = $ilDB->fetchObject($result))
389 {
390 $users[] = $row->user_id;
391 }
392 return $users;
393 }
394
401 static function set($a_var, $a_val)
402 {
403 $_SESSION[$a_var] = $a_val;
404 }
405
412 static function get($a_var)
413 {
414 return $_SESSION[$a_var];
415 }
416
423 static function clear($a_var)
424 {
425 unset($_SESSION[$a_var]);
426 }
427
433 public static function setClosingContext($a_context)
434 {
435 self::$closing_context = (int)$a_context;
436 }
437
443 public static function getClosingContext()
444 {
445 return self::$closing_context;
446 }
447
448
449
453 public static function isWebAccessWithoutSessionEnabled()
454 {
455 return (bool)self::$enable_web_access_without_session;
456 }
457
461 public static function enableWebAccessWithoutSession($enable_web_access_without_session)
462 {
463 self::$enable_web_access_without_session = (bool)$enable_web_access_without_session;
464 }
465}
466
467?>
$result
$result
Definition: CleanUpTest.php:407
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
php
An exception for terminatinating execution or to throw for unit testing.
ilSessionIStorage\destroySession
static destroySession($a_session_id)
Destroy session(s).
Definition: class.ilSessionIStorage.php:108
ilSessionStatistics\closeRawEntry
static closeRawEntry($a_session_id, $a_context=null, $a_expired_at=null)
Close raw data entry.
Definition: class.ilSessionStatistics.php:72
ilSessionStatistics\createRawEntry
static createRawEntry($a_session_id, $a_session_type, $a_timestamp, $a_user_id)
Create raw data entry.
Definition: class.ilSessionStatistics.php:40
ilSession\_exists
static _exists($a_session_id)
Check whether session exists.
Definition: class.ilSession.php:180
ilSession\SESSION_HANDLING_LOAD_DEPENDENT
const SESSION_HANDLING_LOAD_DEPENDENT
Definition: class.ilSession.php:33
ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40
ilSession\SESSION_CLOSE_CAPTCHA
const SESSION_CLOSE_CAPTCHA
Definition: class.ilSession.php:51
ilSession\SESSION_CLOSE_IP
const SESSION_CLOSE_IP
Definition: class.ilSession.php:48
ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:433
ilSession\SESSION_HANDLING_FIXED
const SESSION_HANDLING_FIXED
Definition: class.ilSession.php:24
ilSession\getIdleValue
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
Definition: class.ilSession.php:342
ilSession\getClosingContext
static getClosingContext()
get closing context (for statistics)
Definition: class.ilSession.php:443
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:378
ilSession\isWebAccessWithoutSessionEnabled
static isWebAccessWithoutSessionEnabled()
Definition: class.ilSession.php:453
ilSession\SESSION_CLOSE_LOGIN
const SESSION_CLOSE_LOGIN
Definition: class.ilSession.php:45
ilSession\SESSION_CLOSE_TIME
const SESSION_CLOSE_TIME
Definition: class.ilSession.php:47
ilSession\_writeData
static _writeData($a_session_id, $a_data)
Write session data.
Definition: class.ilSession.php:113
ilSession\_destroyExpiredSessions
static _destroyExpiredSessions()
Destroy expired sessions.
Definition: class.ilSession.php:254
ilSession\_destroy
static _destroy($a_session_id, $a_closing_context=null, $a_expired_at=null)
Destroy session.
Definition: class.ilSession.php:200
ilSession\_destroyByUserId
static _destroyByUserId($a_user_id)
Destroy session.
Definition: class.ilSession.php:240
ilSession\_getData
static _getData($a_session_id)
Get session data from table.
Definition: class.ilSession.php:69
ilSession\clear
static clear($a_var)
Unset a value.
Definition: class.ilSession.php:423
ilSession\SESSION_CLOSE_SIMUL
const SESSION_CLOSE_SIMUL
Definition: class.ilSession.php:49
ilSession\enableWebAccessWithoutSession
static enableWebAccessWithoutSession($enable_web_access_without_session)
Definition: class.ilSession.php:461
ilSession\_duplicate
static _duplicate($a_session_id)
Duplicate session.
Definition: class.ilSession.php:280
ilSession\SESSION_CLOSE_FIRST
const SESSION_CLOSE_FIRST
Definition: class.ilSession.php:42
ilSession\lookupExpireTime
static lookupExpireTime($a_session_id)
Lookup expire time for a specific session @global ilDB $ilDB.
Definition: class.ilSession.php:92
ilSession\$closing_context
static $closing_context
Definition: class.ilSession.php:53
ilSession\SESSION_CLOSE_INACTIVE
const SESSION_CLOSE_INACTIVE
Definition: class.ilSession.php:50
ilSession\SESSION_CLOSE_IDLE
const SESSION_CLOSE_IDLE
Definition: class.ilSession.php:43
ilSession\SESSION_CLOSE_PUBLIC
const SESSION_CLOSE_PUBLIC
Definition: class.ilSession.php:46
ilSession\getSessionExpireValue
static getSessionExpireValue()
Returns the session expiration value.
Definition: class.ilSession.php:367
ilSession\$enable_web_access_without_session
static $enable_web_access_without_session
Definition: class.ilSession.php:58
ilSession\SESSION_CLOSE_LIMIT
const SESSION_CLOSE_LIMIT
Definition: class.ilSession.php:44
ilSession\SESSION_CLOSE_EXPIRE
const SESSION_CLOSE_EXPIRE
Definition: class.ilSession.php:41
ilSession\getExpireValue
static getExpireValue($fixedMode=false)
Returns the expiration timestamp in seconds.
Definition: class.ilSession.php:316
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54