de/d3d/class_8ilSession_8php_source.html

<?php

/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */


require_once('Services/Authentication/classes/class.ilSessionControl.php');

require_once('Services/Authentication/classes/class.ilSessionStatistics.php');

require_once('Services/Authentication/classes/class.ilSessionIStorage.php');


class ilSession

{

    const SESSION_HANDLING_FIXED = 0;


    const SESSION_HANDLING_LOAD_DEPENDENT = 1;


    const SESSION_CLOSE_USER   = 1;  // manual logout

    const SESSION_CLOSE_EXPIRE = 2;  // has expired

    const SESSION_CLOSE_FIRST  = 3;  // kicked by session control (first abidencer)

    const SESSION_CLOSE_IDLE   = 4;  // kickey by session control (ilde time)

    const SESSION_CLOSE_LIMIT  = 5;  // kicked by session control (limit reached)

    const SESSION_CLOSE_LOGIN  = 6;  // anonymous => login

    const SESSION_CLOSE_PUBLIC = 7;  // => anonymous

    const SESSION_CLOSE_TIME   = 8;  // account time limit reached

    const SESSION_CLOSE_IP     = 9;  // wrong ip

    const SESSION_CLOSE_SIMUL  = 10; // simultaneous login

    const SESSION_CLOSE_INACTIVE = 11; // inactive account

    const SESSION_CLOSE_CAPTCHA  = 12; // invalid captcha


    private static $closing_context = null;


    protected static $enable_web_access_without_session = false;


    public static function _getData($a_session_id)

    {

        if (!$a_session_id) {

            // fix for php #70520

            return '';

        }

        global $ilDB;


        $q = "SELECT data FROM usr_session WHERE session_id = " .

            $ilDB->quote($a_session_id, "text");

        $set = $ilDB->query($q);

        $rec = $ilDB->fetchAssoc($set);


        // fix for php #70520

        return (string) $rec["data"];

    }


    public static function lookupExpireTime($a_session_id)

    {

        global $ilDB;


        $query = 'SELECT expires FROM usr_session WHERE session_id = ' .

            $ilDB->quote($a_session_id, 'text');

        $res = $ilDB->query($query);

        while ($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT)) {

            return (int) $row->expires;

        }

        return 0;

    }


    public static function _writeData($a_session_id, $a_data)

    {

        global $ilDB, $ilClientIniFile;


        if (self::isWebAccessWithoutSessionEnabled()) {

            // Prevent session data written for web access checker

            // when no cookie was sent (e.g. for pdf files linking others).

            // This would result in new session records for each request.

            return true;

        }


        if (!$a_session_id) {

            return true;

        }


        $now = time();


        // prepare session data

        $fields = array(

            "user_id" => array("integer", (int) $_SESSION['_authsession_user_id']),

            "expires" => array("integer", self::getExpireValue()),

            "data" => array("clob", $a_data),

            "ctime" => array("integer", $now),

            "type" => array("integer", (int) $_SESSION["SessionType"])

            );

        if ($ilClientIniFile->readVariable("session", "save_ip")) {

            $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]);

        }


        if (ilSession::_exists($a_session_id)) {

            // note that we do this only when inserting the new record

            // updating may get us other contexts for the same session, especially ilContextWAC, which we do not want

            if (class_exists("ilContext")) {

                if (ilContext::isSessionMainContext()) {

                    $fields["context"] = array("text", ilContext::getType());

                }

            }


            $ilDB->update(

                "usr_session",

                $fields,

                array("session_id" => array("text", $a_session_id))

            );

        } else {

            $fields["session_id"] = array("text", $a_session_id);

            $fields["createtime"] = array("integer", $now);


            // note that we do this only when inserting the new record

            // updating may get us other contexts for the same session, especially ilContextWAC, which we do not want

            if (class_exists("ilContext")) {

                $fields["context"] = array("text", ilContext::getType());

            }


            $ilDB->insert("usr_session", $fields);


            // check type against session control

            $type = $fields["type"][1];

            if (in_array($type, ilSessionControl::$session_types_controlled)) {

                ilSessionStatistics::createRawEntry(

                    $fields["session_id"][1],

                    $type,

                    $fields["createtime"][1],

                    $fields["user_id"][1]

                );

            }

        }


        // finally delete deprecated sessions

        $random = new \ilRandom();

        if ($random->int(0, 50) == 2) {

            // get time _before_ destroying expired sessions

            self::_destroyExpiredSessions();

            ilSessionStatistics::aggretateRaw($now);

        }


        return true;

    }


    public static function _exists($a_session_id)

    {

        if (!$a_session_id) {

            return false;

        }

        global $ilDB;


        $q = "SELECT 1 FROM usr_session WHERE session_id = " . $ilDB->quote($a_session_id, "text");

        $set = $ilDB->query($q);


        return $ilDB->numRows($set) > 0;

    }


    public static function _destroy($a_session_id, $a_closing_context = null, $a_expired_at = null)

    {

        global $ilDB;


        if (!$a_closing_context) {

            $a_closing_context = self::$closing_context;

        }


        ilSessionStatistics::closeRawEntry($a_session_id, $a_closing_context, $a_expired_at);


        if (!is_array($a_session_id)) {

            $q = "DELETE FROM usr_session WHERE session_id = " .

                $ilDB->quote($a_session_id, "text");

        } else {

            // array: id => timestamp - so we get rid of timestamps

            if ($a_expired_at) {

                $a_session_id = array_keys($a_session_id);

            }

            $q = "DELETE FROM usr_session WHERE " .

                $ilDB->in("session_id", $a_session_id, "", "text");

        }


        ilSessionIStorage::destroySession($a_session_id);


        $ilDB->manipulate($q);


        return true;

    }


    public static function _destroyByUserId($a_user_id)

    {

        global $ilDB;


        $q = "DELETE FROM usr_session WHERE user_id = " .

            $ilDB->quote($a_user_id, "integer");

        $ilDB->manipulate($q);


        return true;

    }


    public static function _destroyExpiredSessions()

    {

        global $ilDB;


        $q = "SELECT session_id,expires FROM usr_session WHERE expires < " .

            $ilDB->quote(time(), "integer");

        $res = $ilDB->query($q);

        $ids = array();

        while ($row = $ilDB->fetchAssoc($res)) {

            $ids[$row["session_id"]] = $row["expires"];

        }

        if (sizeof($ids)) {

            self::_destroy($ids, self::SESSION_CLOSE_EXPIRE, true);

        }


        return true;

    }


    public static function _duplicate($a_session_id)

    {

        global $ilDB;


        // Create new session id

        $new_session = $a_session_id;

        do {

            $new_session = md5($new_session);

            $q ="SELECT * FROM usr_session WHERE " .

                "session_id = " . $ilDB->quote($new_session, "text");

            $res = $ilDB->query($q);

        } while ($ilDB->fetchAssoc($res));


        $query = "SELECT * FROM usr_session " .

            "WHERE session_id = " . $ilDB->quote($a_session_id, "text");

        $res = $ilDB->query($query);


        while ($row = $ilDB->fetchObject($res)) {

            ilSession::_writeData($new_session, $row->data);

            return $new_session;

        }

        return false;

    }


    public static function getExpireValue($fixedMode = false)

    {

        global $ilSetting;


        if ($fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_FIXED) {

            // fixed session

            return time() + self::getIdleValue($fixedMode);

        } elseif ($ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) == self::SESSION_HANDLING_LOAD_DEPENDENT) {

            // load dependent session settings

            return time() + (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);

        }

    }


    public static function getIdleValue($fixedMode = false)

    {

        global $ilSetting, $ilClientIniFile;


        if ($fixedMode || $ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) ==  self::SESSION_HANDLING_FIXED) {

            // fixed session

            return $ilClientIniFile->readVariable('session', 'expire');

        } elseif ($ilSetting->get('session_handling_type', self::SESSION_HANDLING_FIXED) ==  self::SESSION_HANDLING_LOAD_DEPENDENT) {

            // load dependent session settings

            return (int) ($ilSetting->get('session_max_idle', ilSessionControl::DEFAULT_MAX_IDLE) * 60);

        }

    }


    public static function getSessionExpireValue()

    {

        return self::getIdleValue(true);

    }


    public static function _getUsersWithIp($a_ip)

    {

        global $ilDB;


        $query = "SELECT DISTINCT user_id FROM usr_session"

                . " WHERE remote_addr = " . $ilDB->quote($a_ip, "text")

                . " AND user_id > 0";

        $result = $ilDB->query($query);


        $users = array();

        while ($row = $ilDB->fetchObject($result)) {

            $users[] = $row->user_id;

        }

        return $users;

    }


    public static function set($a_var, $a_val)

    {

        $_SESSION[$a_var] = $a_val;

    }


    public static function get($a_var)

    {

        return $_SESSION[$a_var];

    }


    public static function clear($a_var)

    {

        unset($_SESSION[$a_var]);

    }


    public static function setClosingContext($a_context)

    {

        self::$closing_context = (int) $a_context;

    }


    public static function getClosingContext()

    {

        return self::$closing_context;

    }


    public static function isWebAccessWithoutSessionEnabled()

    {

        return (bool) self::$enable_web_access_without_session;

    }


    public static function enableWebAccessWithoutSession($enable_web_access_without_session)

    {

        self::$enable_web_access_without_session = (bool) $enable_web_access_without_session;

    }

}

$row
$row
Definition: 10autofilter-selection-1.php:74

$result
$result
Definition: CleanUpTest.php:463

$users
$users
Definition: authpage.php:44

$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10

php
An exception for terminatinating execution or to throw for unit testing.

ilContext\isSessionMainContext
static isSessionMainContext()
Context that are not only temporary in a session (e.g.
Definition: class.ilContext.php:204

ilContext\getType
static getType()
Get context type.
Definition: class.ilContext.php:182

ilDBConstants\FETCHMODE_OBJECT
const FETCHMODE_OBJECT
Definition: class.ilDBConstants.php:13

ilSessionControl\$session_types_controlled
static $session_types_controlled
Definition: class.ilSessionControl.php:59

ilSessionControl\DEFAULT_MAX_IDLE
const DEFAULT_MAX_IDLE
Definition: class.ilSessionControl.php:25

ilSessionIStorage\destroySession
static destroySession($a_session_id)
Destroy session(s).
Definition: class.ilSessionIStorage.php:105

ilSessionStatistics\closeRawEntry
static closeRawEntry($a_session_id, $a_context=null, $a_expired_at=null)
Close raw data entry.
Definition: class.ilSessionStatistics.php:71

ilSessionStatistics\createRawEntry
static createRawEntry($a_session_id, $a_session_type, $a_timestamp, $a_user_id)
Create raw data entry.
Definition: class.ilSessionStatistics.php:40

ilSessionStatistics\aggretateRaw
static aggretateRaw($a_now)
Aggregate raw session data (older than given time)
Definition: class.ilSessionStatistics.php:245

ilSession
Definition: class.ilSession.php:16

ilSession\_exists
static _exists($a_session_id)
Check whether session exists.
Definition: class.ilSession.php:198

ilSession\SESSION_HANDLING_LOAD_DEPENDENT
const SESSION_HANDLING_LOAD_DEPENDENT
Definition: class.ilSession.php:33

ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40

ilSession\SESSION_CLOSE_CAPTCHA
const SESSION_CLOSE_CAPTCHA
Definition: class.ilSession.php:51

ilSession\SESSION_CLOSE_IP
const SESSION_CLOSE_IP
Definition: class.ilSession.php:48

ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:435

ilSession\SESSION_HANDLING_FIXED
const SESSION_HANDLING_FIXED
Definition: class.ilSession.php:24

ilSession\getIdleValue
static getIdleValue($fixedMode=false)
Returns the idle time in seconds.
Definition: class.ilSession.php:348

ilSession\getClosingContext
static getClosingContext()
get closing context (for statistics)
Definition: class.ilSession.php:445

ilSession\_getUsersWithIp
static _getUsersWithIp($a_ip)
Get the active users with a specific remote ip address.
Definition: class.ilSession.php:381

ilSession\isWebAccessWithoutSessionEnabled
static isWebAccessWithoutSessionEnabled()
Definition: class.ilSession.php:455

ilSession\SESSION_CLOSE_LOGIN
const SESSION_CLOSE_LOGIN
Definition: class.ilSession.php:45

ilSession\SESSION_CLOSE_TIME
const SESSION_CLOSE_TIME
Definition: class.ilSession.php:47

ilSession\_writeData
static _writeData($a_session_id, $a_data)
Write session data.
Definition: class.ilSession.php:112

ilSession\_destroyExpiredSessions
static _destroyExpiredSessions()
Destroy expired sessions.
Definition: class.ilSession.php:267

ilSession\_destroy
static _destroy($a_session_id, $a_closing_context=null, $a_expired_at=null)
Destroy session.
Definition: class.ilSession.php:218

ilSession\_destroyByUserId
static _destroyByUserId($a_user_id)
Destroy session.
Definition: class.ilSession.php:253

ilSession\_getData
static _getData($a_session_id)
Get session data from table.
Definition: class.ilSession.php:69

ilSession\clear
static clear($a_var)
Unset a value.
Definition: class.ilSession.php:425

ilSession\SESSION_CLOSE_SIMUL
const SESSION_CLOSE_SIMUL
Definition: class.ilSession.php:49

ilSession\enableWebAccessWithoutSession
static enableWebAccessWithoutSession($enable_web_access_without_session)
Definition: class.ilSession.php:463

ilSession\_duplicate
static _duplicate($a_session_id)
Duplicate session.
Definition: class.ilSession.php:291

ilSession\SESSION_CLOSE_FIRST
const SESSION_CLOSE_FIRST
Definition: class.ilSession.php:42

ilSession\lookupExpireTime
static lookupExpireTime($a_session_id)
Lookup expire time for a specific session @global ilDB $ilDB.
Definition: class.ilSession.php:92

ilSession\$closing_context
static $closing_context
Definition: class.ilSession.php:53

ilSession\SESSION_CLOSE_INACTIVE
const SESSION_CLOSE_INACTIVE
Definition: class.ilSession.php:50

ilSession\SESSION_CLOSE_IDLE
const SESSION_CLOSE_IDLE
Definition: class.ilSession.php:43

ilSession\SESSION_CLOSE_PUBLIC
const SESSION_CLOSE_PUBLIC
Definition: class.ilSession.php:46

ilSession\getSessionExpireValue
static getSessionExpireValue()
Returns the session expiration value.
Definition: class.ilSession.php:370

ilSession\$enable_web_access_without_session
static $enable_web_access_without_session
Definition: class.ilSession.php:58

ilSession\SESSION_CLOSE_LIMIT
const SESSION_CLOSE_LIMIT
Definition: class.ilSession.php:44

ilSession\SESSION_CLOSE_EXPIRE
const SESSION_CLOSE_EXPIRE
Definition: class.ilSession.php:41

ilSession\getExpireValue
static getExpireValue($fixedMode=false)
Returns the expiration timestamp in seconds.
Definition: class.ilSession.php:325

$ilSetting
global $ilSetting
Definition: privfeed.php:17

$query
$query
Definition: proxy_ylocal.php:13

$type
$type
Definition: proxy_ylocal.php:10

$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

$ilDB
global $ilDB
Definition: storeScorm2004.php:19

$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54