d8/ded/class_8Session_8php_source.html

 <?php
 /*
     +-----------------------------------------------------------------------------+
     | ILIAS open source                                                           |
     +-----------------------------------------------------------------------------+
     | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
     |                                                                             |
     | This program is free software; you can redistribute it and/or               |
     | modify it under the terms of the GNU General Public License                 |
     | as published by the Free Software Foundation; either version 2              |
     | of the License, or (at your option) any later version.                      |
     |                                                                             |
     | This program is distributed in the hope that it will be useful,             |
     | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
     | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
     | GNU General Public License for more details.                                |
     |                                                                             |
     | You should have received a copy of the GNU General Public License           |
     | along with this program; if not, write to the Free Software                 |
     | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
     +-----------------------------------------------------------------------------+
 */

 // Datei:       class.Session.inc
 // Benoetigt:    mind. 4.0.1pl2

 class Session
 {
     public $version = 106;     // V1.06
     public $usesCookies = false;   // Client nimmt Cookies an
     public $transSID = false;   // Wurde mit --enable-trans-sid
                                 // kompiliert

 //---------------------------------------------------------

     public function __construct($sessionName = "SESSID")
     {
         $this->sendNoCacheHeader();

         ini_set("session.cookie_httponly", 1);
         if (version_compare(PHP_VERSION, '7.1.0', '>=')) {
             ini_set("session.sid_length", "32");
         } else {
             // force 4 hash bits per character for session_id   // Sascha Hofmann (2005-10-19)
             ini_set("session.hash_bits_per_character", "4");
         }

         //  Session-Namen setzen, Session initialisieren
         session_name(isset($sessionName)
             ? $sessionName
             : session_name());

         @session_start();

         //  Prüen ob die Session-ID die Standardlänge
         //  von 32 Zeichen hat,
         //  ansonsten Session-ID neu setzen
         if (strlen(session_id()) < 32) {
             mt_srand((double) microtime() * 1000000);
             session_id(md5(uniqid(mt_rand())));
         }

         //  Prüfen, ob eine Session-ID übergeben wurde
         //  (über Cookie, POST oder GET)
         $IDpassed = false;
         if (isset($_COOKIE[session_name()]) &&
                 @strlen($_COOKIE[session_name()]) >= 32
             ) {
             $IDpassed = true;
         }

         if (!$IDpassed) {
             // Es wurde keine (gültige) Session-ID übergeben.
             // Script-Parameter der URL zufügen

             $query = @$_SERVER["QUERY_STRING"] != "" ? "?" . $_SERVER["QUERY_STRING"] : "";

             header("Status: 302 Found");

             // Script terminiert
             $this->redirectTo($_SERVER["PHP_SELF"] . $query);
         }

         // Wenn die Session-ID übergeben wurde, muss sie
         // nicht unbedingt gültig sein!

         // Für weiteren Gebrauch merken
         $this->usesCookies =
                        (isset($_COOKIE[session_name()]) &&
                         @strlen($_COOKIE[session_name()])
                         >= 32);
     }

     ### -------------------------------------------------------

     public function sendNoCacheHeader()
     {
         header("Expires: Sat, 05 Aug 2000 22:27:00 GMT");
         header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
         header("Cache-Control: no-cache, must-revalidate");
         header("Pragma: no-cache");
         header("Cache-Control: post-check=0, pre-check=0");
     }

     ### -------------------------------------------------------

     public function redirectTo($pathInfo)
     {

         // Relativer Pfad?
         if ($pathInfo[0] != "/") {
             $pathInfo = substr(
                 getenv("PATH_INFO"),
                 0,
                 strrpos(getenv("PATH_INFO"), "/") + 1
             )
                             . $pathInfo;
         }

         // Läuft dieses Script auf einem non-standard Port?
         $port = !preg_match(
             "/^(80|443)$/",
             getenv("SERVER_PORT"),
             $portMatch
         )
                    ? ":" . getenv("SERVER_PORT")
                    : "";

         // Redirect
         header("Location: "
                . (($portMatch[1] == 443) ? "https://" : "http://")
                . $_SERVER["HTTP_HOST"] . $port . $this->url($pathInfo));
         exit;
     }

     ### -------------------------------------------------------

     public function removeTrail($pathInfo)
     {
         $dummy = preg_match("/(.*)(?<!&|\?)/", $pathInfo, $match);
         return $match[0];
     }

     ### -------------------------------------------------------

     public function url($pathInfo)
     {
         if ($this->usesCookies || $this->transSID) {
             return $pathInfo;
         }

         // Anchor-Fragment extrahieren
         $dummyArray = explode("#", $pathInfo);
         $pathInfo = $dummyArray[0];

         // evtl. (kaputte) Session-ID(s) aus dem Querystring entfernen
         $pathInfo = preg_replace(
             "/[?|&]" . session_name() . "=[^&]*/",
             "",
             $pathInfo
         );

         // evtl. Query-Delimiter korrigieren
         if (preg_match("/&/", $pathInfo) && !preg_match("/\?/", $pathInfo)) {
             // 4ter Parameter für "preg_replace()" erst ab 4.0.1pl2
             $pathInfo = preg_replace("/&/", "?", $pathInfo, 1);
         }

         // Restmüll entsorgen
         $pathInfo = $this->removeTrail($pathInfo);

         // Session-Name und Session-ID frisch hinzufügen
         $pathInfo .= preg_match("/\?/", $pathInfo) ? "&" : "?";

         // Anchor-Fragment wieder anfügen
         $pathInfo .= isset($dummyArray[1]) ? "#" . $dummyArray[1] : "";

         return $pathInfo;
     }
 } // of class
Session\url
url($pathInfo)
Fallback via GET - wenn Cookies ausgeschaltet sind.
Definition: class.Session.php:185

$_COOKIE
$_COOKIE['client_id']
Definition: server.php:9

$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54

Session\__construct
__construct($sessionName="SESSID")
Konstruktor - nimmt, wenn gewuenscht einen neuen Session-Namen entgegen.
Definition: class.Session.php:46

Session\$version
$version
Definition: class.Session.php:35

Session\sendNoCacheHeader
sendNoCacheHeader()
Cacheing unterbinden.
Definition: class.Session.php:113

Session\redirectTo
redirectTo($pathInfo)
HTTP-Redirect ausführen (header("Location: ...")
Definition: class.Session.php:136

Session\removeTrail
removeTrail($pathInfo)
Entfernt mögliche abschließende "&" und "?".
Definition: class.Session.php:172

Session\$usesCookies
$usesCookies
Definition: class.Session.php:36

$query
$query
Definition: proxy_ylocal.php:13

Session\$transSID
$transSID
Definition: class.Session.php:37

Session
"Manueller" Session-Fallback mit PHP4
Definition: class.Session.php:33

exit
exit
Definition: backend.php:16

php