PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.0.7
GiveWP – Donation Plugin and Fundraising Platform v2.0.7
4.16.3 4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / class-give-session.php
give / includes Last commit date
admin 7 years ago api 7 years ago deprecated 7 years ago donors 7 years ago emails 7 years ago forms 7 years ago gateways 7 years ago libraries 7 years ago payments 7 years ago actions.php 7 years ago ajax-functions.php 7 years ago class-give-async-process.php 7 years ago class-give-background-updater.php 7 years ago class-give-cache.php 7 years ago class-give-cli-commands.php 7 years ago class-give-cron.php 7 years ago class-give-db-donor-meta.php 7 years ago class-give-db-donors.php 7 years ago class-give-db-form-meta.php 7 years ago class-give-db-logs-meta.php 7 years ago class-give-db-logs.php 7 years ago class-give-db-meta.php 7 years ago class-give-db-payment-meta.php 7 years ago class-give-db.php 7 years ago class-give-donate-form.php 7 years ago class-give-donor.php 7 years ago class-give-email-access.php 7 years ago class-give-gravatars.php 7 years ago class-give-html-elements.php 7 years ago class-give-license-handler.php 7 years ago class-give-logging.php 7 years ago class-give-roles.php 7 years ago class-give-session.php 7 years ago class-give-stats.php 7 years ago class-give-template-loader.php 7 years ago class-give-tooltips.php 7 years ago class-give-translation.php 7 years ago class-notices.php 7 years ago country-functions.php 7 years ago currency-functions.php 7 years ago error-tracking.php 7 years ago filters.php 7 years ago formatting.php 7 years ago import-functions.php 7 years ago install.php 7 years ago login-register.php 7 years ago misc-functions.php 7 years ago plugin-compatibility.php 7 years ago post-types.php 7 years ago price-functions.php 7 years ago process-donation.php 7 years ago scripts.php 7 years ago shortcodes.php 7 years ago template-functions.php 7 years ago user-functions.php 7 years ago
class-give-session.php
434 lines
1 <?php
2 /**
3 * Session
4 *
5 * @package Give
6 * @subpackage Classes/Give_Session
7 * @copyright Copyright (c) 2016, WordImpress
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Give_Session Class
19 *
20 * This is a wrapper class for WP_Session / PHP $_SESSION and handles the storage of Give sessions.
21 *
22 * @since 1.0
23 */
24 class Give_Session {
25
26 /**
27 * Holds our session data
28 *
29 * @since 1.0
30 * @access private
31 *
32 * @var WP_Session/array
33 */
34 private $session;
35
36 /**
37 * Whether to use PHP $_SESSION or WP_Session
38 *
39 * @since 1.0
40 * @access private
41 *
42 * @var bool
43 */
44 private $use_php_sessions = false;
45
46 /**
47 * Expiration Time
48 *
49 * @since 1.0
50 * @access private
51 *
52 * @var int
53 */
54 private $exp_option = false;
55
56 /**
57 * Session index prefix
58 *
59 * @since 1.0
60 * @access private
61 *
62 * @var string
63 */
64 private $prefix = '';
65
66 /**
67 * Class Constructor
68 *
69 * Defines our session constants, includes the necessary libraries and retrieves the session instance.
70 *
71 * @since 1.0
72 * @access public
73 */
74 public function __construct() {
75
76 $this->use_php_sessions = $this->use_php_sessions();
77 $this->exp_option = give_get_option( 'session_lifetime' );
78
79 // PHP Sessions.
80 if ( $this->use_php_sessions ) {
81
82 if ( is_multisite() ) {
83
84 $this->prefix = '_' . get_current_blog_id();
85
86 }
87
88 add_action( 'init', array( $this, 'maybe_start_session' ), - 2 );
89
90 } else {
91
92 if ( ! $this->should_start_session() ) {
93 return;
94 }
95
96 // Use WP_Session.
97 if ( ! defined( 'WP_SESSION_COOKIE' ) ) {
98 define( 'WP_SESSION_COOKIE', 'give_wp_session' );
99 }
100
101 if ( ! class_exists( 'Recursive_ArrayAccess' ) ) {
102 require_once GIVE_PLUGIN_DIR . 'includes/libraries/sessions/class-recursive-arrayaccess.php';
103 }
104
105 // Include utilities class
106 if ( ! class_exists( 'WP_Session_Utils' ) ) {
107 require_once GIVE_PLUGIN_DIR . 'includes/libraries/sessions/class-wp-session-utils.php';
108 }
109 if ( ! class_exists( 'WP_Session' ) ) {
110 require_once GIVE_PLUGIN_DIR . 'includes/libraries/sessions/class-wp-session.php';
111 require_once GIVE_PLUGIN_DIR . 'includes/libraries/sessions/wp-session.php';
112 }
113
114 add_filter( 'wp_session_expiration_variant', array( $this, 'set_expiration_variant_time' ), 99999 );
115 add_filter( 'wp_session_expiration', array( $this, 'set_expiration_time' ), 99999 );
116
117 }
118
119 // Init Session.
120 if ( empty( $this->session ) && ! $this->use_php_sessions ) {
121 add_action( 'plugins_loaded', array( $this, 'init' ), 9999 );
122 } else {
123 add_action( 'init', array( $this, 'init' ), - 1 );
124 }
125
126 // Set cookie on Donation Completion page.
127 add_action( 'give_pre_process_donation', array( $this, 'set_session_cookies' ) );
128
129 }
130
131 /**
132 * Session Init
133 *
134 * Setup the Session instance.
135 *
136 * @since 1.0
137 * @access public
138 *
139 * @return array Session instance
140 */
141 public function init() {
142
143 if ( $this->use_php_sessions ) {
144 $this->session = isset( $_SESSION[ 'give' . $this->prefix ] ) && is_array( $_SESSION[ 'give' . $this->prefix ] ) ? $_SESSION[ 'give' . $this->prefix ] : array();
145 } else {
146 $this->session = WP_Session::get_instance();
147 }
148
149 return $this->session;
150
151 }
152
153 /**
154 * Get Session ID
155 *
156 * Retrieve session ID.
157 *
158 * @since 1.0
159 * @access public
160 *
161 * @return string Session ID.
162 */
163 public function get_id() {
164 return $this->session->session_id;
165 }
166
167 /**
168 * Get Session
169 *
170 * Retrieve session variable for a given session key.
171 *
172 * @since 1.0
173 * @access public
174 *
175 * @param string $key Session key.
176 *
177 * @return string|array Session variable.
178 */
179 public function get( $key ) {
180 $key = sanitize_key( $key );
181 $return = false;
182
183 if ( isset( $this->session[ $key ] ) && ! empty( $this->session[ $key ] ) ) {
184
185 preg_match( '/[oO]\s*:\s*\d+\s*:\s*"\s*(?!(?i)(stdClass))/', $this->session[ $key ], $matches );
186 if ( ! empty( $matches ) ) {
187 $this->set( $key, null );
188
189 return false;
190 }
191
192 if ( is_numeric( $this->session[ $key ] ) ) {
193 $return = $this->session[ $key ];
194 } else {
195
196 $maybe_json = json_decode( $this->session[ $key ] );
197
198 // Since json_last_error is PHP 5.3+, we have to rely on a `null` value for failing to parse JSON.
199 if ( is_null( $maybe_json ) ) {
200 $is_serialized = is_serialized( $this->session[ $key ] );
201 if ( $is_serialized ) {
202 $value = @unserialize( $this->session[ $key ] );
203 $this->set( $key, (array) $value );
204 $return = $value;
205 } else {
206 $return = $this->session[ $key ];
207 }
208 } else {
209 $return = json_decode( $this->session[ $key ], true );
210 }
211
212 }
213 }
214
215 return $return;
216
217 }
218
219 /**
220 * Set Session
221 *
222 * Create a new session.
223 *
224 * @since 1.0
225 * @access public
226 *
227 * @param string $key Session key.
228 * @param mixed $value Session variable.
229 *
230 * @return string Session variable.
231 */
232 public function set( $key, $value ) {
233
234 $key = sanitize_key( $key );
235
236 if ( is_array( $value ) ) {
237 $this->session[ $key ] = wp_json_encode( $value );
238 } else {
239 $this->session[ $key ] = esc_attr( $value );
240 }
241
242 if ( $this->use_php_sessions ) {
243 $_SESSION[ 'give' . $this->prefix ] = $this->session;
244 }
245
246 return $this->session[ $key ];
247 }
248
249 /**
250 * Set Session Cookies
251 *
252 * Cookies are used to increase the session lifetime using the give setting. This is helpful for when a user closes their browser after making a donation and comes back to the
253 * site.
254 *
255 * @since 1.4
256 * @access public
257 *
258 * @hook
259 */
260 public function set_session_cookies() {
261 if ( ! headers_sent() ) {
262 $lifetime = current_time( 'timestamp' ) + $this->set_expiration_time();
263 @setcookie( session_name(), session_id(), $lifetime, COOKIEPATH, COOKIE_DOMAIN, false );
264 @setcookie( session_name() . '_expiration', $lifetime, $lifetime, COOKIEPATH, COOKIE_DOMAIN, false );
265 }
266 }
267
268 /**
269 * Set Cookie Variant Time
270 *
271 * Force the cookie expiration variant time to custom expiration option, less and hour. defaults to 23 hours (set_expiration_variant_time used in WP_Session).
272 *
273 * @since 1.0
274 * @access public
275 *
276 * @return int
277 */
278 public function set_expiration_variant_time() {
279
280 return ( ! empty( $this->exp_option ) ? ( intval( $this->exp_option ) - 3600 ) : 30 * 60 * 23 );
281 }
282
283 /**
284 * Set Cookie Expiration
285 *
286 * Force the cookie expiration time if set, default to 24 hours.
287 *
288 * @since 1.0
289 * @access public
290 *
291 * @return int
292 */
293 public function set_expiration_time() {
294
295 return ( ! empty( $this->exp_option ) ? intval( $this->exp_option ) : 30 * 60 * 24 );
296 }
297
298 /**
299 * Starts a new session if one has not started yet.
300 *
301 * Checks to see if the server supports PHP sessions or if the GIVE_USE_PHP_SESSIONS constant is defined.
302 *
303 * @since 1.0
304 * @access public
305 *
306 * @return bool $ret True if we are using PHP sessions, false otherwise.
307 */
308 public function use_php_sessions() {
309
310 $ret = false;
311
312 // If the database variable is already set, no need to run auto detection.
313 $give_use_php_sessions = (bool) get_option( 'give_use_php_sessions' );
314
315 if ( ! $give_use_php_sessions ) {
316
317 // Attempt to detect if the server supports PHP sessions.
318 if ( function_exists( 'session_start' ) && ! ini_get( 'safe_mode' ) ) {
319
320 $this->set( 'give_use_php_sessions', 1 );
321
322 if ( $this->get( 'give_use_php_sessions' ) ) {
323
324 $ret = true;
325
326 // Set the database option.
327 update_option( 'give_use_php_sessions', true );
328
329 }
330 }
331 } else {
332
333 $ret = $give_use_php_sessions;
334 }
335
336 // Enable or disable PHP Sessions based on the GIVE_USE_PHP_SESSIONS constant.
337 if ( defined( 'GIVE_USE_PHP_SESSIONS' ) && GIVE_USE_PHP_SESSIONS ) {
338 $ret = true;
339 } elseif ( defined( 'GIVE_USE_PHP_SESSIONS' ) && ! GIVE_USE_PHP_SESSIONS ) {
340 $ret = false;
341 }
342
343 return (bool) apply_filters( 'give_use_php_sessions', $ret );
344 }
345
346 /**
347 * Should Start Session
348 *
349 * Determines if we should start sessions.
350 *
351 * @since 1.4
352 * @access public
353 *
354 * @return bool
355 */
356 public function should_start_session() {
357
358 $start_session = true;
359
360 if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
361
362 $blacklist = apply_filters( 'give_session_start_uri_blacklist', array(
363 'feed',
364 'feed',
365 'feed/rss',
366 'feed/rss2',
367 'feed/rdf',
368 'feed/atom',
369 'comments/feed/',
370 ) );
371 $uri = ltrim( $_SERVER['REQUEST_URI'], '/' );
372 $uri = untrailingslashit( $uri );
373 if ( in_array( $uri, $blacklist ) ) {
374 $start_session = false;
375 }
376 if ( false !== strpos( $uri, 'feed=' ) ) {
377 $start_session = false;
378 }
379 if ( is_admin() ) {
380 $start_session = false;
381 }
382 }
383
384 return apply_filters( 'give_start_session', $start_session );
385 }
386
387 /**
388 * Maybe Start Session
389 *
390 * Starts a new session if one hasn't started yet.
391 *
392 * @access public
393 *
394 * @see http://php.net/manual/en/function.session-set-cookie-params.php
395 *
396 * @return void
397 */
398 public function maybe_start_session() {
399
400 if ( ! $this->should_start_session() ) {
401 return;
402 }
403
404 if ( ! session_id() && ! headers_sent() ) {
405 session_start();
406 }
407
408 }
409
410 /**
411 * Get Session Expiration
412 *
413 * Looks at the session cookies and returns the expiration date for this session if applicable
414 *
415 * @access public
416 *
417 * @return string Formatted expiration date string.
418 */
419 public function get_session_expiration() {
420
421 $expiration = false;
422
423 if ( session_id() && isset( $_COOKIE[ session_name() . '_expiration' ] ) ) {
424
425 $expiration = date( 'D, d M Y h:i:s', intval( $_COOKIE[ session_name() . '_expiration' ] ) );
426
427 }
428
429 return $expiration;
430
431 }
432
433 }
434