PluginProbe ʕ •ᴥ•ʔ
Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution / trunk
Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution vtrunk
trunk 4.1.5 4.1.6 5.0 5.2.13 5.2.14 5.3.0 5.3.1 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.4.0 5.4.1 5.4.10 5.4.11 5.4.12 5.4.2 5.4.3 5.4.4 5.4.5 5.4.6 5.4.7 5.4.8
file-manager-advanced / application / library / php / elFinderSession.php
file-manager-advanced / application / library / php Last commit date
.tmp 10 months ago editors 4 weeks ago libs 7 years ago plugins 3 years ago resources 7 years ago MySQLStorage.sql 1 year ago autoload.php 10 months ago connector.maximal.php-dist 1 year ago connector.minimal.php-dist 1 year ago elFinder.class.php 4 weeks ago elFinderConnector.class.php 4 weeks ago elFinderFlysystemGoogleDriveNetmount.php 5 years ago elFinderPlugin.php 7 years ago elFinderSession.php 4 years ago elFinderSessionInterface.php 7 years ago elFinderVolumeBox.class.php 5 years ago elFinderVolumeDriver.class.php 4 weeks ago elFinderVolumeDropbox.class.php 1 year ago elFinderVolumeDropbox2.class.php 4 weeks ago elFinderVolumeFTP.class.php 5 years ago elFinderVolumeGoogleDrive.class.php 5 years ago elFinderVolumeGroup.class.php 7 years ago elFinderVolumeLocalFileSystem.class.php 2 years ago elFinderVolumeMySQL.class.php 10 months ago elFinderVolumeOneDrive.class.php 4 weeks ago elFinderVolumeSFTPphpseclib.class.php 4 weeks ago elFinderVolumeTrash.class.php 7 years ago elFinderVolumeTrashMySQL.class.php 7 years ago mime.types 3 years ago
elFinderSession.php
336 lines
1 <?php
2
3 /**
4 * elFinder - file manager for web.
5 * Session Wrapper Class.
6 *
7 * @package elfinder
8 * @author Naoki Sawada
9 **/
10
11 class elFinderSession implements elFinderSessionInterface
12 {
13 /**
14 * A flag of session started
15 *
16 * @var boolean
17 */
18 protected $started = false;
19
20 /**
21 * To fix PHP bug that duplicate Set-Cookie header to be sent
22 *
23 * @var boolean
24 * @see https://bugs.php.net/bug.php?id=75554
25 */
26 protected $fixCookieRegist = false;
27
28 /**
29 * Array of session keys of this instance
30 *
31 * @var array
32 */
33 protected $keys = array();
34
35 /**
36 * Is enabled base64encode
37 *
38 * @var boolean
39 */
40 protected $base64encode = false;
41
42 /**
43 * Default options array
44 *
45 * @var array
46 */
47 protected $opts = array(
48 'base64encode' => false,
49 'keys' => array(
50 'default' => 'elFinderCaches',
51 'netvolume' => 'elFinderNetVolumes'
52 ),
53 'cookieParams' => array()
54 );
55
56 /**
57 * Constractor
58 *
59 * @param array $opts The options
60 *
61 * @return self Instanse of this class
62 */
63 public function __construct($opts)
64 {
65 $this->opts = array_merge($this->opts, $opts);
66 $this->base64encode = !empty($this->opts['base64encode']);
67 $this->keys = $this->opts['keys'];
68 if (function_exists('apache_get_version') || $this->opts['cookieParams']) {
69 $this->fixCookieRegist = true;
70 }
71 }
72
73 /**
74 * {@inheritdoc}
75 */
76 public function get($key, $empty = null)
77 {
78 $closed = false;
79 if (!$this->started) {
80 $closed = true;
81 $this->start();
82 }
83
84 $data = null;
85
86 if ($this->started) {
87 $session =& $this->getSessionRef($key);
88 $data = $session;
89 if ($data && $this->base64encode) {
90 $data = $this->decodeData($data);
91 }
92 }
93
94 $checkFn = null;
95 if (!is_null($empty)) {
96 if (is_string($empty)) {
97 $checkFn = 'is_string';
98 } elseif (is_array($empty)) {
99 $checkFn = 'is_array';
100 } elseif (is_object($empty)) {
101 $checkFn = 'is_object';
102 } elseif (is_float($empty)) {
103 $checkFn = 'is_float';
104 } elseif (is_int($empty)) {
105 $checkFn = 'is_int';
106 }
107 }
108
109 if (is_null($data) || ($checkFn && !$checkFn($data))) {
110 $session = $data = $empty;
111 }
112
113 if ($closed) {
114 $this->close();
115 }
116
117 return $data;
118 }
119
120 /**
121 * {@inheritdoc}
122 */
123 public function start()
124 {
125 set_error_handler(array($this, 'session_start_error'), E_NOTICE | E_WARNING);
126
127 // apache2 SAPI has a bug of session cookie register
128 // see https://bugs.php.net/bug.php?id=75554
129 // see https://github.com/php/php-src/pull/3231
130 if ($this->fixCookieRegist === true) {
131 if ((int)ini_get('session.use_cookies') === 1) {
132 if (ini_set('session.use_cookies', 0) === false) {
133 $this->fixCookieRegist = false;
134 }
135 }
136 }
137
138 if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
139 if (session_status() !== PHP_SESSION_ACTIVE) {
140 session_start();
141 }
142 } else {
143 session_start();
144 }
145 $this->started = session_id() ? true : false;
146
147 restore_error_handler();
148
149 return $this;
150 }
151
152 /**
153 * Get variable reference of $_SESSION
154 *
155 * @param string $key key of $_SESSION array
156 *
157 * @return mixed|null
158 */
159 protected function & getSessionRef($key)
160 {
161 $session = null;
162 if ($this->started) {
163 list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
164 if (is_null($name)) {
165 if (!isset($this->keys[$cat])) {
166 $name = $cat;
167 $cat = 'default';
168 }
169 }
170 if (isset($this->keys[$cat])) {
171 $cat = $this->keys[$cat];
172 } else {
173 $name = $cat . '.' . $name;
174 $cat = $this->keys['default'];
175 }
176 if (is_null($name)) {
177 if (!isset($_SESSION[$cat])) {
178 $_SESSION[$cat] = null;
179 }
180 $session =& $_SESSION[$cat];
181 } else {
182 if (!isset($_SESSION[$cat]) || !is_array($_SESSION[$cat])) {
183 $_SESSION[$cat] = array();
184 }
185 if (!isset($_SESSION[$cat][$name])) {
186 $_SESSION[$cat][$name] = null;
187 }
188 $session =& $_SESSION[$cat][$name];
189 }
190 }
191 return $session;
192 }
193
194 /**
195 * base64 decode of session val
196 *
197 * @param $data
198 *
199 * @return bool|mixed|string|null
200 */
201 protected function decodeData($data)
202 {
203 if ($this->base64encode) {
204 if (is_string($data)) {
205 if (($data = base64_decode($data)) !== false) {
206 $data = unserialize($data);
207 } else {
208 $data = null;
209 }
210 } else {
211 $data = null;
212 }
213 }
214 return $data;
215 }
216
217 /**
218 * {@inheritdoc}
219 */
220 public function close()
221 {
222 if ($this->started) {
223 if ($this->fixCookieRegist === true) {
224 // regist cookie only once for apache2 SAPI
225 $cParm = session_get_cookie_params();
226 if ($this->opts['cookieParams'] && is_array($this->opts['cookieParams'])) {
227 $cParm = array_merge($cParm, $this->opts['cookieParams']);
228 }
229 if (version_compare(PHP_VERSION, '7.3', '<')) {
230 setcookie(session_name(), session_id(), 0, $cParm['path'] . (!empty($cParm['SameSite'])? '; SameSite=' . $cParm['SameSite'] : ''), $cParm['domain'], $cParm['secure'], $cParm['httponly']);
231 } else {
232 $allows = array('expires' => true, 'path' => true, 'domain' => true, 'secure' => true, 'httponly' => true, 'samesite' => true);
233 foreach(array_keys($cParm) as $_k) {
234 if (!isset($allows[$_k])) {
235 unset($cParm[$_k]);
236 }
237 }
238 setcookie(session_name(), session_id(), $cParm);
239 }
240 $this->fixCookieRegist = false;
241 }
242 session_write_close();
243 }
244 $this->started = false;
245
246 return $this;
247 }
248
249 /**
250 * {@inheritdoc}
251 */
252 public function set($key, $data)
253 {
254 $closed = false;
255 if (!$this->started) {
256 $closed = true;
257 $this->start();
258 }
259 $session =& $this->getSessionRef($key);
260 if ($this->base64encode) {
261 $data = $this->encodeData($data);
262 }
263 $session = $data;
264
265 if ($closed) {
266 $this->close();
267 }
268
269 return $this;
270 }
271
272 /**
273 * base64 encode for session val
274 *
275 * @param $data
276 *
277 * @return string
278 */
279 protected function encodeData($data)
280 {
281 if ($this->base64encode) {
282 $data = base64_encode(serialize($data));
283 }
284 return $data;
285 }
286
287 /**
288 * {@inheritdoc}
289 */
290 public function remove($key)
291 {
292 $closed = false;
293 if (!$this->started) {
294 $closed = true;
295 $this->start();
296 }
297
298 list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
299 if (is_null($name)) {
300 if (!isset($this->keys[$cat])) {
301 $name = $cat;
302 $cat = 'default';
303 }
304 }
305 if (isset($this->keys[$cat])) {
306 $cat = $this->keys[$cat];
307 } else {
308 $name = $cat . '.' . $name;
309 $cat = $this->keys['default'];
310 }
311 if (is_null($name)) {
312 unset($_SESSION[$cat]);
313 } else {
314 if (isset($_SESSION[$cat]) && is_array($_SESSION[$cat])) {
315 unset($_SESSION[$cat][$name]);
316 }
317 }
318
319 if ($closed) {
320 $this->close();
321 }
322
323 return $this;
324 }
325
326 /**
327 * sessioin error handler (Only for suppression of error at session start)
328 *
329 * @param $errno
330 * @param $errstr
331 */
332 protected function session_start_error($errno, $errstr)
333 {
334 }
335 }
336