mirror of
https://github.com/php/php-src.git
synced 2024-12-15 21:05:51 +08:00
1942 lines
50 KiB
C
1942 lines
50 KiB
C
/*
|
|
+----------------------------------------------------------------------+
|
|
| PHP Version 5 |
|
|
+----------------------------------------------------------------------+
|
|
| Copyright (c) 1997-2007 The PHP Group |
|
|
+----------------------------------------------------------------------+
|
|
| This source file is subject to version 3.01 of the PHP license, |
|
|
| that is bundled with this package in the file LICENSE, and is |
|
|
| available through the world-wide-web at the following url: |
|
|
| http://www.php.net/license/3_01.txt |
|
|
| If you did not receive a copy of the PHP license and are unable to |
|
|
| obtain it through the world-wide-web, please send a note to |
|
|
| license@php.net so we can mail you a copy immediately. |
|
|
+----------------------------------------------------------------------+
|
|
| Authors: Sascha Schumann <sascha@schumann.cx> |
|
|
| Andrei Zmievski <andrei@php.net> |
|
|
+----------------------------------------------------------------------+
|
|
*/
|
|
|
|
/* $Id$ */
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
#include "config.h"
|
|
#endif
|
|
|
|
#include "php.h"
|
|
|
|
#ifdef PHP_WIN32
|
|
#include "win32/time.h"
|
|
#else
|
|
#include <sys/time.h>
|
|
#endif
|
|
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
|
|
#include "php_ini.h"
|
|
#include "SAPI.h"
|
|
#include "php_session.h"
|
|
#include "ext/standard/md5.h"
|
|
#include "ext/standard/sha1.h"
|
|
#include "ext/standard/php_var.h"
|
|
#include "ext/standard/datetime.h"
|
|
#include "ext/standard/php_lcg.h"
|
|
#include "ext/standard/url_scanner_ex.h"
|
|
#include "ext/standard/php_rand.h" /* for RAND_MAX */
|
|
#include "ext/standard/info.h"
|
|
#include "ext/standard/php_smart_str.h"
|
|
|
|
#include "mod_files.h"
|
|
#include "mod_user.h"
|
|
|
|
#ifdef HAVE_LIBMM
|
|
#include "mod_mm.h"
|
|
#endif
|
|
|
|
PHPAPI ZEND_DECLARE_MODULE_GLOBALS(ps);
|
|
|
|
/* ***********
|
|
* Helpers *
|
|
*********** */
|
|
|
|
#ifdef NETWARE
|
|
# define SESS_SB_MTIME(sb) ((sb).st_mtime.tv_sec)
|
|
#else
|
|
# define SESS_SB_MTIME(sb) ((sb).st_mtime)
|
|
#endif
|
|
|
|
#define IF_SESSION_VARS() \
|
|
if (PS(http_session_vars) && PS(http_session_vars)->type == IS_ARRAY)
|
|
|
|
#define SESSION_CHECK_ACTIVE_STATE \
|
|
if (PS(session_status) == php_session_active) { \
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "A session is active. You cannot change the session module's ini settings at this time"); \
|
|
return FAILURE; \
|
|
}
|
|
|
|
/* Dispatched by RINIT and by php_session_destroy */
|
|
static inline void php_rinit_session_globals(TSRMLS_D)
|
|
{
|
|
PS(id) = NULL;
|
|
PS(session_status) = php_session_none;
|
|
PS(mod_data) = NULL;
|
|
PS(http_session_vars) = NULL;
|
|
}
|
|
|
|
/* Dispatched by RSHUTDOWN and by php_session_destroy */
|
|
static inline void php_rshutdown_session_globals(TSRMLS_D)
|
|
{
|
|
if (PS(http_session_vars)) {
|
|
zval_ptr_dtor(&PS(http_session_vars));
|
|
PS(http_session_vars) = NULL;
|
|
}
|
|
if (PS(mod_data)) {
|
|
zend_try {
|
|
PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
|
|
} zend_end_try();
|
|
}
|
|
if (PS(id)) {
|
|
efree(PS(id));
|
|
}
|
|
}
|
|
|
|
static int php_session_destroy(TSRMLS_D)
|
|
{
|
|
int retval = SUCCESS;
|
|
|
|
if (PS(session_status) != php_session_active) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Trying to destroy uninitialized session");
|
|
return FAILURE;
|
|
}
|
|
|
|
if (PS(mod)->s_destroy(&PS(mod_data), PS(id) TSRMLS_CC) == FAILURE) {
|
|
retval = FAILURE;
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session object destruction failed");
|
|
}
|
|
|
|
php_rshutdown_session_globals(TSRMLS_C);
|
|
php_rinit_session_globals(TSRMLS_C);
|
|
|
|
return retval;
|
|
}
|
|
|
|
PHPAPI void php_add_session_var(char *name, size_t namelen TSRMLS_DC)
|
|
{
|
|
zval **sym_track = NULL;
|
|
|
|
IF_SESSION_VARS() {
|
|
zend_rt_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1,
|
|
(void *) &sym_track);
|
|
} else {
|
|
return;
|
|
}
|
|
|
|
if (sym_track == NULL) {
|
|
zval *empty_var;
|
|
|
|
ALLOC_INIT_ZVAL(empty_var);
|
|
ZEND_SET_SYMBOL_WITH_LENGTH(Z_ARRVAL_P(PS(http_session_vars)), name, namelen+1, empty_var, 1, 0);
|
|
}
|
|
}
|
|
|
|
/* BC? */
|
|
PHPAPI void php_set_session_var(char *name, size_t namelen, zval *state_val, php_unserialize_data_t *var_hash TSRMLS_DC)
|
|
{
|
|
zend_utf8_hash_update(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, &state_val, sizeof(zval *), NULL);
|
|
zval_add_ref(&state_val);
|
|
}
|
|
|
|
PHPAPI int php_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC)
|
|
{
|
|
int ret = FAILURE;
|
|
|
|
IF_SESSION_VARS() {
|
|
ret = zend_rt_hash_find(Z_ARRVAL_P(PS(http_session_vars)), name,
|
|
namelen+1, (void **) state_var);
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
static void php_session_track_init(TSRMLS_D)
|
|
{
|
|
zval *session_vars = NULL;
|
|
|
|
/* Unconditionally destroy existing arrays -- possible dirty data */
|
|
zend_delete_global_variable("_SESSION", sizeof("_SESSION")-1 TSRMLS_CC);
|
|
|
|
if (PS(http_session_vars)) {
|
|
zval_ptr_dtor(&PS(http_session_vars));
|
|
}
|
|
|
|
MAKE_STD_ZVAL(session_vars);
|
|
array_init(session_vars);
|
|
PS(http_session_vars) = session_vars;
|
|
|
|
ZEND_SET_GLOBAL_VAR_WITH_LENGTH("_SESSION", sizeof("_SESSION"), PS(http_session_vars), 2, 1);
|
|
}
|
|
|
|
static char *php_session_encode(int *newlen TSRMLS_DC)
|
|
{
|
|
char *ret = NULL;
|
|
|
|
IF_SESSION_VARS() {
|
|
if (!PS(serializer)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown session.serialize_handler. Failed to encode session object");
|
|
ret = NULL;
|
|
} else if (PS(serializer)->encode(&ret, newlen TSRMLS_CC) == FAILURE) {
|
|
ret = NULL;
|
|
}
|
|
} else {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot encode non-existent session");
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
static void php_session_decode(const char *val, int vallen TSRMLS_DC)
|
|
{
|
|
if (!PS(serializer)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown session.serialize_handler. Failed to decode session object");
|
|
return;
|
|
}
|
|
if (PS(serializer)->decode(val, vallen TSRMLS_CC) == FAILURE) {
|
|
php_session_destroy(TSRMLS_C);
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to decode session object. Session has been destroyed");
|
|
}
|
|
}
|
|
|
|
|
|
/*
|
|
* Note that we cannot use the BASE64 alphabet here, because
|
|
* it contains "/" and "+": both are unacceptable for simple inclusion
|
|
* into URLs.
|
|
*/
|
|
|
|
static char hexconvtab[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,-";
|
|
|
|
enum {
|
|
PS_HASH_FUNC_MD5,
|
|
PS_HASH_FUNC_SHA1,
|
|
PS_HASH_FUNC_OTHER
|
|
};
|
|
|
|
/* returns a pointer to the byte after the last valid character in out */
|
|
static char *bin_to_readable(char *in, size_t inlen, char *out, char nbits)
|
|
{
|
|
unsigned char *p, *q;
|
|
unsigned short w;
|
|
int mask;
|
|
int have;
|
|
|
|
p = (unsigned char *) in;
|
|
q = (unsigned char *)in + inlen;
|
|
|
|
w = 0;
|
|
have = 0;
|
|
mask = (1 << nbits) - 1;
|
|
|
|
while (1) {
|
|
if (have < nbits) {
|
|
if (p < q) {
|
|
w |= *p++ << have;
|
|
have += 8;
|
|
} else {
|
|
/* consumed everything? */
|
|
if (have == 0) break;
|
|
/* No? We need a final round */
|
|
have = nbits;
|
|
}
|
|
}
|
|
|
|
/* consume nbits */
|
|
*out++ = hexconvtab[w & mask];
|
|
w >>= nbits;
|
|
have -= nbits;
|
|
}
|
|
|
|
*out = '\0';
|
|
return out;
|
|
}
|
|
|
|
#define PS_ID_INITIAL_SIZE 100
|
|
PHPAPI char *php_session_create_id(PS_CREATE_SID_ARGS)
|
|
{
|
|
PHP_MD5_CTX md5_context;
|
|
PHP_SHA1_CTX sha1_context;
|
|
#ifdef HAVE_HASH_EXT
|
|
void *hash_context;
|
|
#endif
|
|
unsigned char *digest;
|
|
int digest_len;
|
|
int j;
|
|
char *buf;
|
|
struct timeval tv;
|
|
zval **array;
|
|
zval **token;
|
|
char *remote_addr = NULL;
|
|
|
|
gettimeofday(&tv, NULL);
|
|
|
|
if (zend_ascii_hash_find(&EG(symbol_table), "_SERVER",
|
|
sizeof("_SERVER"), (void **) &array) == SUCCESS &&
|
|
Z_TYPE_PP(array) == IS_ARRAY &&
|
|
zend_ascii_hash_find(Z_ARRVAL_PP(array), "REMOTE_ADDR",
|
|
sizeof("REMOTE_ADDR"), (void **) &token) == SUCCESS) {
|
|
remote_addr = Z_STRVAL_PP(token);
|
|
}
|
|
|
|
/* maximum 15+19+19+10 bytes */
|
|
spprintf(&buf, 0, "%.15s%ld%ld%0.8F", remote_addr ? remote_addr : "",
|
|
tv.tv_sec, (long int)tv.tv_usec, php_combined_lcg(TSRMLS_C) * 10);
|
|
|
|
switch (PS(hash_func)) {
|
|
case PS_HASH_FUNC_MD5:
|
|
PHP_MD5Init(&md5_context);
|
|
PHP_MD5Update(&md5_context, (unsigned char *) buf, strlen(buf));
|
|
digest_len = 16;
|
|
break;
|
|
case PS_HASH_FUNC_SHA1:
|
|
PHP_SHA1Init(&sha1_context);
|
|
PHP_SHA1Update(&sha1_context, (unsigned char *) buf, strlen(buf));
|
|
digest_len = 20;
|
|
break;
|
|
#ifdef HAVE_HASH_EXT
|
|
case PS_HASH_FUNC_OTHER:
|
|
if (!PS(hash_ops)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_ERROR, "Invalid session hash function");
|
|
efree(buf);
|
|
return NULL;
|
|
}
|
|
|
|
hash_context = emalloc(PS(hash_ops)->context_size);
|
|
PS(hash_ops)->hash_init(hash_context);
|
|
PS(hash_ops)->hash_update(hash_context, (unsigned char *) buf, strlen(buf));
|
|
digest_len = PS(hash_ops)->digest_size;
|
|
break;
|
|
#endif /* HAVE_HASH_EXT */
|
|
default:
|
|
php_error_docref(NULL TSRMLS_CC, E_ERROR, "Invalid session hash function");
|
|
efree(buf);
|
|
return NULL;
|
|
}
|
|
|
|
if (PS(entropy_length) > 0) {
|
|
int fd;
|
|
|
|
fd = VCWD_OPEN(PS(entropy_file), O_RDONLY);
|
|
if (fd >= 0) {
|
|
unsigned char rbuf[2048];
|
|
int n;
|
|
int to_read = PS(entropy_length);
|
|
|
|
while (to_read > 0) {
|
|
n = read(fd, rbuf, MIN(to_read, sizeof(rbuf)));
|
|
if (n <= 0) break;
|
|
|
|
switch (PS(hash_func)) {
|
|
case PS_HASH_FUNC_MD5:
|
|
PHP_MD5Update(&md5_context, rbuf, n);
|
|
break;
|
|
case PS_HASH_FUNC_SHA1:
|
|
PHP_SHA1Update(&sha1_context, rbuf, n);
|
|
break;
|
|
#ifdef HAVE_HASH_EXT
|
|
case PS_HASH_FUNC_OTHER:
|
|
PS(hash_ops)->hash_update(hash_context, rbuf, n);
|
|
break;
|
|
#endif /* HAVE_HASH_EXT */
|
|
}
|
|
to_read -= n;
|
|
}
|
|
close(fd);
|
|
}
|
|
}
|
|
|
|
digest = emalloc(digest_len + 1);
|
|
switch (PS(hash_func)) {
|
|
case PS_HASH_FUNC_MD5:
|
|
PHP_MD5Final(digest, &md5_context);
|
|
break;
|
|
case PS_HASH_FUNC_SHA1:
|
|
PHP_SHA1Final(digest, &sha1_context);
|
|
break;
|
|
#ifdef HAVE_HASH_EXT
|
|
case PS_HASH_FUNC_OTHER:
|
|
PS(hash_ops)->hash_final(digest, hash_context);
|
|
efree(hash_context);
|
|
break;
|
|
#endif /* HAVE_HASH_EXT */
|
|
}
|
|
|
|
if (PS(hash_bits_per_character) < 4
|
|
|| PS(hash_bits_per_character) > 6) {
|
|
PS(hash_bits_per_character) = 4;
|
|
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "The ini setting hash_bits_per_character is out of range (should be 4, 5, or 6) - using 4 for now");
|
|
}
|
|
|
|
if (PS_ID_INITIAL_SIZE < ((digest_len + 2) * (8 / PS(hash_bits_per_character))) ) {
|
|
/* 100 bytes is enough for most, but not all hash algos */
|
|
buf = erealloc(buf, (digest_len + 2) * (8 / PS(hash_bits_per_character)) );
|
|
}
|
|
|
|
j = (int) (bin_to_readable((char *)digest, digest_len, buf, PS(hash_bits_per_character)) - buf);
|
|
efree(digest);
|
|
|
|
if (newlen) {
|
|
*newlen = j;
|
|
}
|
|
|
|
return buf;
|
|
}
|
|
|
|
static void php_session_initialize(TSRMLS_D)
|
|
{
|
|
char *val;
|
|
int vallen;
|
|
|
|
/* check session name for invalid characters */
|
|
if (PS(id) && strpbrk(PS(id), "\r\n\t <>'\"\\")) {
|
|
efree(PS(id));
|
|
PS(id) = NULL;
|
|
}
|
|
|
|
if (!PS(mod)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_ERROR, "No storage module chosen - failed to initialize session");
|
|
return;
|
|
}
|
|
|
|
/* Open session handler first */
|
|
if (PS(mod)->s_open(&PS(mod_data), PS(save_path), PS(session_name) TSRMLS_CC) == FAILURE) {
|
|
php_error_docref(NULL TSRMLS_CC, E_ERROR, "Failed to initialize storage module: %s (path: %s)", PS(mod)->s_name, PS(save_path));
|
|
return;
|
|
}
|
|
|
|
/* If there is no ID, use session module to create one */
|
|
if (!PS(id)) {
|
|
new_session:
|
|
PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
|
|
if (PS(use_cookies)) {
|
|
PS(send_cookie) = 1;
|
|
}
|
|
}
|
|
|
|
/* Read data */
|
|
/* Question: if you create a SID here, should you also try to read data?
|
|
* I'm not sure, but while not doing so will remove one session operation
|
|
* it could prove usefull for those sites which wish to have "default"
|
|
* session information
|
|
*/
|
|
php_session_track_init(TSRMLS_C);
|
|
PS(invalid_session_id) = 0;
|
|
if (PS(mod)->s_read(&PS(mod_data), PS(id), &val, &vallen TSRMLS_CC) == SUCCESS) {
|
|
php_session_decode(val, vallen TSRMLS_CC);
|
|
efree(val);
|
|
} else if (PS(invalid_session_id)) { /* address instances where the session read fails due to an invalid id */
|
|
PS(invalid_session_id) = 0;
|
|
efree(PS(id));
|
|
PS(id) = NULL;
|
|
goto new_session;
|
|
}
|
|
}
|
|
|
|
static void php_session_save_current_state(TSRMLS_D)
|
|
{
|
|
int ret = FAILURE;
|
|
|
|
IF_SESSION_VARS() {
|
|
|
|
if (PS(mod_data)) {
|
|
char *val;
|
|
int vallen;
|
|
|
|
val = php_session_encode(&vallen TSRMLS_CC);
|
|
if (val) {
|
|
ret = PS(mod)->s_write(&PS(mod_data), PS(id), val, vallen TSRMLS_CC);
|
|
efree(val);
|
|
} else {
|
|
ret = PS(mod)->s_write(&PS(mod_data), PS(id), "", 0 TSRMLS_CC);
|
|
}
|
|
}
|
|
|
|
if (ret == FAILURE) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to write session data (%s). Please "
|
|
"verify that the current setting of session.save_path "
|
|
"is correct (%s)",
|
|
PS(mod)->s_name,
|
|
PS(save_path));
|
|
}
|
|
}
|
|
|
|
if (PS(mod_data)) {
|
|
PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
|
|
}
|
|
}
|
|
|
|
/* *************************
|
|
* INI Settings/Handlers *
|
|
************************* */
|
|
|
|
static PHP_INI_MH(OnUpdateSaveHandler)
|
|
{
|
|
ps_module *tmp;
|
|
SESSION_CHECK_ACTIVE_STATE;
|
|
|
|
tmp = _php_find_ps_module(new_value TSRMLS_CC);
|
|
|
|
if (PG(modules_activated) && !tmp) {
|
|
int err_type;
|
|
|
|
if (stage == ZEND_INI_STAGE_RUNTIME) {
|
|
err_type = E_WARNING;
|
|
} else {
|
|
err_type = E_ERROR;
|
|
}
|
|
|
|
php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find save handler %s", new_value);
|
|
return FAILURE;
|
|
}
|
|
PS(mod) = tmp;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_INI_MH(OnUpdateTransSid)
|
|
{
|
|
SESSION_CHECK_ACTIVE_STATE;
|
|
|
|
if (!strncasecmp(new_value, "on", sizeof("on"))) {
|
|
PS(use_trans_sid) = (zend_bool) 1;
|
|
} else {
|
|
PS(use_trans_sid) = (zend_bool) atoi(new_value);
|
|
}
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_INI_MH(OnUpdateSerializer)
|
|
{
|
|
const ps_serializer *tmp;
|
|
SESSION_CHECK_ACTIVE_STATE;
|
|
|
|
tmp = _php_find_ps_serializer(new_value TSRMLS_CC);
|
|
|
|
if (PG(modules_activated) && !tmp) {
|
|
int err_type;
|
|
if (stage == ZEND_INI_STAGE_RUNTIME) {
|
|
err_type = E_WARNING;
|
|
} else {
|
|
err_type = E_ERROR;
|
|
}
|
|
php_error_docref(NULL TSRMLS_CC, err_type, "Cannot find serialization handler %s", new_value);
|
|
return FAILURE;
|
|
}
|
|
PS(serializer) = tmp;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_INI_MH(OnUpdateSaveDir)
|
|
{
|
|
/* Only do the safemode/open_basedir check at runtime */
|
|
if (stage == PHP_INI_STAGE_RUNTIME) {
|
|
char *p;
|
|
|
|
if (memchr(new_value, '\0', new_value_length) != NULL) {
|
|
return FAILURE;
|
|
}
|
|
|
|
if ((p = zend_memrchr(new_value, ';', new_value_length))) {
|
|
p++;
|
|
} else {
|
|
p = new_value;
|
|
}
|
|
|
|
if (php_check_open_basedir(p TSRMLS_CC)) {
|
|
return FAILURE;
|
|
}
|
|
}
|
|
|
|
OnUpdateString(entry, new_value, new_value_length, mh_arg1, mh_arg2, mh_arg3, stage TSRMLS_CC);
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_INI_MH(OnUpdateHashFunc)
|
|
{
|
|
long val;
|
|
char *endptr = NULL;
|
|
|
|
#ifdef HAVE_HASH_EXT
|
|
PS(hash_ops) = NULL;
|
|
#endif
|
|
|
|
val = strtol(new_value, &endptr, 10);
|
|
if (endptr && (*endptr == '\0')) {
|
|
/* Numeric value */
|
|
PS(hash_func) = val ? 1 : 0;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
if (new_value_length == (sizeof("md5") - 1) &&
|
|
strncasecmp(new_value, "md5", sizeof("md5") - 1) == 0) {
|
|
PS(hash_func) = PS_HASH_FUNC_MD5;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
if (new_value_length == (sizeof("sha1") - 1) &&
|
|
strncasecmp(new_value, "sha1", sizeof("sha1") - 1) == 0) {
|
|
PS(hash_func) = PS_HASH_FUNC_SHA1;
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
#ifdef HAVE_HASH_EXT
|
|
{
|
|
php_hash_ops *ops = php_hash_fetch_ops(new_value, new_value_length);
|
|
|
|
if (ops) {
|
|
PS(hash_func) = PS_HASH_FUNC_OTHER;
|
|
PS(hash_ops) = ops;
|
|
|
|
return SUCCESS;
|
|
}
|
|
}
|
|
#endif /* HAVE_HASH_EXT */
|
|
|
|
return FAILURE;
|
|
}
|
|
|
|
/* {{{ PHP_INI
|
|
*/
|
|
PHP_INI_BEGIN()
|
|
STD_PHP_INI_ENTRY("session.save_path", "", PHP_INI_ALL, OnUpdateSaveDir,save_path, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.name", "PHPSESSID", PHP_INI_ALL, OnUpdateString, session_name, php_ps_globals, ps_globals)
|
|
PHP_INI_ENTRY("session.save_handler", "files", PHP_INI_ALL, OnUpdateSaveHandler)
|
|
STD_PHP_INI_BOOLEAN("session.auto_start", "0", PHP_INI_ALL, OnUpdateBool, auto_start, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.gc_probability", "1", PHP_INI_ALL, OnUpdateLong, gc_probability, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals)
|
|
PHP_INI_ENTRY("session.serialize_handler", "php", PHP_INI_ALL, OnUpdateSerializer)
|
|
STD_PHP_INI_ENTRY("session.cookie_lifetime", "0", PHP_INI_ALL, OnUpdateLong, cookie_lifetime, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.cookie_path", "/", PHP_INI_ALL, OnUpdateString, cookie_path, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.cookie_domain", "", PHP_INI_ALL, OnUpdateString, cookie_domain, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_BOOLEAN("session.cookie_secure", "", PHP_INI_ALL, OnUpdateBool, cookie_secure, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_BOOLEAN("session.cookie_httponly", "", PHP_INI_ALL, OnUpdateBool, cookie_httponly, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_BOOLEAN("session.use_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_cookies, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_BOOLEAN("session.use_only_cookies", "1", PHP_INI_ALL, OnUpdateBool, use_only_cookies, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.referer_check", "", PHP_INI_ALL, OnUpdateString, extern_referer_chk, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.entropy_file", "", PHP_INI_ALL, OnUpdateString, entropy_file, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.entropy_length", "0", PHP_INI_ALL, OnUpdateLong, entropy_length, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.cache_limiter", "nocache", PHP_INI_ALL, OnUpdateString, cache_limiter, php_ps_globals, ps_globals)
|
|
STD_PHP_INI_ENTRY("session.cache_expire", "180", PHP_INI_ALL, OnUpdateLong, cache_expire, php_ps_globals, ps_globals)
|
|
PHP_INI_ENTRY("session.use_trans_sid", "0", PHP_INI_ALL, OnUpdateTransSid)
|
|
PHP_INI_ENTRY("session.hash_function", "0", PHP_INI_ALL, OnUpdateHashFunc)
|
|
STD_PHP_INI_ENTRY("session.hash_bits_per_character", "4", PHP_INI_ALL, OnUpdateLong, hash_bits_per_character, php_ps_globals, ps_globals)
|
|
|
|
/* Commented out until future discussion */
|
|
/* PHP_INI_ENTRY("session.encode_sources", "globals,track", PHP_INI_ALL, NULL) */
|
|
PHP_INI_END()
|
|
/* }}} */
|
|
|
|
/* ***************
|
|
* Serializers *
|
|
*************** */
|
|
|
|
#define PS_BIN_NR_OF_BITS 8
|
|
#define PS_BIN_UNDEF (1<<(PS_BIN_NR_OF_BITS-1))
|
|
#define PS_BIN_MAX (PS_BIN_UNDEF-1)
|
|
|
|
PS_SERIALIZER_ENCODE_FUNC(php_binary)
|
|
{
|
|
smart_str buf = {0};
|
|
php_serialize_data_t var_hash;
|
|
PS_ENCODE_VARS;
|
|
|
|
PHP_VAR_SERIALIZE_INIT(var_hash);
|
|
|
|
PS_UENCODE_LOOP(
|
|
if (key_length > PS_BIN_MAX || key_type != HASH_KEY_IS_STRING) continue;
|
|
if (struc) {
|
|
smart_str_appendc(&buf, (unsigned char)key_length );
|
|
smart_str_appendl(&buf, key.s, key_length);
|
|
php_var_serialize(&buf, struc, &var_hash TSRMLS_CC);
|
|
} else {
|
|
smart_str_appendc(&buf, (unsigned char)key_length | PS_BIN_UNDEF);
|
|
smart_str_appendl(&buf, key.s, key_length);
|
|
}
|
|
);
|
|
|
|
if (newlen) {
|
|
*newlen = buf.len;
|
|
}
|
|
smart_str_0(&buf);
|
|
*newstr = buf.c;
|
|
PHP_VAR_SERIALIZE_DESTROY(var_hash);
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
PS_SERIALIZER_DECODE_FUNC(php_binary)
|
|
{
|
|
const char *p;
|
|
char *name;
|
|
const char *endptr = val + vallen;
|
|
zval *current;
|
|
int namelen;
|
|
int has_value;
|
|
php_unserialize_data_t var_hash;
|
|
|
|
PHP_VAR_UNSERIALIZE_INIT(var_hash);
|
|
|
|
for (p = val; p < endptr; ) {
|
|
zval **tmp;
|
|
namelen = ((unsigned char)(*p)) & (~PS_BIN_UNDEF);
|
|
|
|
if (namelen > PS_BIN_MAX || (p + namelen) >= endptr) {
|
|
return FAILURE;
|
|
}
|
|
|
|
has_value = *p & PS_BIN_UNDEF ? 0 : 1;
|
|
|
|
name = estrndup(p + 1, namelen);
|
|
|
|
p += namelen + 1;
|
|
|
|
if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) {
|
|
if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) {
|
|
efree(name);
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if (has_value) {
|
|
ALLOC_INIT_ZVAL(current);
|
|
if (php_var_unserialize(¤t, (const unsigned char **) &p, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) {
|
|
zend_utf8_hash_update(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, ¤t, sizeof(zval *), NULL);
|
|
} else {
|
|
zval_ptr_dtor(¤t);
|
|
}
|
|
}
|
|
|
|
PS_ADD_VARL(name, namelen);
|
|
efree(name);
|
|
}
|
|
|
|
PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
#define PS_DELIMITER '|'
|
|
#define PS_UNDEF_MARKER '!'
|
|
|
|
PS_SERIALIZER_ENCODE_FUNC(php)
|
|
{
|
|
smart_str buf = {0};
|
|
php_serialize_data_t var_hash;
|
|
PS_ENCODE_VARS;
|
|
|
|
PHP_VAR_SERIALIZE_INIT(var_hash);
|
|
|
|
PS_UENCODE_LOOP(
|
|
if (!struc) {
|
|
smart_str_appendc(&buf, PS_UNDEF_MARKER);
|
|
}
|
|
|
|
if (key_type == HASH_KEY_IS_STRING) {
|
|
if (memchr(key.s, PS_DELIMITER, key_length)) {
|
|
PHP_VAR_SERIALIZE_DESTROY(var_hash);
|
|
smart_str_free(&buf);
|
|
return FAILURE;
|
|
}
|
|
smart_str_appendl(&buf, key.s, (unsigned char) key_length);
|
|
} else {
|
|
/* HASH_KEY_IS_UNICODE */
|
|
char *str = NULL;
|
|
int len;
|
|
UErrorCode status = U_ZERO_ERROR;
|
|
|
|
zend_unicode_to_string_ex(UG(utf8_conv), &str, &len, key.u, key_length, &status);
|
|
if (U_FAILURE(status) || memchr(str, PS_DELIMITER, key_length)) {
|
|
PHP_VAR_SERIALIZE_DESTROY(var_hash);
|
|
smart_str_free(&buf);
|
|
if (str) { efree(str); }
|
|
return FAILURE;
|
|
}
|
|
smart_str_appendl(&buf, str, len);
|
|
efree(str);
|
|
}
|
|
smart_str_appendc(&buf, PS_DELIMITER);
|
|
|
|
if (struc) {
|
|
php_var_serialize(&buf, struc, &var_hash TSRMLS_CC);
|
|
}
|
|
);
|
|
|
|
if (newlen) *newlen = buf.len;
|
|
|
|
smart_str_0(&buf);
|
|
*newstr = buf.c;
|
|
|
|
PHP_VAR_SERIALIZE_DESTROY(var_hash);
|
|
return SUCCESS;
|
|
}
|
|
|
|
PS_SERIALIZER_DECODE_FUNC(php)
|
|
{
|
|
const char *p, *q;
|
|
char *name;
|
|
const char *endptr = val + vallen;
|
|
zval *current;
|
|
int namelen;
|
|
int has_value;
|
|
php_unserialize_data_t var_hash;
|
|
|
|
PHP_VAR_UNSERIALIZE_INIT(var_hash);
|
|
|
|
p = val;
|
|
|
|
while (p < endptr) {
|
|
zval **tmp;
|
|
has_value = 1;
|
|
|
|
q = p;
|
|
while (*q != PS_DELIMITER) {
|
|
if (++q >= endptr) goto break_outer_loop;
|
|
}
|
|
|
|
if (*p == PS_UNDEF_MARKER) {
|
|
if (++p >= endptr) goto break_outer_loop;
|
|
|
|
has_value = 0;
|
|
}
|
|
|
|
namelen = q - p;
|
|
name = estrndup(p, namelen);
|
|
q++;
|
|
|
|
if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) {
|
|
if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) {
|
|
goto skip;
|
|
}
|
|
}
|
|
|
|
if (has_value) {
|
|
ALLOC_INIT_ZVAL(current);
|
|
if (php_var_unserialize(¤t, (const unsigned char **) &q, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) {
|
|
zend_utf8_hash_update(Z_ARRVAL_P(PS(http_session_vars)), name, namelen + 1, ¤t, sizeof(zval *), NULL);
|
|
} else {
|
|
zval_ptr_dtor(¤t);
|
|
}
|
|
}
|
|
PS_ADD_VARL(name, namelen);
|
|
skip:
|
|
efree(name);
|
|
|
|
p = q;
|
|
}
|
|
break_outer_loop:
|
|
|
|
PHP_VAR_UNSERIALIZE_DESTROY(var_hash);
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
#define MAX_SERIALIZERS 10
|
|
#define PREDEFINED_SERIALIZERS 2
|
|
|
|
static ps_serializer ps_serializers[MAX_SERIALIZERS + 1] = {
|
|
PS_SERIALIZER_ENTRY(php),
|
|
PS_SERIALIZER_ENTRY(php_binary)
|
|
};
|
|
|
|
PHPAPI int php_session_register_serializer(const char *name,
|
|
int (*encode)(PS_SERIALIZER_ENCODE_ARGS),
|
|
int (*decode)(PS_SERIALIZER_DECODE_ARGS))
|
|
{
|
|
int ret = -1;
|
|
int i;
|
|
|
|
for (i = 0; i < MAX_SERIALIZERS; i++) {
|
|
if (ps_serializers[i].name == NULL) {
|
|
ps_serializers[i].name = name;
|
|
ps_serializers[i].encode = encode;
|
|
ps_serializers[i].decode = decode;
|
|
ps_serializers[i + 1].name = NULL;
|
|
ret = 0;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
/* *******************
|
|
* Storage Modules *
|
|
******************* */
|
|
|
|
#define MAX_MODULES 10
|
|
#define PREDEFINED_MODULES 2
|
|
|
|
static ps_module *ps_modules[MAX_MODULES + 1] = {
|
|
ps_files_ptr,
|
|
ps_user_ptr
|
|
};
|
|
|
|
PHPAPI int php_session_register_module(ps_module *ptr)
|
|
{
|
|
int ret = -1;
|
|
int i;
|
|
|
|
for (i = 0; i < MAX_MODULES; i++) {
|
|
if (!ps_modules[i]) {
|
|
ps_modules[i] = ptr;
|
|
ret = 0;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
/* ******************
|
|
* Cache Limiters *
|
|
****************** */
|
|
|
|
typedef struct {
|
|
char *name;
|
|
void (*func)(TSRMLS_D);
|
|
} php_session_cache_limiter_t;
|
|
|
|
#define CACHE_LIMITER(name) _php_cache_limiter_##name
|
|
#define CACHE_LIMITER_FUNC(name) static void CACHE_LIMITER(name)(TSRMLS_D)
|
|
#define CACHE_LIMITER_ENTRY(name) { #name, CACHE_LIMITER(name) },
|
|
#define ADD_HEADER(a) sapi_add_header(a, strlen(a), 1);
|
|
#define MAX_STR 512
|
|
|
|
static char *month_names[] = {
|
|
"Jan", "Feb", "Mar", "Apr", "May", "Jun",
|
|
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
|
|
};
|
|
|
|
static char *week_days[] = {
|
|
"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"
|
|
};
|
|
|
|
static inline void strcpy_gmt(char *ubuf, time_t *when)
|
|
{
|
|
char buf[MAX_STR];
|
|
struct tm tm;
|
|
int n;
|
|
|
|
php_gmtime_r(when, &tm);
|
|
|
|
n = snprintf(buf, sizeof(buf), "%s, %02d %s %d %02d:%02d:%02d GMT", /* SAFE */
|
|
week_days[tm.tm_wday], tm.tm_mday,
|
|
month_names[tm.tm_mon], tm.tm_year + 1900,
|
|
tm.tm_hour, tm.tm_min,
|
|
tm.tm_sec);
|
|
memcpy(ubuf, buf, n);
|
|
ubuf[n] = '\0';
|
|
}
|
|
|
|
static inline void last_modified(TSRMLS_D)
|
|
{
|
|
const char *path;
|
|
struct stat sb;
|
|
char buf[MAX_STR + 1];
|
|
|
|
path = SG(request_info).path_translated;
|
|
if (path) {
|
|
if (VCWD_STAT(path, &sb) == -1) {
|
|
return;
|
|
}
|
|
|
|
#define LAST_MODIFIED "Last-Modified: "
|
|
memcpy(buf, LAST_MODIFIED, sizeof(LAST_MODIFIED) - 1);
|
|
strcpy_gmt(buf + sizeof(LAST_MODIFIED) - 1, &SESS_SB_MTIME(sb));
|
|
ADD_HEADER(buf);
|
|
}
|
|
}
|
|
|
|
#define EXPIRES "Expires: "
|
|
CACHE_LIMITER_FUNC(public)
|
|
{
|
|
char buf[MAX_STR + 1];
|
|
struct timeval tv;
|
|
time_t now;
|
|
|
|
gettimeofday(&tv, NULL);
|
|
now = tv.tv_sec + PS(cache_expire) * 60;
|
|
memcpy(buf, EXPIRES, sizeof(EXPIRES) - 1);
|
|
strcpy_gmt(buf + sizeof(EXPIRES) - 1, &now);
|
|
ADD_HEADER(buf);
|
|
|
|
snprintf(buf, sizeof(buf) , "Cache-Control: public, max-age=%ld", PS(cache_expire) * 60); /* SAFE */
|
|
ADD_HEADER(buf);
|
|
|
|
last_modified(TSRMLS_C);
|
|
}
|
|
|
|
CACHE_LIMITER_FUNC(private_no_expire)
|
|
{
|
|
char buf[MAX_STR + 1];
|
|
|
|
snprintf(buf, sizeof(buf), "Cache-Control: private, max-age=%ld, pre-check=%ld", PS(cache_expire) * 60, PS(cache_expire) * 60); /* SAFE */
|
|
ADD_HEADER(buf);
|
|
|
|
last_modified(TSRMLS_C);
|
|
}
|
|
|
|
CACHE_LIMITER_FUNC(private)
|
|
{
|
|
ADD_HEADER("Expires: Thu, 19 Nov 1981 08:52:00 GMT");
|
|
CACHE_LIMITER(private_no_expire)(TSRMLS_C);
|
|
}
|
|
|
|
CACHE_LIMITER_FUNC(nocache)
|
|
{
|
|
ADD_HEADER("Expires: Thu, 19 Nov 1981 08:52:00 GMT");
|
|
|
|
/* For HTTP/1.1 conforming clients and the rest (MSIE 5) */
|
|
ADD_HEADER("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
|
|
|
|
/* For HTTP/1.0 conforming clients */
|
|
ADD_HEADER("Pragma: no-cache");
|
|
}
|
|
|
|
static php_session_cache_limiter_t php_session_cache_limiters[] = {
|
|
CACHE_LIMITER_ENTRY(public)
|
|
CACHE_LIMITER_ENTRY(private)
|
|
CACHE_LIMITER_ENTRY(private_no_expire)
|
|
CACHE_LIMITER_ENTRY(nocache)
|
|
{0}
|
|
};
|
|
|
|
static int php_session_cache_limiter(TSRMLS_D)
|
|
{
|
|
php_session_cache_limiter_t *lim;
|
|
|
|
if (PS(cache_limiter)[0] == '\0') return 0;
|
|
|
|
if (SG(headers_sent)) {
|
|
char *output_start_filename = php_output_get_start_filename(TSRMLS_C);
|
|
int output_start_lineno = php_output_get_start_lineno(TSRMLS_C);
|
|
|
|
if (output_start_filename) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent (output started at %s:%d)",
|
|
output_start_filename, output_start_lineno);
|
|
} else {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cache limiter - headers already sent");
|
|
}
|
|
return -2;
|
|
}
|
|
|
|
for (lim = php_session_cache_limiters; lim->name; lim++) {
|
|
if (!strcasecmp(lim->name, PS(cache_limiter))) {
|
|
lim->func(TSRMLS_C);
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
return -1;
|
|
}
|
|
|
|
|
|
|
|
/* *********************
|
|
* Cookie Management *
|
|
********************* */
|
|
|
|
|
|
#define COOKIE_SET_COOKIE "Set-Cookie: "
|
|
#define COOKIE_EXPIRES "; expires="
|
|
#define COOKIE_PATH "; path="
|
|
#define COOKIE_DOMAIN "; domain="
|
|
#define COOKIE_SECURE "; secure"
|
|
#define COOKIE_HTTPONLY "; HttpOnly"
|
|
|
|
static void php_session_send_cookie(TSRMLS_D)
|
|
{
|
|
smart_str ncookie = {0};
|
|
char *date_fmt = NULL;
|
|
|
|
if (SG(headers_sent)) {
|
|
char *output_start_filename = php_output_get_start_filename(TSRMLS_C);
|
|
int output_start_lineno = php_output_get_start_lineno(TSRMLS_C);
|
|
|
|
if (output_start_filename) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent by (output started at %s:%d)",
|
|
output_start_filename, output_start_lineno);
|
|
} else {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent");
|
|
}
|
|
return;
|
|
}
|
|
|
|
smart_str_appends(&ncookie, COOKIE_SET_COOKIE);
|
|
smart_str_appends(&ncookie, PS(session_name));
|
|
smart_str_appendc(&ncookie, '=');
|
|
smart_str_appends(&ncookie, PS(id));
|
|
|
|
if (PS(cookie_lifetime) > 0) {
|
|
struct timeval tv;
|
|
time_t t;
|
|
|
|
gettimeofday(&tv, NULL);
|
|
t = tv.tv_sec + PS(cookie_lifetime);
|
|
|
|
if (t > 0) {
|
|
date_fmt = php_std_date(t TSRMLS_CC);
|
|
smart_str_appends(&ncookie, COOKIE_EXPIRES);
|
|
smart_str_appends(&ncookie, date_fmt);
|
|
efree(date_fmt);
|
|
}
|
|
}
|
|
|
|
if (PS(cookie_path)[0]) {
|
|
smart_str_appends(&ncookie, COOKIE_PATH);
|
|
smart_str_appends(&ncookie, PS(cookie_path));
|
|
}
|
|
|
|
if (PS(cookie_domain)[0]) {
|
|
smart_str_appends(&ncookie, COOKIE_DOMAIN);
|
|
smart_str_appends(&ncookie, PS(cookie_domain));
|
|
}
|
|
|
|
if (PS(cookie_secure)) {
|
|
smart_str_appends(&ncookie, COOKIE_SECURE);
|
|
}
|
|
|
|
if (PS(cookie_httponly)) {
|
|
smart_str_appends(&ncookie, COOKIE_HTTPONLY);
|
|
}
|
|
|
|
smart_str_0(&ncookie);
|
|
|
|
/* 'replace' must be 0 here, else a previous Set-Cookie
|
|
header, probably sent with setcookie() will be replaced! */
|
|
sapi_add_header_ex(ncookie.c, ncookie.len, 0, 0 TSRMLS_CC);
|
|
}
|
|
|
|
PHPAPI ps_module *_php_find_ps_module(char *name TSRMLS_DC)
|
|
{
|
|
ps_module *ret = NULL;
|
|
ps_module **mod;
|
|
int i;
|
|
|
|
for (i = 0, mod = ps_modules; i < MAX_MODULES; i++, mod++) {
|
|
if (*mod && !strcasecmp(name, (*mod)->s_name)) {
|
|
ret = *mod;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
PHPAPI const ps_serializer *_php_find_ps_serializer(char *name TSRMLS_DC)
|
|
{
|
|
const ps_serializer *ret = NULL;
|
|
const ps_serializer *mod;
|
|
|
|
for (mod = ps_serializers; mod->name; mod++) {
|
|
if (!strcasecmp(name, mod->name)) {
|
|
ret = mod;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
#define PPID2SID \
|
|
convert_to_string((*ppid)); \
|
|
PS(id) = estrndup(Z_STRVAL_PP(ppid), Z_STRLEN_PP(ppid))
|
|
|
|
static void php_session_reset_id(TSRMLS_D)
|
|
{
|
|
int module_number = PS(module_number);
|
|
|
|
if (PS(use_cookies) && PS(send_cookie)) {
|
|
php_session_send_cookie(TSRMLS_C);
|
|
PS(send_cookie) = 0;
|
|
}
|
|
|
|
/* if the SID constant exists, destroy it. */
|
|
zend_ascii_hash_del(EG(zend_constants), "sid", sizeof("sid"));
|
|
|
|
if (PS(define_sid)) {
|
|
smart_str var = {0};
|
|
|
|
smart_str_appends(&var, PS(session_name));
|
|
smart_str_appendc(&var, '=');
|
|
smart_str_appends(&var, PS(id));
|
|
smart_str_0(&var);
|
|
REGISTER_STRINGL_CONSTANT("SID", var.c, var.len, 0);
|
|
} else {
|
|
REGISTER_STRINGL_CONSTANT("SID", STR_EMPTY_ALLOC(), 0, 0);
|
|
}
|
|
|
|
if (PS(apply_trans_sid)) {
|
|
php_url_scanner_reset_vars(TSRMLS_C);
|
|
php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), PS(id), strlen(PS(id)), 1 TSRMLS_CC);
|
|
}
|
|
}
|
|
|
|
PHPAPI void php_session_start(TSRMLS_D)
|
|
{
|
|
zval **ppid;
|
|
zval **data;
|
|
char *p;
|
|
int nrand;
|
|
int lensess;
|
|
|
|
PS(apply_trans_sid) = PS(use_trans_sid);
|
|
|
|
PS(define_sid) = 1;
|
|
PS(send_cookie) = 1;
|
|
if (PS(session_status) != php_session_none) {
|
|
|
|
if (PS(session_status) == php_session_disabled) {
|
|
char *value;
|
|
|
|
value = zend_ini_string("session.save_handler", sizeof("session.save_handler"), 0);
|
|
|
|
if (value) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find save handler %s", value);
|
|
} else {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find unknown save handler");
|
|
}
|
|
return;
|
|
}
|
|
|
|
php_error(E_NOTICE, "A session had already been started - ignoring session_start()");
|
|
return;
|
|
}
|
|
|
|
lensess = strlen(PS(session_name));
|
|
|
|
|
|
/*
|
|
* Cookies are preferred, because initially
|
|
* cookie and get variables will be available.
|
|
*/
|
|
|
|
if (!PS(id)) {
|
|
if (PS(use_cookies) && zend_ascii_hash_find(&EG(symbol_table), "_COOKIE",
|
|
sizeof("_COOKIE"), (void **) &data) == SUCCESS &&
|
|
Z_TYPE_PP(data) == IS_ARRAY &&
|
|
zend_ascii_hash_find(Z_ARRVAL_PP(data), PS(session_name),
|
|
lensess + 1, (void **) &ppid) == SUCCESS) {
|
|
PPID2SID;
|
|
PS(apply_trans_sid) = 0;
|
|
PS(send_cookie) = 0;
|
|
PS(define_sid) = 0;
|
|
}
|
|
|
|
if (!PS(use_only_cookies) && !PS(id) &&
|
|
zend_ascii_hash_find(&EG(symbol_table), "_GET",
|
|
sizeof("_GET"), (void **) &data) == SUCCESS &&
|
|
Z_TYPE_PP(data) == IS_ARRAY &&
|
|
zend_rt_hash_find(Z_ARRVAL_PP(data), PS(session_name),
|
|
lensess + 1, (void **) &ppid) == SUCCESS) {
|
|
PPID2SID;
|
|
PS(send_cookie) = 0;
|
|
}
|
|
|
|
if (!PS(use_only_cookies) && !PS(id) &&
|
|
zend_ascii_hash_find(&EG(symbol_table), "_POST",
|
|
sizeof("_POST"), (void **) &data) == SUCCESS &&
|
|
Z_TYPE_PP(data) == IS_ARRAY &&
|
|
zend_rt_hash_find(Z_ARRVAL_PP(data), PS(session_name),
|
|
lensess + 1, (void **) &ppid) == SUCCESS) {
|
|
PPID2SID;
|
|
PS(send_cookie) = 0;
|
|
}
|
|
}
|
|
|
|
/* check the REQUEST_URI symbol for a string of the form
|
|
'<session-name>=<session-id>' to allow URLs of the form
|
|
http://yoursite/<session-name>=<session-id>/script.php */
|
|
|
|
if (!PS(use_only_cookies) && !PS(id) && PG(http_globals)[TRACK_VARS_SERVER] &&
|
|
zend_ascii_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "REQUEST_URI",
|
|
sizeof("REQUEST_URI"), (void **) &data) == SUCCESS &&
|
|
Z_TYPE_PP(data) == IS_STRING &&
|
|
(p = strstr(Z_STRVAL_PP(data), PS(session_name))) &&
|
|
p[lensess] == '=') {
|
|
char *q;
|
|
|
|
p += lensess + 1;
|
|
if ((q = strpbrk(p, "/?\\"))) {
|
|
PS(id) = estrndup(p, q - p);
|
|
}
|
|
}
|
|
|
|
/* check whether the current request was referred to by
|
|
an external site which invalidates the previously found id */
|
|
|
|
if (PS(id) &&
|
|
PS(extern_referer_chk)[0] != '\0' &&
|
|
PG(http_globals)[TRACK_VARS_SERVER] &&
|
|
zend_hash_find(Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_SERVER]), "HTTP_REFERER",
|
|
sizeof("HTTP_REFERER"), (void **) &data) == SUCCESS &&
|
|
Z_TYPE_PP(data) == IS_STRING &&
|
|
Z_STRLEN_PP(data) != 0 &&
|
|
strstr(Z_STRVAL_PP(data), PS(extern_referer_chk)) == NULL) {
|
|
efree(PS(id));
|
|
PS(id) = NULL;
|
|
PS(send_cookie) = 1;
|
|
if (PS(use_trans_sid)) {
|
|
PS(apply_trans_sid) = 1;
|
|
}
|
|
}
|
|
|
|
php_session_initialize(TSRMLS_C);
|
|
|
|
if (!PS(use_cookies) && PS(send_cookie)) {
|
|
if (PS(use_trans_sid)) {
|
|
PS(apply_trans_sid) = 1;
|
|
}
|
|
PS(send_cookie) = 0;
|
|
}
|
|
|
|
php_session_reset_id(TSRMLS_C);
|
|
|
|
PS(session_status) = php_session_active;
|
|
|
|
php_session_cache_limiter(TSRMLS_C);
|
|
|
|
if (PS(mod_data) && PS(gc_probability) > 0) {
|
|
int nrdels = -1;
|
|
|
|
nrand = (int) ((float) PS(gc_divisor) * php_combined_lcg(TSRMLS_C));
|
|
if (nrand < PS(gc_probability)) {
|
|
PS(mod)->s_gc(&PS(mod_data), PS(gc_maxlifetime), &nrdels TSRMLS_CC);
|
|
#ifdef SESSION_DEBUG
|
|
if (nrdels != -1) {
|
|
php_error_docref(NULL TSRMLS_CC, E_NOTICE, "purged %d expired session objects", nrdels);
|
|
}
|
|
#endif
|
|
}
|
|
}
|
|
}
|
|
|
|
static void php_session_flush(TSRMLS_D)
|
|
{
|
|
if (PS(session_status) == php_session_active) {
|
|
PS(session_status) = php_session_none;
|
|
zend_try {
|
|
php_session_save_current_state(TSRMLS_C);
|
|
} zend_end_try();
|
|
}
|
|
}
|
|
|
|
|
|
PHPAPI void session_adapt_url(const char *url, size_t urllen, char **new, size_t *newlen TSRMLS_DC)
|
|
{
|
|
if (PS(apply_trans_sid) && (PS(session_status) == php_session_active)) {
|
|
*new = php_url_scanner_adapt_single_url(url, urllen, PS(session_name), PS(id), newlen TSRMLS_CC);
|
|
}
|
|
}
|
|
|
|
/* ********************************
|
|
* Userspace exported functions *
|
|
******************************** */
|
|
|
|
|
|
/* {{{ proto void session_set_cookie_params(int lifetime [, string path [, string domain [, bool secure[, bool httponly]]]]) U
|
|
Set session cookie parameters */
|
|
static PHP_FUNCTION(session_set_cookie_params)
|
|
{
|
|
/* lifetime is really a numeric, but the alter_ini_entry method wants a string */
|
|
char *lifetime, *path = NULL, *domain = NULL;
|
|
int lifetime_len, path_len, domain_len, argc = ZEND_NUM_ARGS();
|
|
zend_bool secure = 0, httponly = 0;
|
|
|
|
if (!PS(use_cookies) ||
|
|
zend_parse_parameters(argc TSRMLS_CC, "s|ssbb", &lifetime, &lifetime_len, &path, &path_len,
|
|
&domain, &domain_len, &secure, &httponly) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
zend_alter_ini_entry("session.cookie_lifetime", sizeof("session.cookie_lifetime"), lifetime, lifetime_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
|
|
if (path) {
|
|
zend_alter_ini_entry("session.cookie_path", sizeof("session.cookie_path"), path, path_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
if (domain) {
|
|
zend_alter_ini_entry("session.cookie_domain", sizeof("session.cookie_domain"), domain, domain_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
|
|
if (argc > 3) {
|
|
zend_alter_ini_entry("session.cookie_secure", sizeof("session.cookie_secure"), secure ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
if (argc > 4) {
|
|
zend_alter_ini_entry("session.cookie_httponly", sizeof("session.cookie_httponly"), httponly ? "1" : "0", 1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto array session_get_cookie_params(void) U
|
|
Return the session cookie parameters */
|
|
static PHP_FUNCTION(session_get_cookie_params)
|
|
{
|
|
if (ZEND_NUM_ARGS() != 0) {
|
|
WRONG_PARAM_COUNT;
|
|
}
|
|
|
|
array_init(return_value);
|
|
|
|
add_ascii_assoc_long(return_value, "lifetime", PS(cookie_lifetime));
|
|
add_ascii_assoc_rt_string(return_value, "path", PS(cookie_path), 1);
|
|
add_ascii_assoc_rt_string(return_value, "domain", PS(cookie_domain), 1);
|
|
add_ascii_assoc_bool(return_value, "secure", PS(cookie_secure));
|
|
add_ascii_assoc_bool(return_value, "httponly", PS(cookie_httponly));
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_name([string newname]) U
|
|
Return the current session name. If newname is given, the session name is replaced with newname */
|
|
static PHP_FUNCTION(session_name)
|
|
{
|
|
char *name = NULL;
|
|
int name_len;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s&", &name, &name_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
RETVAL_UTF8_STRING(PS(session_name), ZSTR_DUPLICATE);
|
|
|
|
if (name) {
|
|
zend_alter_ini_entry("session.name", sizeof("session.name"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_module_name([string newname]) U
|
|
Return the current module name used for accessing session data. If newname is given, the module name is replaced with newname */
|
|
static PHP_FUNCTION(session_module_name)
|
|
{
|
|
char *name = NULL;
|
|
int name_len;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s&", &name, &name_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
/* Set return_value to current module name */
|
|
if (PS(mod) && PS(mod)->s_name) {
|
|
RETVAL_UTF8_STRING((char*)PS(mod)->s_name, ZSTR_DUPLICATE);
|
|
} else {
|
|
RETVAL_EMPTY_STRING();
|
|
}
|
|
|
|
if (name) {
|
|
if (!_php_find_ps_module(name TSRMLS_CC)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot find named PHP session module (%s)", name);
|
|
|
|
zval_dtor(return_value);
|
|
RETURN_FALSE;
|
|
}
|
|
if (PS(mod_data)) {
|
|
PS(mod)->s_close(&PS(mod_data) TSRMLS_CC);
|
|
}
|
|
PS(mod_data) = NULL;
|
|
|
|
zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto void session_set_save_handler(string open, string close, string read, string write, string destroy, string gc) U
|
|
Sets user-level functions */
|
|
static PHP_FUNCTION(session_set_save_handler)
|
|
{
|
|
zval **args[6];
|
|
int i;
|
|
ps_user *mdata;
|
|
zval name;
|
|
|
|
if (PS(session_status) != php_session_none) {
|
|
RETURN_FALSE;
|
|
}
|
|
|
|
if (ZEND_NUM_ARGS() != 6 || zend_get_parameters_array_ex(6, args) == FAILURE) {
|
|
WRONG_PARAM_COUNT;
|
|
}
|
|
|
|
|
|
for (i = 0; i < 6; i++) {
|
|
if (!zend_is_callable(*args[i], 0, &name)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Argument %d is not a valid callback", i+1);
|
|
zval_dtor(&name);
|
|
RETURN_FALSE;
|
|
}
|
|
zval_dtor(&name);
|
|
}
|
|
|
|
zend_alter_ini_entry("session.save_handler", sizeof("session.save_handler"), "user", sizeof("user")-1, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
|
|
mdata = emalloc(sizeof(*mdata));
|
|
|
|
for (i = 0; i < 6; i++) {
|
|
ZVAL_ADDREF(*args[i]);
|
|
mdata->names[i] = *args[i];
|
|
}
|
|
|
|
PS(mod_data) = (void *) mdata;
|
|
|
|
RETURN_TRUE;
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_save_path([string newname]) U
|
|
Return the current save path passed to module_name. If newname is given, the save path is replaced with newname */
|
|
static PHP_FUNCTION(session_save_path)
|
|
{
|
|
char *name;
|
|
int name_len;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s&", &name, &name_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
RETVAL_UTF8_STRING(PS(save_path), ZSTR_DUPLICATE);
|
|
|
|
if (name) {
|
|
if (memchr(name, '\0', name_len) != NULL) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "The save_path cannot contain NULL characters.");
|
|
|
|
zval_dtor(return_value);
|
|
RETURN_FALSE;
|
|
}
|
|
zend_alter_ini_entry("session.save_path", sizeof("session.save_path"), name, name_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_id([string newid]) U
|
|
Return the current session id. If newid is given, the session id is replaced with newid */
|
|
static PHP_FUNCTION(session_id)
|
|
{
|
|
zstr name = NULL_ZSTR;
|
|
int name_len;
|
|
zend_uchar name_type;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|t", &name, &name_len, &name_type) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
if (name.v) {
|
|
char *old = PS(id);
|
|
|
|
if (name_type == IS_STRING) {
|
|
PS(id) = estrndup(name.s, name_len);
|
|
} else {
|
|
/* IS_UNICODE */
|
|
char *id = NULL;
|
|
int id_len;
|
|
UErrorCode status = U_ZERO_ERROR;
|
|
|
|
zend_unicode_to_string_ex(ZEND_U_CONVERTER(UG(runtime_encoding_conv)), &id, &id_len, name.u, name_len, &status);
|
|
|
|
if (U_SUCCESS(status) && id) {
|
|
PS(id) = id;
|
|
} else {
|
|
if (id) {
|
|
efree(id);
|
|
}
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session ID must be either binary or a unicode string made up exclusively of ASCII");
|
|
RETURN_FALSE;
|
|
}
|
|
}
|
|
|
|
if (old) {
|
|
RETURN_STRING(old, 0);
|
|
} else {
|
|
RETURN_EMPTY_STRING();
|
|
}
|
|
} else if (PS(id)) {
|
|
RETURN_STRING(PS(id), 1);
|
|
} else {
|
|
RETURN_EMPTY_STRING();
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto bool session_regenerate_id([bool delete_old_session]) U
|
|
Update the current session id with a newly generated one. If delete_old_session is set to true, remove the old session. */
|
|
static PHP_FUNCTION(session_regenerate_id)
|
|
{
|
|
zend_bool del_ses = 0;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|b", &del_ses) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
if (SG(headers_sent)) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot regenerate session id - headers already sent");
|
|
RETURN_FALSE;
|
|
}
|
|
|
|
if (PS(session_status) == php_session_active) {
|
|
if (PS(id)) {
|
|
if (del_ses && PS(mod)->s_destroy(&PS(mod_data), PS(id) TSRMLS_CC) == FAILURE) {
|
|
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Session object destruction failed");
|
|
RETURN_FALSE;
|
|
}
|
|
efree(PS(id));
|
|
PS(id) = NULL;
|
|
}
|
|
|
|
PS(id) = PS(mod)->s_create_sid(&PS(mod_data), NULL TSRMLS_CC);
|
|
|
|
PS(send_cookie) = 1;
|
|
php_session_reset_id(TSRMLS_C);
|
|
|
|
RETURN_TRUE;
|
|
}
|
|
RETURN_FALSE;
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_cache_limiter([string new_cache_limiter]) U
|
|
Return the current cache limiter. If new_cache_limited is given, the current cache_limiter is replaced with new_cache_limiter */
|
|
static PHP_FUNCTION(session_cache_limiter)
|
|
{
|
|
char *limiter;
|
|
int limiter_len;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s&", &limiter, &limiter_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
RETVAL_UTF8_STRING(PS(cache_limiter), 1);
|
|
|
|
if (limiter) {
|
|
zend_alter_ini_entry("session.cache_limiter", sizeof("session.cache_limiter"), limiter, limiter_len, PHP_INI_USER, PHP_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto int session_cache_expire([int new_cache_expire]) U
|
|
Return the current cache expire. If new_cache_expire is given, the current cache_expire is replaced with new_cache_expire */
|
|
static PHP_FUNCTION(session_cache_expire)
|
|
{
|
|
/* Expires is really a numeric, but the alter_ini_entry method wants a string */
|
|
char *expires;
|
|
int expires_len;
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s&", &expires, &expires_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
RETVAL_LONG(PS(cache_expire));
|
|
|
|
if (expires) {
|
|
zend_alter_ini_entry("session.cache_expire", sizeof("session.cache_expire"), expires, expires_len, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ static void php_register_var(zval** entry TSRMLS_DC) */
|
|
static void php_register_var(zval** entry TSRMLS_DC)
|
|
{
|
|
zval **value;
|
|
|
|
if (Z_TYPE_PP(entry) == IS_ARRAY) {
|
|
zend_hash_internal_pointer_reset(Z_ARRVAL_PP(entry));
|
|
|
|
while (zend_hash_get_current_data(Z_ARRVAL_PP(entry), (void**)&value) == SUCCESS) {
|
|
php_register_var(value TSRMLS_CC);
|
|
zend_hash_move_forward(Z_ARRVAL_PP(entry));
|
|
}
|
|
} else {
|
|
convert_to_string_ex(entry);
|
|
|
|
if (strcmp(Z_STRVAL_PP(entry), "_SESSION") != 0) {
|
|
PS_ADD_VARL(Z_STRVAL_PP(entry), Z_STRLEN_PP(entry));
|
|
}
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto string session_encode(void) U
|
|
Serializes the current setup and returns the serialized representation */
|
|
static PHP_FUNCTION(session_encode)
|
|
{
|
|
int len;
|
|
char *enc;
|
|
|
|
if (ZEND_NUM_ARGS() != 0) {
|
|
WRONG_PARAM_COUNT;
|
|
}
|
|
|
|
enc = php_session_encode(&len TSRMLS_CC);
|
|
if (enc == NULL) {
|
|
RETURN_FALSE;
|
|
}
|
|
|
|
RETVAL_UTF8_STRINGL(enc, len, ZSTR_AUTOFREE);
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto bool session_decode(string data) U
|
|
Deserializes data and reinitializes the variables */
|
|
static PHP_FUNCTION(session_decode)
|
|
{
|
|
char *str;
|
|
int str_len;
|
|
|
|
if (PS(session_status) == php_session_none) {
|
|
RETURN_FALSE;
|
|
}
|
|
|
|
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s&", &str, &str_len, UG(utf8_conv)) == FAILURE) {
|
|
return;
|
|
}
|
|
|
|
php_session_decode(str, str_len TSRMLS_CC);
|
|
|
|
RETURN_TRUE;
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto bool session_start(void) U
|
|
Begin session - reinitializes freezed variables, registers browsers etc */
|
|
static PHP_FUNCTION(session_start)
|
|
{
|
|
/* skipping check for non-zero args for performance reasons here ?*/
|
|
php_session_start(TSRMLS_C);
|
|
RETURN_TRUE;
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto bool session_destroy(void) U
|
|
Destroy the current session and all data associated with it */
|
|
static PHP_FUNCTION(session_destroy)
|
|
{
|
|
if (ZEND_NUM_ARGS() != 0) {
|
|
WRONG_PARAM_COUNT;
|
|
}
|
|
|
|
RETURN_BOOL(php_session_destroy(TSRMLS_C) == SUCCESS);
|
|
}
|
|
/* }}} */
|
|
|
|
|
|
/* {{{ proto void session_unset(void) U
|
|
Unset all registered variables */
|
|
static PHP_FUNCTION(session_unset)
|
|
{
|
|
if (PS(session_status) == php_session_none) {
|
|
RETURN_FALSE;
|
|
}
|
|
|
|
IF_SESSION_VARS() {
|
|
HashTable *ht = Z_ARRVAL_P(PS(http_session_vars));
|
|
|
|
/* Clean $_SESSION. */
|
|
zend_hash_clean(ht);
|
|
}
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ proto void session_write_close(void) U
|
|
Write session data and end session */
|
|
static PHP_FUNCTION(session_write_close)
|
|
{
|
|
php_session_flush(TSRMLS_C);
|
|
}
|
|
/* }}} */
|
|
|
|
/* {{{ session_functions[]
|
|
*/
|
|
static zend_function_entry session_functions[] = {
|
|
PHP_FE(session_name, NULL)
|
|
PHP_FE(session_module_name, NULL)
|
|
PHP_FE(session_save_path, NULL)
|
|
PHP_FE(session_id, NULL)
|
|
PHP_FE(session_regenerate_id, NULL)
|
|
PHP_FE(session_decode, NULL)
|
|
PHP_FE(session_encode, NULL)
|
|
PHP_FE(session_start, NULL)
|
|
PHP_FE(session_destroy, NULL)
|
|
PHP_FE(session_unset, NULL)
|
|
PHP_FE(session_set_save_handler, NULL)
|
|
PHP_FE(session_cache_limiter, NULL)
|
|
PHP_FE(session_cache_expire, NULL)
|
|
PHP_FE(session_set_cookie_params, NULL)
|
|
PHP_FE(session_get_cookie_params, NULL)
|
|
PHP_FE(session_write_close, NULL)
|
|
|
|
PHP_FALIAS(session_commit, session_write_close, NULL)
|
|
{NULL, NULL, NULL}
|
|
};
|
|
/* }}} */
|
|
|
|
|
|
/* ********************************
|
|
* Module Setup and Destruction *
|
|
******************************** */
|
|
|
|
static PHP_RINIT_FUNCTION(session)
|
|
{
|
|
php_rinit_session_globals(TSRMLS_C);
|
|
|
|
if (PS(mod) == NULL) {
|
|
char *value;
|
|
|
|
value = zend_ini_string("session.save_handler", sizeof("session.save_handler"), 0);
|
|
if (value) {
|
|
PS(mod) = _php_find_ps_module(value TSRMLS_CC);
|
|
}
|
|
|
|
if (!PS(mod)) {
|
|
/* current status is unusable */
|
|
PS(session_status) = php_session_disabled;
|
|
return SUCCESS;
|
|
}
|
|
}
|
|
|
|
if (PS(auto_start)) {
|
|
php_session_start(TSRMLS_C);
|
|
}
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_RSHUTDOWN_FUNCTION(session)
|
|
{
|
|
php_session_flush(TSRMLS_C);
|
|
php_rshutdown_session_globals(TSRMLS_C);
|
|
|
|
return SUCCESS;
|
|
}
|
|
/* }}} */
|
|
|
|
static PHP_GINIT_FUNCTION(ps)
|
|
{
|
|
ps_globals->save_path = NULL;
|
|
ps_globals->session_name = NULL;
|
|
ps_globals->id = NULL;
|
|
ps_globals->mod = NULL;
|
|
ps_globals->mod_data = NULL;
|
|
ps_globals->session_status = php_session_none;
|
|
ps_globals->http_session_vars = NULL;
|
|
}
|
|
|
|
static PHP_MINIT_FUNCTION(session)
|
|
{
|
|
zend_register_auto_global("_SESSION", sizeof("_SESSION")-1, NULL TSRMLS_CC);
|
|
|
|
PS(module_number) = module_number; /* if we really need this var we need to init it in zts mode as well! */
|
|
|
|
PS(session_status) = php_session_none;
|
|
REGISTER_INI_ENTRIES();
|
|
|
|
#ifdef HAVE_LIBMM
|
|
PHP_MINIT(ps_mm) (INIT_FUNC_ARGS_PASSTHRU);
|
|
#endif
|
|
return SUCCESS;
|
|
}
|
|
|
|
static PHP_MSHUTDOWN_FUNCTION(session)
|
|
{
|
|
UNREGISTER_INI_ENTRIES();
|
|
|
|
#ifdef HAVE_LIBMM
|
|
PHP_MSHUTDOWN(ps_mm) (SHUTDOWN_FUNC_ARGS_PASSTHRU);
|
|
#endif
|
|
|
|
ps_serializers[PREDEFINED_SERIALIZERS].name = NULL;
|
|
memset(&ps_modules[PREDEFINED_MODULES], 0, (MAX_MODULES-PREDEFINED_MODULES)*sizeof(ps_module *));
|
|
|
|
return SUCCESS;
|
|
}
|
|
|
|
|
|
static PHP_MINFO_FUNCTION(session)
|
|
{
|
|
ps_module **mod;
|
|
ps_serializer *ser;
|
|
smart_str save_handlers = {0};
|
|
smart_str ser_handlers = {0};
|
|
int i;
|
|
|
|
/* Get save handlers */
|
|
for (i = 0, mod = ps_modules; i < MAX_MODULES; i++, mod++) {
|
|
if (*mod && (*mod)->s_name) {
|
|
smart_str_appends(&save_handlers, (*mod)->s_name);
|
|
smart_str_appendc(&save_handlers, ' ');
|
|
}
|
|
}
|
|
|
|
/* Get serializer handlers */
|
|
for (i = 0, ser = ps_serializers; i < MAX_SERIALIZERS; i++, ser++) {
|
|
if (ser && ser->name) {
|
|
smart_str_appends(&ser_handlers, ser->name);
|
|
smart_str_appendc(&ser_handlers, ' ');
|
|
}
|
|
}
|
|
|
|
php_info_print_table_start();
|
|
php_info_print_table_row(2, "Session Support", "enabled" );
|
|
|
|
if (save_handlers.c) {
|
|
smart_str_0(&save_handlers);
|
|
php_info_print_table_row(2, "Registered save handlers", save_handlers.c);
|
|
smart_str_free(&save_handlers);
|
|
} else {
|
|
php_info_print_table_row(2, "Registered save handlers", "none");
|
|
}
|
|
|
|
if (ser_handlers.c) {
|
|
smart_str_0(&ser_handlers);
|
|
php_info_print_table_row(2, "Registered serializer handlers", ser_handlers.c);
|
|
smart_str_free(&ser_handlers);
|
|
} else {
|
|
php_info_print_table_row(2, "Registered serializer handlers", "none");
|
|
}
|
|
|
|
php_info_print_table_end();
|
|
|
|
DISPLAY_INI_ENTRIES();
|
|
}
|
|
|
|
zend_module_entry session_module_entry = {
|
|
STANDARD_MODULE_HEADER,
|
|
"session",
|
|
session_functions,
|
|
PHP_MINIT(session), PHP_MSHUTDOWN(session),
|
|
PHP_RINIT(session), PHP_RSHUTDOWN(session),
|
|
PHP_MINFO(session),
|
|
NO_VERSION_YET,
|
|
PHP_MODULE_GLOBALS(ps),
|
|
PHP_GINIT(ps),
|
|
NULL,
|
|
NULL,
|
|
STANDARD_MODULE_PROPERTIES_EX
|
|
};
|
|
|
|
#ifdef COMPILE_DL_SESSION
|
|
ZEND_GET_MODULE(session)
|
|
#endif
|
|
|
|
|
|
/*
|
|
* Local variables:
|
|
* tab-width: 4
|
|
* c-basic-offset: 4
|
|
* End:
|
|
* vim600: noet sw=4 ts=4 fdm=marker
|
|
* vim<600: sw=4 ts=4
|
|
*/
|