PluginProbe ʕ •ᴥ•ʔ
File Manager Pro – Filester / 2.0
File Manager Pro – Filester v2.0
2.1.1 trunk 1.6.1 1.7.6 1.8 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 2.0 2.0.1 2.0.2 2.1.0
filester / includes / File_manager / lib / php / elFinderSession.php
filester / includes / File_manager / lib / php Last commit date
editors 9 months ago libs 9 months ago plugins 9 months ago resources 9 months ago MySQLStorage.sql 9 months ago autoload.php 9 months ago elFinder.class.php 9 months ago elFinderConnector.class.php 9 months ago elFinderFlysystemGoogleDriveNetmount.php 9 months ago elFinderPlugin.php 9 months ago elFinderSession.php 9 months ago elFinderSessionInterface.php 9 months ago elFinderVolumeBox.class.php 9 months ago elFinderVolumeDriver.class.php 9 months ago elFinderVolumeDropbox.class.php 9 months ago elFinderVolumeDropbox2.class.php 9 months ago elFinderVolumeFTP.class.php 9 months ago elFinderVolumeGoogleDrive.class.php 9 months ago elFinderVolumeGroup.class.php 9 months ago elFinderVolumeLocalFileSystem.class.php 9 months ago elFinderVolumeMySQL.class.php 9 months ago elFinderVolumeOneDrive.class.php 9 months ago elFinderVolumeSFTPphpseclib.class.php 9 months ago elFinderVolumeTrash.class.php 9 months ago elFinderVolumeTrashMySQL.class.php 9 months ago mime.types 9 months ago
elFinderSession.php
336 lines
1 <?php
2
3 /**
4 * elFinder - file manager for web.
5 * Session Wrapper Class.
6 *
7 * @package elfinder
8 * @author Naoki Sawada
9 **/
10
11 class elFinderSession implements elFinderSessionInterface
12 {
13 /**
14 * A flag of session started
15 *
16 * @var boolean
17 */
18 protected $started = false;
19
20 /**
21 * To fix PHP bug that duplicate Set-Cookie header to be sent
22 *
23 * @var boolean
24 * @see https://bugs.php.net/bug.php?id=75554
25 */
26 protected $fixCookieRegist = false;
27
28 /**
29 * Array of session keys of this instance
30 *
31 * @var array
32 */
33 protected $keys = array();
34
35 /**
36 * Is enabled base64encode
37 *
38 * @var boolean
39 */
40 protected $base64encode = false;
41
42 /**
43 * Default options array
44 *
45 * @var array
46 */
47 protected $opts = array(
48 'base64encode' => false,
49 'keys' => array(
50 'default' => 'elFinderCaches',
51 'netvolume' => 'elFinderNetVolumes'
52 ),
53 'cookieParams' => array()
54 );
55
56 /**
57 * Constractor
58 *
59 * @param array $opts The options
60 *
61 * @return self Instanse of this class
62 */
63 public function __construct($opts)
64 {
65 $this->opts = array_merge($this->opts, $opts);
66 $this->base64encode = !empty($this->opts['base64encode']);
67 $this->keys = $this->opts['keys'];
68 if (function_exists('apache_get_version') || $this->opts['cookieParams']) {
69 $this->fixCookieRegist = true;
70 }
71 }
72
73 /**
74 * {@inheritdoc}
75 */
76 public function get($key, $empty = null)
77 {
78 $closed = false;
79 if (!$this->started) {
80 $closed = true;
81 $this->start();
82 }
83
84 $data = null;
85
86 if ($this->started) {
87 $session =& $this->getSessionRef($key);
88 $data = $session;
89 if ($data && $this->base64encode) {
90 $data = $this->decodeData($data);
91 }
92 }
93
94 $checkFn = null;
95 if (!is_null($empty)) {
96 if (is_string($empty)) {
97 $checkFn = 'is_string';
98 } elseif (is_array($empty)) {
99 $checkFn = 'is_array';
100 } elseif (is_object($empty)) {
101 $checkFn = 'is_object';
102 } elseif (is_float($empty)) {
103 $checkFn = 'is_float';
104 } elseif (is_int($empty)) {
105 $checkFn = 'is_int';
106 }
107 }
108
109 if (is_null($data) || ($checkFn && !$checkFn($data))) {
110 $session = $data = $empty;
111 }
112
113 if ($closed) {
114 $this->close();
115 }
116
117 return $data;
118 }
119
120 /**
121 * {@inheritdoc}
122 */
123 public function start()
124 {
125 set_error_handler(array($this, 'session_start_error'), E_NOTICE | E_WARNING);
126
127 // apache2 SAPI has a bug of session cookie register
128 // see https://bugs.php.net/bug.php?id=75554
129 // see https://github.com/php/php-src/pull/3231
130 if ($this->fixCookieRegist === true) {
131 if ((int)ini_get('session.use_cookies') === 1) {
132 if (ini_set('session.use_cookies', 0) === false) {
133 $this->fixCookieRegist = false;
134 }
135 }
136 }
137
138 if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
139 if (session_status() !== PHP_SESSION_ACTIVE) {
140 session_start();
141 }
142 } else {
143 session_start();
144 }
145 $this->started = session_id() ? true : false;
146
147 restore_error_handler();
148
149 return $this;
150 }
151
152 /**
153 * Get variable reference of $_SESSION
154 *
155 * @param string $key key of $_SESSION array
156 *
157 * @return mixed|null
158 */
159 protected function & getSessionRef($key)
160 {
161 $session = null;
162 if ($this->started) {
163 list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
164 if (is_null($name)) {
165 if (!isset($this->keys[$cat])) {
166 $name = $cat;
167 $cat = 'default';
168 }
169 }
170 if (isset($this->keys[$cat])) {
171 $cat = $this->keys[$cat];
172 } else {
173 $name = $cat . '.' . $name;
174 $cat = $this->keys['default'];
175 }
176 if (is_null($name)) {
177 if (!isset($_SESSION[$cat])) {
178 $_SESSION[$cat] = null;
179 }
180 $session =& $_SESSION[$cat];
181 } else {
182 if (!isset($_SESSION[$cat]) || !is_array($_SESSION[$cat])) {
183 $_SESSION[$cat] = array();
184 }
185 if (!isset($_SESSION[$cat][$name])) {
186 $_SESSION[$cat][$name] = null;
187 }
188 $session =& $_SESSION[$cat][$name];
189 }
190 }
191 return $session;
192 }
193
194 /**
195 * base64 decode of session val
196 *
197 * @param $data
198 *
199 * @return bool|mixed|string|null
200 */
201 protected function decodeData($data)
202 {
203 if ($this->base64encode) {
204 if (is_string($data)) {
205 if (($data = base64_decode($data)) !== false) {
206 $data = unserialize($data);
207 } else {
208 $data = null;
209 }
210 } else {
211 $data = null;
212 }
213 }
214 return $data;
215 }
216
217 /**
218 * {@inheritdoc}
219 */
220 public function close()
221 {
222 if ($this->started) {
223 if ($this->fixCookieRegist === true) {
224 // regist cookie only once for apache2 SAPI
225 $cParm = session_get_cookie_params();
226 if ($this->opts['cookieParams'] && is_array($this->opts['cookieParams'])) {
227 $cParm = array_merge($cParm, $this->opts['cookieParams']);
228 }
229 if (version_compare(PHP_VERSION, '7.3', '<')) {
230 setcookie(session_name(), session_id(), 0, $cParm['path'] . (!empty($cParm['SameSite'])? '; SameSite=' . $cParm['SameSite'] : ''), $cParm['domain'], $cParm['secure'], $cParm['httponly']);
231 } else {
232 $allows = array('expires' => true, 'path' => true, 'domain' => true, 'secure' => true, 'httponly' => true, 'samesite' => true);
233 foreach(array_keys($cParm) as $_k) {
234 if (!isset($allows[$_k])) {
235 unset($cParm[$_k]);
236 }
237 }
238 setcookie(session_name(), session_id(), $cParm);
239 }
240 $this->fixCookieRegist = false;
241 }
242 session_write_close();
243 }
244 $this->started = false;
245
246 return $this;
247 }
248
249 /**
250 * {@inheritdoc}
251 */
252 public function set($key, $data)
253 {
254 $closed = false;
255 if (!$this->started) {
256 $closed = true;
257 $this->start();
258 }
259 $session =& $this->getSessionRef($key);
260 if ($this->base64encode) {
261 $data = $this->encodeData($data);
262 }
263 $session = $data;
264
265 if ($closed) {
266 $this->close();
267 }
268
269 return $this;
270 }
271
272 /**
273 * base64 encode for session val
274 *
275 * @param $data
276 *
277 * @return string
278 */
279 protected function encodeData($data)
280 {
281 if ($this->base64encode) {
282 $data = base64_encode(serialize($data));
283 }
284 return $data;
285 }
286
287 /**
288 * {@inheritdoc}
289 */
290 public function remove($key)
291 {
292 $closed = false;
293 if (!$this->started) {
294 $closed = true;
295 $this->start();
296 }
297
298 list($cat, $name) = array_pad(explode('.', $key, 2), 2, null);
299 if (is_null($name)) {
300 if (!isset($this->keys[$cat])) {
301 $name = $cat;
302 $cat = 'default';
303 }
304 }
305 if (isset($this->keys[$cat])) {
306 $cat = $this->keys[$cat];
307 } else {
308 $name = $cat . '.' . $name;
309 $cat = $this->keys['default'];
310 }
311 if (is_null($name)) {
312 unset($_SESSION[$cat]);
313 } else {
314 if (isset($_SESSION[$cat]) && is_array($_SESSION[$cat])) {
315 unset($_SESSION[$cat][$name]);
316 }
317 }
318
319 if ($closed) {
320 $this->close();
321 }
322
323 return $this;
324 }
325
326 /**
327 * sessioin error handler (Only for suppression of error at session start)
328 *
329 * @param $errno
330 * @param $errstr
331 */
332 protected function session_start_error($errno, $errstr)
333 {
334 }
335 }
336