37    private $previous_session = array();
 
   47        parent::__construct();
 
   50        $this->cookie_name = 
$config->getString(
'session.phpsession.cookiename', 
null);
 
   52        if (session_status() === PHP_SESSION_ACTIVE) {
 
   53            if (session_name() === $this->cookie_name || $this->cookie_name === 
null) {
 
   55                    'There is already a PHP session with the same name as SimpleSAMLphp\'s session, or the '.
 
   56                    "'session.phpsession.cookiename' configuration option is not set. Make sure to set ".
 
   57                    "SimpleSAMLphp's cookie name with a value not used by any other applications." 
   65            $this->previous_session[
'cookie_params'] = session_get_cookie_params();
 
   66            $this->previous_session[
'id'] = session_id();
 
   67            $this->previous_session[
'name'] = session_name();
 
   68            session_write_close();
 
   71        if (!empty($this->cookie_name)) {
 
   72            session_name($this->cookie_name);
 
   74            $this->cookie_name = session_name();
 
   77        $params = $this->getCookieParams();
 
   79        if (!headers_sent()) {
 
   80            session_set_cookie_params(
 
   89        $savepath = 
$config->getString(
'session.phpsession.savepath', 
null);
 
   90        if (!empty($savepath)) {
 
   91            session_save_path($savepath);
 
  101        $cacheLimiter = session_cache_limiter();
 
  102        if (headers_sent()) {
 
  115            session_cache_limiter(
'');
 
  117        session_cache_limiter($cacheLimiter);
 
  134        if (empty($this->previous_session)) {
 
  139        session_write_close();
 
  141        session_name($this->previous_session[
'name']);
 
  142        session_set_cookie_params(
 
  143            $this->previous_session[
'cookie_params'][
'lifetime'],
 
  144            $this->previous_session[
'cookie_params'][
'path'],
 
  145            $this->previous_session[
'cookie_params'][
'domain'],
 
  146            $this->previous_session[
'cookie_params'][
'secure'],
 
  147            $this->previous_session[
'cookie_params'][
'httponly']
 
  149        session_id($this->previous_session[
'id']);
 
  150        $this->previous_session = array();
 
  151        $this->sessionStart();
 
  158        parent::$sessionHandler = 
null;
 
  170        $sessionId = bin2hex(openssl_random_pseudo_bytes(16));
 
  186        if (!self::hasSessionCookie()) {
 
  191        session_id(
$_COOKIE[$this->cookie_name]);
 
  193        $session_cookie_params = session_get_cookie_params();
 
  195        if ($session_cookie_params[
'secure'] && !HTTP::isHTTPS()) {
 
  196            throw new \SimpleSAML_Error_Exception(
'Session start with secure cookie not allowed on http.');
 
  199        $this->sessionStart();
 
  211        return $this->cookie_name;
 
  238        assert(is_string($sessionId) || $sessionId === 
null);
 
  240        if ($sessionId !== 
null) {
 
  241            if (session_id() === 
'') {
 
  243                $ret = ini_set(
'session.use_cookies', 
'0');
 
  244                if (
$ret === 
false) {
 
  245                    throw new \SimpleSAML_Error_Exception(
'Disabling PHP option session.use_cookies failed.');
 
  248                session_id($sessionId);
 
  249                $this->sessionStart();
 
  250            } elseif ($sessionId !== session_id()) {
 
  251                throw new \SimpleSAML_Error_Exception(
'Cannot load PHP session with a specific ID.');
 
  253        } elseif (session_id() === 
'') {
 
  254            self::getCookieSessionId();
 
  257        if (!isset(
$_SESSION[
'SimpleSAMLphp_SESSION'])) {
 
  279        return array_key_exists($this->cookie_name, 
$_COOKIE);
 
  298        $ret = parent::getCookieParams();
 
  300        if (
$config->hasValue(
'session.phpsession.limitedpath') && 
$config->hasValue(
'session.cookie.path')) {
 
  301            throw new \SimpleSAML_Error_Exception(
 
  302                'You cannot set both the session.phpsession.limitedpath and session.cookie.path options.' 
  304        } elseif (
$config->hasValue(
'session.phpsession.limitedpath')) {
 
  306                'session.phpsession.limitedpath',
 
  308            ) ? 
$config->getBasePath() : 
'/';
 
  311        $ret[
'httponly'] = 
$config->getBoolean(
'session.phpsession.httponly', 
true);
 
  328        if ($cookieParams === 
null) {
 
  329            $cookieParams = session_get_cookie_params();
 
  332        if ($cookieParams[
'secure'] && !HTTP::isHTTPS()) {
 
  334                'Setting secure cookie on plain HTTP is not allowed.',
 
  335                CannotSetCookie::SECURE_COOKIE
 
  339        if (headers_sent()) {
 
  341                'Headers already sent.',
 
  342                CannotSetCookie::HEADERS_SENT
 
  346        if (session_id() !== 
'') {
 
  348            session_write_close();
 
  351        session_set_cookie_params(
 
  352            $cookieParams[
'lifetime'],
 
  353            $cookieParams[
'path'],
 
  354            $cookieParams[
'domain'],
 
  355            $cookieParams[
'secure'],
 
  356            $cookieParams[
'httponly']
 
  360        $this->sessionStart();
 
An exception for terminatinating execution or to throw for unit testing.
getSessionCookieName()
Retrieve the session cookie name.
setCookie($sessionName, $sessionID, array $cookieParams=null)
Set a session cookie.
getCookieSessionId()
Retrieve the session ID saved in the session cookie, if there's one.
newSessionId()
Create a new session id.
sessionStart()
This method starts a session, making sure no warnings are generated due to headers being already sent...
getCookieParams()
Get the cookie parameters that should be used for session cookies.
loadSession($sessionId=null)
Load the session from the PHP session array.
__construct()
Initialize the PHP session handling.
hasSessionCookie()
Check whether the session cookie is set.
restorePrevious()
Restore a previously-existing session.
saveSession(\SimpleSAML_Session $session)
Save the current session to the PHP session array.
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
static createSession($sessionId)
Create a new session and cache it.
Attribute-related utility methods.