ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilSession.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once('Services/Authentication/classes/class.ilSessionControl.php');
5 require_once('Services/Authentication/classes/class.ilSessionStatistics.php');
6 require_once('Services/Authentication/classes/class.ilSessionIStorage.php');
7 
15 class ilSession
16 {
24  const SESSION_HANDLING_FIXED = 0;
25 
33  const SESSION_HANDLING_LOAD_DEPENDENT = 1;
34 
40  const SESSION_CLOSE_USER = 1; // manual logout
41  const SESSION_CLOSE_EXPIRE = 2; // has expired
42  const SESSION_CLOSE_FIRST = 3; // kicked by session control (first abidencer)
43  const SESSION_CLOSE_IDLE = 4; // kickey by session control (ilde time)
44  const SESSION_CLOSE_LIMIT = 5; // kicked by session control (limit reached)
45  const SESSION_CLOSE_LOGIN = 6; // anonymous => login
46  const SESSION_CLOSE_PUBLIC = 7; // => anonymous
47  const SESSION_CLOSE_TIME = 8; // account time limit reached
48  const SESSION_CLOSE_IP = 9; // wrong ip
49  const SESSION_CLOSE_SIMUL = 10; // simultaneous login
50  const SESSION_CLOSE_INACTIVE = 11; // inactive account
51  const SESSION_CLOSE_CAPTCHA = 12; // invalid captcha
52 
53  private static $closing_context = null;
54 
58  protected static $enable_web_access_without_session = false;
59 
69  public static function _getData($a_session_id)
70  {
71  if (!$a_session_id) {
72  // fix for php #70520
73  return '';
74  }
75  global $ilDB;
76 
77  $q = "SELECT data FROM usr_session WHERE session_id = " .
78  $ilDB->quote($a_session_id, "text");
79  $set = $ilDB->query($q);
80  $rec = $ilDB->fetchAssoc($set);
81 
82  // fix for php #70520
83  return (string) $rec["data"];
84  }
85 
92  public static function lookupExpireTime($a_session_id)
93  {
94  global $ilDB;
95 
96  $query = 'SELECT expires FROM usr_session WHERE session_id = ' .
97  $ilDB->quote($a_session_id, 'text');
98  $res = $ilDB->query($query);
99  while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {
100  return (int) $row->expires;
101  }
102  return 0;
103  }
104 
105 
112  public static function _writeData($a_session_id, $a_data)
113  {
114  global $ilDB, $ilClientIniFile;
115 
116  if (self::isWebAccessWithoutSessionEnabled()) {
117  // Prevent session data written for web access checker
118  // when no cookie was sent (e.g. for pdf files linking others).
119  // This would result in new session records for each request.
120  return true;
121  }
122 
123  if (!$a_session_id) {
124  return true;
125  }
126 
127  $now = time();
128 
129  // prepare session data
130  $fields = array(
131  "user_id" => array("integer", (int) $_SESSION['_authsession_user_id']),
132  "expires" => array("integer", self::getExpireValue()),
133  "data" => array("clob", $a_data),
134  "ctime" => array("integer", $now),
135  "type" => array("integer", (int) $_SESSION["SessionType"])
136  );
137  if ($ilClientIniFile->readVariable("session", "save_ip")) {
138  $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);
139  }
140 
141  if (ilSession::_exists($a_session_id)) {
142  // note that we do this only when inserting the new record
143  // updating may get us other contexts for the same session, especially ilContextWAC, which we do not want
144  if (class_exists("ilContext")) {
145  if (ilContext::isSessionMainContext()) {
146  $fields["context"] = array("text", ilContext::getType());
147  }
148  }
149 
150  $ilDB->update(
151  "usr_session",
152  $fields,
153  array("session_id" => array("text", $a_session_id))
154  );
155  } else {
156  $fields["session_id"] = array("text", $a_session_id);
157  $fields["createtime"] = array("integer", $now);
158 
159  // note that we do this only when inserting the new record
160  // updating may get us other contexts for the same session, especially ilContextWAC, which we do not want
161  if (class_exists("ilContext")) {
162  $fields["context"] = array("text", ilContext::getType());
163  }
164 
165  $ilDB->insert("usr_session", $fields);
166 
167  // check type against session control
168  $type = $fields["type"][1];
169  if (in_array($type, ilSessionControl::$session_types_controlled)) {
170  ilSessionStatistics::createRawEntry(
171  $fields["session_id"][1],
172  $type,
173  $fields["createtime"][1],
174  $fields["user_id"][1]
175  );
176  }
177  }
178 
179  // finally delete deprecated sessions
180  $random = new \ilRandom();
181  if ($random->int(0, 50) == 2) {
182  // get time _before_ destroying expired sessions
183  self::_destroyExpiredSessions();
184  ilSessionStatistics::aggretateRaw($now);
185  }
186 
187  return true;
188  }
189 
190 
191 
198  public static function _exists($a_session_id)
199  {
200  if (!$a_session_id) {
201  return false;
202  }
203  global $ilDB;
204 
205  $q = "SELECT 1 FROM usr_session WHERE session_id = " . $ilDB->quote($a_session_id, "text");
206  $set = $ilDB->query($q);
207 
208  return $ilDB->numRows($set) > 0;
209  }
210 
218  public static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)
219  {
220  global $ilDB;
221 
222  if (!$a_closing_context) {
223  $a_closing_context = self::$closing_context;
224  }
225 
226  ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);
227 
228 
229  if (!is_array($a_session_id)) {
230  $q = "DELETE FROM usr_session WHERE session_id = " .
231  $ilDB->quote($a_session_id, "text");
232  } else {
233  // array: id => timestamp - so we get rid of timestamps
234  if ($a_expired_at) {
235  $a_session_id = array_keys($a_session_id);
236  }
237  $q = "DELETE FROM usr_session WHERE " .
238  $ilDB->in("session_id", $a_session_id, "", "text");
239  }
240 
241  ilSessionIStorage::destroySession($a_session_id);
242 
243  $ilDB->manipulate($q);
244 
245  return true;
246  }
247 
253  public static function _destroyByUserId($a_user_id)
254  {
255  global $ilDB;
256 
257  $q = "DELETE FROM usr_session WHERE user_id = " .
258  $ilDB->quote($a_user_id, "integer");
259  $ilDB->manipulate($q);
260 
261  return true;
262  }
263 
267  public static function _destroyExpiredSessions()
268  {
269  global $ilDB;
270 
271  $q = "SELECT session_id,expires FROM usr_session WHERE expires < " .
272  $ilDB->quote(time(), "integer");
273  $res = $ilDB->query($q);
274  $ids = array();
275  while ($row = $ilDB->fetchAssoc($res)) {
276  $ids[$row["session_id"]] = $row["expires"];
277  }
278  if (sizeof($ids)) {
279  self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);
280  }
281 
282  return true;
283  }
284 
291  public static function _duplicate($a_session_id)
292  {
293  global $ilDB;
294 
295  // Create new session id
296  $new_session = $a_session_id;
297  do {
298  $new_session = md5($new_session);
299  $q ="SELECT * FROM usr_session WHERE " .
300  "session_id = " . $ilDB->quote($new_session, "text");
301  $res = $ilDB->query($q);
302  } while ($ilDB->fetchAssoc($res));
303 
304  $query = "SELECT * FROM usr_session " .
305  "WHERE session_id = " . $ilDB->quote($a_session_id, "text");
306  $res = $ilDB->query($query);
307 
308  while ($row = $ilDB->fetchObject($res)) {
309  ilSession::_writeData($new_session, $row->data);
310  return $new_session;
311  }
312  return false;
313  }
314 
325  public static function getExpireValue($fixedMode = false)
326  {
327  global $ilSetting;
328 
329  if ($fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED) {
330  // fixed session
331  return time() + self::getIdleValue($fixedMode);
332  } elseif ($ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT) {
333  // load dependent session settings
334  return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
335  }
336  }
337 
348  public static function getIdleValue($fixedMode = false)
349  {
350  global $ilSetting, $ilClientIniFile;
351 
352  if ($fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED) {
353  // fixed session
354  return $ilClientIniFile->readVariable('session', 'expire');
355  } elseif ($ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT) {
356  // load dependent session settings
357  return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);
358  }
359  }
360 
370  public static function getSessionExpireValue()
371  {
372  return self::getIdleValue(true);
373  }
374 
381  public static function _getUsersWithIp($a_ip)
382  {
383  global $ilDB;
384 
385  $query = "SELECT DISTINCT user_id FROM usr_session"
386  . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")
387  . " AND user_id > 0";
388  $result = $ilDB->query($query);
389 
390  $users = array();
391  while ($row = $ilDB->fetchObject($result)) {
392  $users[] = $row->user_id;
393  }
394  return $users;
395  }
396 
403  public static function set($a_var, $a_val)
404  {
405  $_SESSION[$a_var] = $a_val;
406  }
407 
414  public static function get($a_var)
415  {
416  return $_SESSION[$a_var];
417  }
418 
425  public static function clear($a_var)
426  {
427  unset($_SESSION[$a_var]);
428  }
429 
435  public static function setClosingContext($a_context)
436  {
437  self::$closing_context = (int) $a_context;
438  }
439 
445  public static function getClosingContext()
446  {
447  return self::$closing_context;
448  }
449 
450 
451 
455  public static function isWebAccessWithoutSessionEnabled()
456  {
457  return (bool) self::$enable_web_access_without_session;
458  }
459 
463  public static function enableWebAccessWithoutSession($enable_web_access_without_session)
464  {
465  self::$enable_web_access_without_session = (bool) $enable_web_access_without_session;
466  }
467 }
ilSession\SESSION_CLOSE_IDLE
const SESSION_CLOSE_IDLE
Definition: class.ilSession.php:43
ilSession\_destroy
static _destroy($a_session_id, $a_closing_context=null, $a_expired_at=null)
Destroy session.
Definition: class.ilSession.php:218
ilSession\enableWebAccessWithoutSession
static enableWebAccessWithoutSession($enable_web_access_without_session)
Definition: class.ilSession.php:463
ilSession\SESSION_CLOSE_CAPTCHA
const SESSION_CLOSE_CAPTCHA
Definition: class.ilSession.php:51
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$result
$result
Definition: CleanUpTest.php:463
$type
$type
Definition: proxy_ylocal.php:10
ilSession\SESSION_CLOSE_INACTIVE
const SESSION_CLOSE_INACTIVE
Definition: class.ilSession.php:50
ilSession\SESSION_CLOSE_LOGIN
const SESSION_CLOSE_LOGIN
Definition: class.ilSession.php:45
ilSession\SESSION_CLOSE_TIME
const SESSION_CLOSE_TIME
Definition: class.ilSession.php:47
ilContext\isSessionMainContext
static isSessionMainContext()
Context that are not only temporary in a session (e.g.
Definition: class.ilContext.php:204
ilSession\SESSION_HANDLING_FIXED
const SESSION_HANDLING_FIXED
Definition: class.ilSession.php:24
ilSession\_destroyExpiredSessions
static _destroyExpiredSessions()
Destroy expired sessions.
Definition: class.ilSession.php:267
ilSession\SESSION_CLOSE_EXPIRE
const SESSION_CLOSE_EXPIRE
Definition: class.ilSession.php:41
ilSession\getExpireValue
static getExpireValue($fixedMode=false)
Returns the expiration timestamp in seconds.
Definition: class.ilSession.php:325
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15
ilSession\_exists
static _exists($a_session_id)
Check whether session exists.
Definition: class.ilSession.php:198
ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40
ilSessionIStorage\destroySession
static destroySession($a_session_id)
Destroy session(s).
Definition: class.ilSessionIStorage.php:105
ilSession\clear
static clear($a_var)
Unset a value.
Definition: class.ilSession.php:425
ilSession\_getData
static _getData($a_session_id)
Get session data from table.
Definition: class.ilSession.php:69
$query
$query
Definition: proxy_ylocal.php:13
ilSessionStatistics\createRawEntry
static createRawEntry($a_session_id, $a_session_type, $a_timestamp, $a_user_id)
Create raw data entry.
Definition: class.ilSessionStatistics.php:40
ilSession\_destroyByUserId
static _destroyByUserId($a_user_id)
Destroy session.
Definition: class.ilSession.php:253
ilSession\getIdleValue
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
Definition: class.ilSession.php:348
ilSession\isWebAccessWithoutSessionEnabled
static isWebAccessWithoutSessionEnabled()
Definition: class.ilSession.php:455
ilSession\SESSION_CLOSE_LIMIT
const SESSION_CLOSE_LIMIT
Definition: class.ilSession.php:44
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$users
$users
Definition: authpage.php:44
ilSession\lookupExpireTime
static lookupExpireTime($a_session_id)
Lookup expire time for a specific session ilDB $ilDB.
Definition: class.ilSession.php:92
ilSession\$enable_web_access_without_session
static $enable_web_access_without_session
Definition: class.ilSession.php:58
ilSession\SESSION_CLOSE_PUBLIC
const SESSION_CLOSE_PUBLIC
Definition: class.ilSession.php:46
ilSession\SESSION_CLOSE_SIMUL
const SESSION_CLOSE_SIMUL
Definition: class.ilSession.php:49
ilSession\_writeData
static _writeData($a_session_id, $a_data)
Write session data.
Definition: class.ilSession.php:112
ilSession\_duplicate
static _duplicate($a_session_id)
Duplicate session.
Definition: class.ilSession.php:291
ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:435
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilSession\SESSION_HANDLING_LOAD_DEPENDENT
const SESSION_HANDLING_LOAD_DEPENDENT
Definition: class.ilSession.php:33
ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:381
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
ilContext\getType
static getType()
Get context type.
Definition: class.ilContext.php:182
ilSession\getClosingContext
static getClosingContext()
get closing context (for statistics)
Definition: class.ilSession.php:445
ilSession\getSessionExpireValue
static getSessionExpireValue()
Returns the session expiration value.
Definition: class.ilSession.php:370
ilSessionStatistics\aggretateRaw
static aggretateRaw($a_now)
Aggregate raw session data (older than given time)
Definition: class.ilSessionStatistics.php:245
ilSession\$closing_context
static $closing_context
Definition: class.ilSession.php:53
ilSession\SESSION_CLOSE_FIRST
const SESSION_CLOSE_FIRST
Definition: class.ilSession.php:42
ilSession\SESSION_CLOSE_IP
const SESSION_CLOSE_IP
Definition: class.ilSession.php:48
ilSessionStatistics\closeRawEntry
static closeRawEntry($a_session_id, $a_context=null, $a_expired_at=null)
Close raw data entry.
Definition: class.ilSessionStatistics.php:71