PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / trunk
Matomo Analytics – Powerful, Privacy-First Insights for WordPress vtrunk
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / libs / Zend / Session.php
matomo / app / libs / Zend Last commit date
Db 1 month ago Session 1 year ago Config.php 1 month ago Db.php 2 years ago Exception.php 1 year ago LICENSE.txt 6 years ago Registry.php 2 years ago Session.php 1 month ago Version.php 1 month ago
Session.php
765 lines
1 <?php
2
3 namespace {
4 /**
5 * Zend Framework
6 *
7 * LICENSE
8 *
9 * This source file is subject to the new BSD license that is bundled
10 * with this package in the file LICENSE.txt.
11 * It is also available through the world-wide-web at this URL:
12 * http://framework.zend.com/license/new-bsd
13 * If you did not receive a copy of the license and are unable to
14 * obtain it through the world-wide-web, please send an email
15 * to license@zend.com so we can send you a copy immediately.
16 *
17 * @category Zend
18 * @package Zend_Session
19 * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
20 * @license http://framework.zend.com/license/new-bsd New BSD License
21 * @version $Id: Session.php 24196 2011-07-05 15:58:11Z matthew $
22 * @since Preview Release 0.2
23 */
24 /**
25 * @see Zend_Session_Abstract
26 */
27 // require_once 'Zend/Session/Abstract.php';
28 /**
29 * @see Zend_Session_Namespace
30 */
31 // require_once 'Zend/Session/Namespace.php';
32 /**
33 * Zend_Session
34 *
35 * @category Zend
36 * @package Zend_Session
37 * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
38 * @license http://framework.zend.com/license/new-bsd New BSD License
39 */
40 class Zend_Session extends \Zend_Session_Abstract
41 {
42 /**
43 * Whether or not Zend_Session is being used with unit tests
44 *
45 * @internal
46 * @var bool
47 */
48 public static $_unitTestEnabled = \false;
49 /**
50 * $_throwStartupException
51 *
52 * @var bool|bitset This could also be a combiniation of error codes to catch
53 */
54 protected static $_throwStartupExceptions = \true;
55 /**
56 * Check whether or not the session was started
57 *
58 * @var bool
59 */
60 private static $_sessionStarted = \false;
61 /**
62 * Whether or not the session id has been regenerated this request.
63 *
64 * Id regeneration state
65 * <0 - regenerate requested when session is started
66 * 0 - do nothing
67 * >0 - already called session_regenerate_id()
68 *
69 * @var int
70 */
71 private static $_regenerateIdState = 0;
72 /**
73 * Private list of php's ini values for ext/session
74 * null values will default to the php.ini value, otherwise
75 * the value below will overwrite the default ini value, unless
76 * the user has set an option explicity with setOptions()
77 *
78 * @var array
79 */
80 private static $_defaultOptions = array(
81 'save_path' => null,
82 'name' => null,
83 /* this should be set to a unique value for each application */
84 'save_handler' => null,
85 //'auto_start' => null, /* intentionally excluded (see manual) */
86 'gc_probability' => null,
87 'gc_divisor' => null,
88 'gc_maxlifetime' => null,
89 'serialize_handler' => null,
90 'cookie_lifetime' => null,
91 'cookie_path' => null,
92 'cookie_domain' => null,
93 'cookie_secure' => null,
94 'cookie_httponly' => null,
95 'use_cookies' => null,
96 'use_only_cookies' => 'on',
97 'referer_check' => null,
98 'entropy_file' => null,
99 'entropy_length' => null,
100 'cache_limiter' => null,
101 'cache_expire' => null,
102 'use_trans_sid' => null,
103 'bug_compat_42' => null,
104 'bug_compat_warn' => null,
105 'hash_function' => null,
106 'hash_bits_per_character' => null,
107 );
108 /**
109 * List of options pertaining to Zend_Session that can be set by developers
110 * using Zend_Session::setOptions(). This list intentionally duplicates
111 * the individual declaration of static "class" variables by the same names.
112 *
113 * @var array
114 */
115 private static $_localOptions = array('strict' => '_strict', 'remember_me_seconds' => '_rememberMeSeconds', 'throw_startup_exceptions' => '_throwStartupExceptions');
116 /**
117 * Whether or not write close has been performed.
118 *
119 * @var bool
120 */
121 private static $_writeClosed = \false;
122 /**
123 * Whether or not session id cookie has been deleted
124 *
125 * @var bool
126 */
127 private static $_sessionCookieDeleted = \false;
128 /**
129 * Whether or not session has been destroyed via session_destroy()
130 *
131 * @var bool
132 */
133 private static $_destroyed = \false;
134 /**
135 * Whether or not session must be initiated before usage
136 *
137 * @var bool
138 */
139 private static $_strict = \false;
140 /**
141 * Default number of seconds the session will be remembered for when asked to be remembered
142 *
143 * @var int
144 */
145 private static $_rememberMeSeconds = 1209600;
146 // 2 weeks
147 /**
148 * Whether the default options listed in Zend_Session::$_localOptions have been set
149 *
150 * @var bool
151 */
152 private static $_defaultOptionsSet = \false;
153 /**
154 * A reference to the set session save handler
155 *
156 * @var \SessionHandlerInterface
157 */
158 private static $_saveHandler = null;
159 /**
160 * Constructor overriding - make sure that a developer cannot instantiate
161 */
162 protected function __construct()
163 {
164 }
165 /**
166 * setOptions - set both the class specified
167 *
168 * @param array $userOptions - pass-by-keyword style array of <option name, option value> pairs
169 * @throws Zend_Session_Exception
170 * @return void
171 */
172 public static function setOptions(array $userOptions = array())
173 {
174 // set default options on first run only (before applying user settings)
175 if (!self::$_defaultOptionsSet) {
176 foreach (self::$_defaultOptions as $defaultOptionName => $defaultOptionValue) {
177 if (isset(self::$_defaultOptions[$defaultOptionName])) {
178 @\ini_set("session.{$defaultOptionName}", $defaultOptionValue);
179 }
180 }
181 self::$_defaultOptionsSet = \true;
182 }
183 // set the options the user has requested to set
184 foreach ($userOptions as $userOptionName => $userOptionValue) {
185 $userOptionName = \strtolower($userOptionName);
186 // set the ini based values
187 if (\array_key_exists($userOptionName, self::$_defaultOptions)) {
188 @\ini_set("session.{$userOptionName}", $userOptionValue);
189 } elseif (isset(self::$_localOptions[$userOptionName])) {
190 self::${self::$_localOptions[$userOptionName]} = $userOptionValue;
191 } else {
192 /** @see Zend_Session_Exception */
193 // require_once 'Zend/Session/Exception.php';
194 throw new \Zend_Session_Exception("Unknown option: {$userOptionName} = {$userOptionValue}");
195 }
196 }
197 }
198 /**
199 * getOptions()
200 *
201 * @param string $optionName OPTIONAL
202 * @return array|string
203 */
204 public static function getOptions($optionName = null)
205 {
206 $options = array();
207 foreach (\ini_get_all('session') as $sysOptionName => $sysOptionValues) {
208 $options[\substr($sysOptionName, 8)] = $sysOptionValues['local_value'];
209 }
210 foreach (self::$_localOptions as $localOptionName => $localOptionMemberName) {
211 $options[$localOptionName] = self::${$localOptionMemberName};
212 }
213 if ($optionName) {
214 if (\array_key_exists($optionName, $options)) {
215 return $options[$optionName];
216 }
217 return null;
218 }
219 return $options;
220 }
221 /**
222 * setSaveHandler() - Session Save Handler assignment
223 *
224 * @param \SessionHandlerInterface $interface
225 * @return void
226 */
227 public static function setSaveHandler(\SessionHandlerInterface $saveHandler)
228 {
229 self::$_saveHandler = $saveHandler;
230 if (self::$_unitTestEnabled) {
231 return;
232 }
233 \session_set_save_handler($saveHandler, \false);
234 }
235 /**
236 * getSaveHandler() - Get the session Save Handler
237 *
238 * @return \SessionHandlerInterface
239 */
240 public static function getSaveHandler()
241 {
242 return self::$_saveHandler;
243 }
244 /**
245 * regenerateId() - Regenerate the session id. Best practice is to call this after
246 * session is started. If called prior to session starting, session id will be regenerated
247 * at start time.
248 *
249 * @throws Zend_Session_Exception
250 * @return void
251 */
252 public static function regenerateId()
253 {
254 if (!self::$_unitTestEnabled && \headers_sent($filename, $linenum)) {
255 /** @see Zend_Session_Exception */
256 // require_once 'Zend/Session/Exception.php';
257 throw new \Zend_Session_Exception("You must call " . __CLASS__ . '::' . __FUNCTION__ . "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
258 }
259 if (!self::$_sessionStarted) {
260 self::$_regenerateIdState = -1;
261 } else {
262 if (!self::$_unitTestEnabled) {
263 \session_regenerate_id(\true);
264 self::rewriteSessionCookieWithSameSiteDirective();
265 }
266 self::$_regenerateIdState = 1;
267 }
268 }
269 /**
270 * Check if there is a Set-Cookie header present - if so, overwrite it with
271 * a similar header which also includes a SameSite directive. This workaround
272 * is needed because the SameSite property on the session cookie is not supported
273 * by PHP until 7.3.
274 */
275 private static function rewriteSessionCookieWithSameSiteDirective()
276 {
277 $headers = \headers_list();
278 $cookieHeader = '';
279 foreach ($headers as $header) {
280 if (\strpos($header, 'Set-Cookie: ' . \Piwik\Session::SESSION_NAME) === 0) {
281 $cookieHeader = $header;
282 break;
283 }
284 }
285 if (!$cookieHeader) {
286 return;
287 }
288 if (\stripos($cookieHeader, 'SameSite') === \false) {
289 $cookieHeader .= '; SameSite=' . \Piwik\Session::getSameSiteCookieValue();
290 \header($cookieHeader);
291 }
292 }
293 /**
294 * rememberMe() - Write a persistent cookie that expires after a number of seconds in the future. If no number of
295 * seconds is specified, then this defaults to self::$_rememberMeSeconds. Due to clock errors on end users' systems,
296 * large values are recommended to avoid undesirable expiration of session cookies.
297 *
298 * @param int $seconds OPTIONAL specifies TTL for cookie in seconds from present time
299 * @return void
300 */
301 public static function rememberMe($seconds = null)
302 {
303 $seconds = (int) $seconds;
304 $seconds = $seconds > 0 ? $seconds : self::$_rememberMeSeconds;
305 self::rememberUntil($seconds);
306 }
307 /**
308 * forgetMe() - Write a volatile session cookie, removing any persistent cookie that may have existed. The session
309 * would end upon, for example, termination of a web browser program.
310 *
311 * @return void
312 */
313 public static function forgetMe()
314 {
315 self::rememberUntil(0);
316 }
317 /**
318 * rememberUntil() - This method does the work of changing the state of the session cookie and making
319 * sure that it gets resent to the browser via regenerateId()
320 *
321 * @param int $seconds
322 * @return void
323 */
324 public static function rememberUntil($seconds = 0)
325 {
326 if (self::$_unitTestEnabled) {
327 self::regenerateId();
328 return;
329 }
330 $cookieParams = \session_get_cookie_params();
331 \session_set_cookie_params($seconds, $cookieParams['path'], $cookieParams['domain'], $cookieParams['secure']);
332 // normally "rememberMe()" represents a security context change, so should use new session id
333 self::regenerateId();
334 }
335 /**
336 * sessionExists() - whether or not a session exists for the current request
337 *
338 * @return bool
339 */
340 public static function sessionExists()
341 {
342 if (\ini_get('session.use_cookies') == '1' && isset($_COOKIE[\session_name()])) {
343 return \true;
344 } elseif (!empty($_REQUEST[\session_name()])) {
345 return \true;
346 } elseif (self::$_unitTestEnabled) {
347 return \true;
348 }
349 return \false;
350 }
351 /**
352 * Whether or not session has been destroyed via session_destroy()
353 *
354 * @return bool
355 */
356 public static function isDestroyed()
357 {
358 return self::$_destroyed;
359 }
360 /**
361 * start() - Start the session.
362 *
363 * @param bool|array $options OPTIONAL Either user supplied options, or flag indicating if start initiated automatically
364 * @throws Zend_Session_Exception
365 * @return void
366 */
367 public static function start($options = \false)
368 {
369 if (self::$_sessionStarted && self::$_destroyed) {
370 // require_once 'Zend/Session/Exception.php';
371 throw new \Zend_Session_Exception('The session was explicitly destroyed during this request, attempting to re-start is not allowed.');
372 }
373 if (self::$_sessionStarted) {
374 return;
375 // already started
376 }
377 if (\session_status() === \PHP_SESSION_ACTIVE) {
378 parent::$_readable = \true;
379 parent::$_writable = \true;
380 self::$_sessionStarted = \true;
381 return;
382 }
383 // make sure our default options (at the least) have been set
384 if (!self::$_defaultOptionsSet) {
385 self::setOptions(\is_array($options) ? $options : array());
386 }
387 // In strict mode, do not allow auto-starting Zend_Session, such as via "new Zend_Session_Namespace()"
388 if (self::$_strict && $options === \true) {
389 /** @see Zend_Session_Exception */
390 // require_once 'Zend/Session/Exception.php';
391 throw new \Zend_Session_Exception('You must explicitly start the session with Zend_Session::start() when session options are set to strict.');
392 }
393 $filename = $linenum = null;
394 if (!self::$_unitTestEnabled && \headers_sent($filename, $linenum)) {
395 /** @see Zend_Session_Exception */
396 // require_once 'Zend/Session/Exception.php';
397 throw new \Zend_Session_Exception("Session must be started before any output has been sent to the browser;" . " output started in {$filename}/{$linenum}");
398 }
399 /**
400 * Hack to throw exceptions on start instead of php errors
401 * @see http://framework.zend.com/issues/browse/ZF-1325
402 */
403 $errorLevel = \is_int(self::$_throwStartupExceptions) ? self::$_throwStartupExceptions : \E_ALL;
404 /** @see Zend_Session_Exception */
405 if (!self::$_unitTestEnabled) {
406 if (self::$_throwStartupExceptions) {
407 // require_once 'Zend/Session/Exception.php';
408 \set_error_handler(array('Zend_Session_Exception', 'handleSessionStartError'), $errorLevel);
409 }
410 $startedCleanly = \session_start();
411 if (self::$_throwStartupExceptions) {
412 \restore_error_handler();
413 }
414 if (!$startedCleanly || !empty(\Zend_Session_Exception::$sessionStartError)) {
415 if (self::$_throwStartupExceptions) {
416 \set_error_handler(array('Zend_Session_Exception', 'handleSilentWriteClose'), $errorLevel);
417 }
418 \session_write_close();
419 if (self::$_throwStartupExceptions) {
420 \restore_error_handler();
421 throw new \Zend_Session_Exception(__CLASS__ . '::' . __FUNCTION__ . '() - ' . \Zend_Session_Exception::$sessionStartError . ' Warnings: ' . \Zend_Session_Exception::$sessionStartWarning);
422 }
423 }
424 }
425 parent::$_readable = \true;
426 parent::$_writable = \true;
427 self::$_sessionStarted = \true;
428 if (self::$_regenerateIdState === -1) {
429 self::regenerateId();
430 } else {
431 self::rewriteSessionCookieWithSameSiteDirective();
432 }
433 if (isset($_SESSION['data']) && \is_string($_SESSION['data'])) {
434 $_SESSION = \Piwik\Common::safe_unserialize(\base64_decode($_SESSION['data']), [\Piwik\Notification::class]);
435 }
436 // run validators if they exist
437 if (isset($_SESSION['__ZF']['VALID'])) {
438 self::_processValidators();
439 }
440 self::_processStartupMetadataGlobal();
441 }
442 /**
443 * _processGlobalMetadata() - this method initizes the sessions GLOBAL
444 * metadata, mostly global data expiration calculations.
445 *
446 * @return void
447 */
448 private static function _processStartupMetadataGlobal()
449 {
450 // process global metadata
451 if (isset($_SESSION['__ZF'])) {
452 // expire globally expired values
453 foreach ($_SESSION['__ZF'] as $namespace => $namespace_metadata) {
454 // Expire Namespace by Time (ENT)
455 if (isset($namespace_metadata['ENT']) && $namespace_metadata['ENT'] > 0 && \time() > $namespace_metadata['ENT']) {
456 unset($_SESSION[$namespace]);
457 unset($_SESSION['__ZF'][$namespace]);
458 }
459 // Expire Namespace by Global Hop (ENGH) if it wasnt expired above
460 if (isset($_SESSION['__ZF'][$namespace]) && isset($namespace_metadata['ENGH']) && $namespace_metadata['ENGH'] >= 1) {
461 $_SESSION['__ZF'][$namespace]['ENGH']--;
462 if ($_SESSION['__ZF'][$namespace]['ENGH'] === 0) {
463 if (isset($_SESSION[$namespace])) {
464 parent::$_expiringData[$namespace] = $_SESSION[$namespace];
465 unset($_SESSION[$namespace]);
466 }
467 unset($_SESSION['__ZF'][$namespace]);
468 }
469 }
470 // Expire Namespace Variables by Time (ENVT)
471 if (isset($namespace_metadata['ENVT'])) {
472 foreach ($namespace_metadata['ENVT'] as $variable => $time) {
473 if (\time() > $time) {
474 unset($_SESSION[$namespace][$variable]);
475 unset($_SESSION['__ZF'][$namespace]['ENVT'][$variable]);
476 }
477 }
478 if (empty($_SESSION['__ZF'][$namespace]['ENVT'])) {
479 unset($_SESSION['__ZF'][$namespace]['ENVT']);
480 }
481 }
482 // Expire Namespace Variables by Global Hop (ENVGH)
483 if (isset($namespace_metadata['ENVGH'])) {
484 foreach ($namespace_metadata['ENVGH'] as $variable => $hops) {
485 $_SESSION['__ZF'][$namespace]['ENVGH'][$variable]--;
486 if ($_SESSION['__ZF'][$namespace]['ENVGH'][$variable] === 0) {
487 if (isset($_SESSION[$namespace][$variable])) {
488 parent::$_expiringData[$namespace][$variable] = $_SESSION[$namespace][$variable];
489 unset($_SESSION[$namespace][$variable]);
490 }
491 unset($_SESSION['__ZF'][$namespace]['ENVGH'][$variable]);
492 }
493 }
494 if (empty($_SESSION['__ZF'][$namespace]['ENVGH'])) {
495 unset($_SESSION['__ZF'][$namespace]['ENVGH']);
496 }
497 }
498 if (isset($namespace) && empty($_SESSION['__ZF'][$namespace])) {
499 unset($_SESSION['__ZF'][$namespace]);
500 }
501 }
502 }
503 if (isset($_SESSION['__ZF']) && empty($_SESSION['__ZF'])) {
504 unset($_SESSION['__ZF']);
505 }
506 }
507 /**
508 * isStarted() - convenience method to determine if the session is already started.
509 *
510 * @return bool
511 */
512 public static function isStarted()
513 {
514 return self::$_sessionStarted;
515 }
516 /**
517 * isRegenerated() - convenience method to determine if session_regenerate_id()
518 * has been called during this request by Zend_Session.
519 *
520 * @return bool
521 */
522 public static function isRegenerated()
523 {
524 return self::$_regenerateIdState > 0 ? \true : \false;
525 }
526 /**
527 * getId() - get the current session id
528 *
529 * @return string
530 */
531 public static function getId()
532 {
533 return \session_id();
534 }
535 /**
536 * setId() - set an id to a user specified id
537 *
538 * @throws Zend_Session_Exception
539 * @param string $id
540 * @return void
541 */
542 public static function setId($id)
543 {
544 if (!self::$_unitTestEnabled && \defined('SID')) {
545 /** @see Zend_Session_Exception */
546 // require_once 'Zend/Session/Exception.php';
547 throw new \Zend_Session_Exception('The session has already been started. The session id must be set first.');
548 }
549 if (!self::$_unitTestEnabled && \headers_sent($filename, $linenum)) {
550 /** @see Zend_Session_Exception */
551 // require_once 'Zend/Session/Exception.php';
552 throw new \Zend_Session_Exception("You must call " . __CLASS__ . '::' . __FUNCTION__ . "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
553 }
554 if (!\is_string($id) || $id === '') {
555 /** @see Zend_Session_Exception */
556 // require_once 'Zend/Session/Exception.php';
557 throw new \Zend_Session_Exception('You must provide a non-empty string as a session identifier.');
558 }
559 \session_id($id);
560 }
561 /**
562 * registerValidator() - register a validator that will attempt to validate this session for
563 * every future request
564 *
565 * @param Zend_Session_Validator_Interface $validator
566 * @return void
567 */
568 public static function registerValidator(\Zend_Session_Validator_Interface $validator)
569 {
570 $validator->setup();
571 }
572 /**
573 * stop() - Disable write access. Optionally disable read (not implemented).
574 *
575 * @return void
576 */
577 public static function stop()
578 {
579 parent::$_writable = \false;
580 }
581 /**
582 * writeClose() - Shutdown the sesssion, close writing and detach $_SESSION from the back-end storage mechanism.
583 * This will complete the internal data transformation on this request.
584 *
585 * @param bool $readonly - OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
586 * @return void
587 */
588 public static function writeClose($readonly = \true)
589 {
590 if (self::$_unitTestEnabled) {
591 return;
592 }
593 if (self::$_writeClosed) {
594 return;
595 }
596 if ($readonly) {
597 parent::$_writable = \false;
598 }
599 if (isset($_SESSION)) {
600 $sessionBkp = $_SESSION;
601 $_SESSION = self::buildSessionData($_SESSION);
602 }
603 \session_write_close();
604 self::$_writeClosed = \true;
605 if (isset($sessionBkp)) {
606 $_SESSION = $sessionBkp;
607 }
608 }
609 public static function buildSessionData(array $data) : array
610 {
611 return ['data' => \base64_encode(\serialize($data))];
612 }
613 /**
614 * destroy() - This is used to destroy session data, and optionally, the session cookie itself
615 *
616 * @param bool $remove_cookie - OPTIONAL remove session id cookie, defaults to true (remove cookie)
617 * @param bool $readonly - OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
618 * @return void
619 */
620 public static function destroy($remove_cookie = \true, $readonly = \true)
621 {
622 if (self::$_unitTestEnabled) {
623 return;
624 }
625 if (self::$_destroyed) {
626 return;
627 }
628 if ($readonly) {
629 parent::$_writable = \false;
630 }
631 \session_destroy();
632 self::$_destroyed = \true;
633 if ($remove_cookie) {
634 self::expireSessionCookie();
635 }
636 }
637 /**
638 * expireSessionCookie() - Sends an expired session id cookie, causing the client to delete the session cookie
639 *
640 * @return void
641 */
642 public static function expireSessionCookie()
643 {
644 if (self::$_unitTestEnabled) {
645 return;
646 }
647 if (self::$_sessionCookieDeleted) {
648 return;
649 }
650 self::$_sessionCookieDeleted = \true;
651 if (isset($_COOKIE[\session_name()])) {
652 $cookie_params = \session_get_cookie_params();
653 \Piwik\Session::writeCookie(
654 \session_name(),
655 \false,
656 315554400,
657 // strtotime('1980-01-01'),
658 $cookie_params['path'],
659 $cookie_params['domain'],
660 $cookie_params['secure'],
661 \false,
662 \Piwik\Session::getSameSiteCookieValue()
663 );
664 }
665 }
666 /**
667 * _processValidator() - internal function that is called in the existence of VALID metadata
668 *
669 * @throws Zend_Session_Exception
670 * @return void
671 */
672 private static function _processValidators()
673 {
674 foreach ($_SESSION['__ZF']['VALID'] as $validator_name => $valid_data) {
675 if (!\class_exists($validator_name)) {
676 // require_once 'Zend/Loader.php';
677 \Zend_Loader::loadClass($validator_name);
678 }
679 $validator = new $validator_name();
680 if ($validator->validate() === \false) {
681 /** @see Zend_Session_Exception */
682 // require_once 'Zend/Session/Exception.php';
683 throw new \Zend_Session_Exception("This session is not valid according to {$validator_name}.");
684 }
685 }
686 }
687 /**
688 * namespaceIsset() - check to see if a namespace is set
689 *
690 * @param string $namespace
691 * @return bool
692 */
693 public static function namespaceIsset($namespace)
694 {
695 return parent::_namespaceIsset($namespace);
696 }
697 /**
698 * namespaceUnset() - unset a namespace or a variable within a namespace
699 *
700 * @param string $namespace
701 * @throws Zend_Session_Exception
702 * @return void
703 */
704 public static function namespaceUnset($namespace)
705 {
706 parent::_namespaceUnset($namespace);
707 \Zend_Session_Namespace::resetSingleInstance($namespace);
708 }
709 /**
710 * namespaceGet() - get all variables in a namespace
711 * Deprecated: Use getIterator() in Zend_Session_Namespace.
712 *
713 * @param string $namespace
714 * @return array
715 */
716 public static function namespaceGet($namespace)
717 {
718 return parent::_namespaceGetAll($namespace);
719 }
720 /**
721 * getIterator() - return an iteratable object for use in foreach and the like,
722 * this completes the IteratorAggregate interface
723 *
724 * @throws Zend_Session_Exception
725 * @return ArrayObject
726 */
727 public static function getIterator()
728 {
729 if (parent::$_readable === \false) {
730 /** @see Zend_Session_Exception */
731 // require_once 'Zend/Session/Exception.php';
732 throw new \Zend_Session_Exception(parent::_THROW_NOT_READABLE_MSG);
733 }
734 $spaces = array();
735 if (isset($_SESSION)) {
736 $spaces = \array_keys($_SESSION);
737 foreach ($spaces as $key => $space) {
738 if (!\strncmp($space, '__', 2) || !\is_array($_SESSION[$space])) {
739 unset($spaces[$key]);
740 }
741 }
742 }
743 return new \ArrayObject(\array_merge($spaces, \array_keys(parent::$_expiringData)));
744 }
745 /**
746 * isWritable() - returns a boolean indicating if namespaces can write (use setters)
747 *
748 * @return bool
749 */
750 public static function isWritable()
751 {
752 return parent::$_writable;
753 }
754 /**
755 * isReadable() - returns a boolean indicating if namespaces can write (use setters)
756 *
757 * @return bool
758 */
759 public static function isReadable()
760 {
761 return parent::$_readable;
762 }
763 }
764 }
765