PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.1.7
GiveWP – Donation Plugin and Fundraising Platform v2.1.7
4.16.3 4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / libraries / sessions / class-wp-session.php
give / includes / libraries / sessions Last commit date
class-recursive-arrayaccess.php 8 years ago class-wp-session-utils.php 8 years ago class-wp-session.php 8 years ago wp-session.php 8 years ago
class-wp-session.php
237 lines
1 <?php
2 /**
3 * WordPress session managment.
4 *
5 * Standardizes WordPress session data using database-backed options for storage.
6 * for storing user session information.
7 *
8 * @package WordPress
9 * @subpackage Session
10 * @since 3.7.0
11 */
12
13 // Exit if accessed directly.
14 if ( ! defined( 'ABSPATH' ) ) exit;
15
16 /*
17 * MODIFICATIONS
18 *
19 * - Remove `set_cookie()` from constructor
20 * - Give `set_cookie()` public access
21 * - Manually call `set_cookie()` on form submission
22 */
23
24 /**
25 * WordPress Session class for managing user session data.
26 *
27 * @package WordPress
28 * @since 3.7.0
29 */
30 final class WP_Session extends Recursive_ArrayAccess {
31 /**
32 * ID of the current session.
33 *
34 * @var string
35 */
36 public $session_id;
37
38 /**
39 * Unix timestamp when session expires.
40 *
41 * @var int
42 */
43 protected $expires;
44
45 /**
46 * Unix timestamp indicating when the expiration time needs to be reset.
47 *
48 * @var int
49 */
50 protected $exp_variant;
51
52 /**
53 * Singleton instance.
54 *
55 * @var bool|WP_Session
56 */
57 private static $instance = false;
58
59 /**
60 * Retrieve the current session instance.
61 *
62 * @param bool $session_id Session ID from which to populate data.
63 *
64 * @return bool|WP_Session
65 */
66 public static function get_instance() {
67 if ( ! self::$instance ) {
68 self::$instance = new self();
69 }
70
71 return self::$instance;
72 }
73
74 /**
75 * Default constructor.
76 * Will rebuild the session collection from the given session ID if it exists. Otherwise, will
77 * create a new session with that ID.
78 *
79 * @param $session_id
80 * @uses apply_filters Calls `wp_session_expiration` to determine how long until sessions expire.
81 */
82 protected function __construct() {
83 if ( isset( $_COOKIE[WP_SESSION_COOKIE] ) ) {
84 $cookie = stripslashes( $_COOKIE[WP_SESSION_COOKIE] );
85 $cookie_crumbs = explode( '||', $cookie );
86
87 $this->session_id = preg_replace("/[^A-Za-z0-9_]/", '', $cookie_crumbs[0] );
88 $this->expires = absint( $cookie_crumbs[1] );
89 $this->exp_variant = absint( $cookie_crumbs[2] );
90
91 // Update the session expiration if we're past the variant time
92 if ( time() > $this->exp_variant ) {
93 $this->set_expiration();
94 delete_option( "_wp_session_expires_{$this->session_id}" );
95 add_option( "_wp_session_expires_{$this->session_id}", $this->expires, '', 'no' );
96 }
97 } else {
98 $this->session_id = WP_Session_Utils::generate_id();
99 $this->set_expiration();
100 }
101
102 $this->read_data();
103
104 $this->set_cookie();
105
106 }
107
108 /**
109 * Set both the expiration time and the expiration variant.
110 *
111 * If the current time is below the variant, we don't update the session's expiration time. If it's
112 * greater than the variant, then we update the expiration time in the database. This prevents
113 * writing to the database on every page load for active sessions and only updates the expiration
114 * time if we're nearing when the session actually expires.
115 *
116 * By default, the expiration time is set to 30 minutes.
117 * By default, the expiration variant is set to 24 minutes.
118 *
119 * As a result, the session expiration time - at a maximum - will only be written to the database once
120 * every 24 minutes. After 30 minutes, the session will have been expired. No cookie will be sent by
121 * the browser, and the old session will be queued for deletion by the garbage collector.
122 *
123 * @uses apply_filters Calls `wp_session_expiration_variant` to get the max update window for session data.
124 * @uses apply_filters Calls `wp_session_expiration` to get the standard expiration time for sessions.
125 */
126 protected function set_expiration() {
127 $this->exp_variant = time() + (int) apply_filters( 'wp_session_expiration_variant', 24 * 60 );
128 $this->expires = time() + (int) apply_filters( 'wp_session_expiration', 30 * 60 );
129 }
130
131 /**
132 * Set the session cookie
133 * @uses apply_filters Calls `wp_session_cookie_secure` to set the $secure parameter of setcookie()
134 * @uses apply_filters Calls `wp_session_cookie_httponly` to set the $httponly parameter of setcookie()
135 */
136 protected function set_cookie() {
137 $secure = apply_filters('wp_session_cookie_secure', false);
138 $httponly = apply_filters('wp_session_cookie_httponly', false);
139 setcookie( WP_SESSION_COOKIE, $this->session_id . '||' . $this->expires . '||' . $this->exp_variant , $this->expires, COOKIEPATH, COOKIE_DOMAIN, $secure, $httponly );
140 }
141
142 /**
143 * Read data from a transient for the current session.
144 *
145 * Automatically resets the expiration time for the session transient to some time in the future.
146 *
147 * @return array
148 */
149 protected function read_data() {
150 $this->container = get_option( "_wp_session_{$this->session_id}", array() );
151
152 return $this->container;
153 }
154
155 /**
156 * Write the data from the current session to the data storage system.
157 */
158 public function write_data() {
159 $option_key = "_wp_session_{$this->session_id}";
160
161 if ( false === get_option( $option_key ) ) {
162 add_option( "_wp_session_{$this->session_id}", $this->container, '', 'no' );
163 add_option( "_wp_session_expires_{$this->session_id}", $this->expires, '', 'no' );
164 } else {
165 delete_option( "_wp_session_{$this->session_id}" );
166 add_option( "_wp_session_{$this->session_id}", $this->container, '', 'no' );
167 }
168 }
169
170 /**
171 * Output the current container contents as a JSON-encoded string.
172 *
173 * @return string
174 */
175 public function json_out() {
176 return json_encode( $this->container );
177 }
178
179 /**
180 * Decodes a JSON string and, if the object is an array, overwrites the session container with its contents.
181 *
182 * @param string $data
183 *
184 * @return bool
185 */
186 public function json_in( $data ) {
187 $array = json_decode( $data );
188
189 if ( is_array( $array ) ) {
190 $this->container = $array;
191 return true;
192 }
193
194 return false;
195 }
196
197 /**
198 * Regenerate the current session's ID.
199 *
200 * @param bool $delete_old Flag whether or not to delete the old session data from the server.
201 */
202 public function regenerate_id( $delete_old = false ) {
203 if ( $delete_old ) {
204 delete_option( "_wp_session_{$this->session_id}" );
205 }
206
207 $this->session_id = WP_Session_Utils::generate_id();
208
209 $this->set_cookie();
210 }
211
212 /**
213 * Check if a session has been initialized.
214 *
215 * @return bool
216 */
217 public function session_started() {
218 return !!self::$instance;
219 }
220
221 /**
222 * Return the read-only cache expiration value.
223 *
224 * @return int
225 */
226 public function cache_expiration() {
227 return $this->expires;
228 }
229
230 /**
231 * Flushes all session variables.
232 */
233 public function reset() {
234 $this->container = array();
235 }
236 }
237