PluginProbe ʕ •ᴥ•ʔ
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress / 3.1
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress v3.1
4.16.19 4.16.18 4.16.17 4.16.16 trunk 1.0 1.0.1 1.0.2 1.1 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.5a 1.1.6 1.1.7 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.3 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.4 1.4.1 1.4.2 1.5 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.7 1.7.1 1.7.2 1.8 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.1.9 2.2.10 2.2.11 2.2.12 2.2.13 2.2.14 2.2.15 2.2.16 2.2.2 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 3.0 3.1 3.1.1 3.1.10 3.1.11 3.1.12 3.1.13 3.1.14 3.1.15 3.1.16 3.1.17 3.1.18 3.1.19 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.10 3.2.11 3.2.12 3.2.13 3.2.14 3.2.15 3.2.16 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 4.0.0 4.0.1 4.0.2 4.0.3 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4 4.10.0 4.10.1 4.10.2 4.10.3 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.13.3 4.13.4 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.15.0 4.15.1 4.15.10 4.15.11 4.15.12 4.15.13 4.15.14 4.15.15 4.15.16 4.15.17 4.15.18 4.15.19 4.15.2 4.15.20 4.15.20.1 4.15.21 4.15.22 4.15.23 4.15.24 4.15.25 4.15.3 4.15.4 4.15.5 4.15.6 4.15.7 4.15.8 4.15.9 4.16.0 4.16.1 4.16.10 4.16.11 4.16.12 4.16.13 4.16.14 4.16.15 4.16.2 4.16.3 4.16.4 4.16.5 4.16.6 4.16.7 4.16.8 4.16.9 4.2.0 4.3.0 4.3.1 4.3.2 4.4.0 4.4.1 4.5.0 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6.0 4.7.0 4.8.0 4.9.0
wp-user-avatar / src / lib / wp_session / class-wp-session.php
wp-user-avatar / src / lib / wp_session Last commit date
class-recursive-arrayaccess.php 5 years ago class-wp-session.php 5 years ago wp-session.php 5 years ago
class-wp-session.php
333 lines
1 <?php
2 /**
3 * WordPress session managment.
4 *
5 * Standardizes WordPress session data using database-backed options for storage.
6 * for storing user session information.
7 *
8 * @package WordPress
9 * @subpackage Session
10 * @since 3.7.0
11 */
12
13 // Exit if accessed directly
14 if ( ! defined( 'ABSPATH' ) ) exit;
15
16 /**
17 * WordPress Session class for managing user session data.
18 *
19 * @package WordPress
20 * @since 3.7.0
21 */
22 final class WP_Session extends Recursive_ArrayAccess implements Iterator, Countable {
23 /**
24 * ID of the current session.
25 *
26 * @var string
27 */
28 public $session_id;
29
30 /**
31 * Unix timestamp when session expires.
32 *
33 * @var int
34 */
35 protected $expires;
36
37 /**
38 * Unix timestamp indicating when the expiration time needs to be reset.
39 *
40 * @var int
41 */
42 protected $exp_variant;
43
44 /**
45 * Singleton instance.
46 *
47 * @var bool|WP_Session
48 */
49 private static $instance = false;
50
51 /**
52 * Retrieve the current session instance.
53 *
54 * @param bool $session_id Session ID from which to populate data.
55 *
56 * @return bool|WP_Session
57 */
58 public static function get_instance() {
59 if ( ! self::$instance ) {
60 self::$instance = new self();
61 }
62
63 return self::$instance;
64 }
65
66 /**
67 * Default constructor.
68 * Will rebuild the session collection from the given session ID if it exists. Otherwise, will
69 * create a new session with that ID.
70 *
71 * @param $session_id
72 * @uses apply_filters Calls `wp_session_expiration` to determine how long until sessions expire.
73 */
74 protected function __construct() {
75 if ( isset( $_COOKIE[WP_SESSION_COOKIE] ) ) {
76 $cookie = stripslashes( $_COOKIE[WP_SESSION_COOKIE] );
77 $cookie_crumbs = explode( '||', $cookie );
78
79 if( $this->is_valid_md5( $cookie_crumbs[0] ) ) {
80
81 $this->session_id = $cookie_crumbs[0];
82
83 } else {
84
85 $this->regenerate_id( true );
86
87 }
88
89 $this->expires = $cookie_crumbs[1];
90 $this->exp_variant = $cookie_crumbs[2];
91
92 // Update the session expiration if we're past the variant time
93 if ( time() > $this->exp_variant ) {
94 $this->set_expiration();
95 delete_option( "_wp_session_expires_{$this->session_id}" );
96 add_option( "_wp_session_expires_{$this->session_id}", $this->expires, '', 'no' );
97 }
98 } else {
99 $this->session_id = $this->generate_id();
100 $this->set_expiration();
101 }
102
103 $this->read_data();
104
105 $this->set_cookie();
106
107 }
108
109 /**
110 * Set both the expiration time and the expiration variant.
111 *
112 * If the current time is below the variant, we don't update the session's expiration time. If it's
113 * greater than the variant, then we update the expiration time in the database. This prevents
114 * writing to the database on every page load for active sessions and only updates the expiration
115 * time if we're nearing when the session actually expires.
116 *
117 * By default, the expiration time is set to 30 minutes.
118 * By default, the expiration variant is set to 24 minutes.
119 *
120 * As a result, the session expiration time - at a maximum - will only be written to the database once
121 * every 24 minutes. After 30 minutes, the session will have been expired. No cookie will be sent by
122 * the browser, and the old session will be queued for deletion by the garbage collector.
123 *
124 * @uses apply_filters Calls `wp_session_expiration_variant` to get the max update window for session data.
125 * @uses apply_filters Calls `wp_session_expiration` to get the standard expiration time for sessions.
126 */
127 protected function set_expiration() {
128 $this->exp_variant = time() + (int) apply_filters( 'wp_session_expiration_variant', 24 * 60 );
129 $this->expires = time() + (int) apply_filters( 'wp_session_expiration', 30 * 60 );
130 }
131
132 /**
133 * Set the session cookie
134 */
135 protected function set_cookie() {
136 @setcookie( WP_SESSION_COOKIE, $this->session_id . '||' . $this->expires . '||' . $this->exp_variant , $this->expires, COOKIEPATH, COOKIE_DOMAIN );
137 }
138
139 /**
140 * Generate a cryptographically strong unique ID for the session token.
141 *
142 * @return string
143 */
144 protected function generate_id() {
145 require_once( ABSPATH . 'wp-includes/class-phpass.php');
146 $hasher = new PasswordHash( 8, false );
147
148 return md5( $hasher->get_random_bytes( 32 ) );
149 }
150
151 /**
152 * Checks if is valid md5 string
153 *
154 * @param string $md5
155 * @return int
156 */
157 protected function is_valid_md5( $md5 = '' ){
158 return preg_match( '/^[a-f0-9]{32}$/', $md5 );
159 }
160
161 /**
162 * Read data from a transient for the current session.
163 *
164 * Automatically resets the expiration time for the session transient to some time in the future.
165 *
166 * @return array
167 */
168 protected function read_data() {
169 $this->container = get_option( "_wp_session_{$this->session_id}", array() );
170
171 return $this->container;
172 }
173
174 /**
175 * Write the data from the current session to the data storage system.
176 */
177 public function write_data() {
178 $option_key = "_wp_session_{$this->session_id}";
179
180 // Only write the collection to the DB if it's changed.
181 if ( $this->dirty ) {
182 if ( false === get_option( $option_key ) ) {
183 add_option( "_wp_session_{$this->session_id}", $this->container, '', 'no' );
184 add_option( "_wp_session_expires_{$this->session_id}", $this->expires, '', 'no' );
185 } else {
186 delete_option( "_wp_session_{$this->session_id}" );
187 add_option( "_wp_session_{$this->session_id}", $this->container, '', 'no' );
188 }
189 }
190 }
191
192 /**
193 * Output the current container contents as a JSON-encoded string.
194 *
195 * @return string
196 */
197 public function json_out() {
198 return json_encode( $this->container );
199 }
200
201 /**
202 * Decodes a JSON string and, if the object is an array, overwrites the session container with its contents.
203 *
204 * @param string $data
205 *
206 * @return bool
207 */
208 public function json_in( $data ) {
209 $array = json_decode( $data );
210
211 if ( is_array( $array ) ) {
212 $this->container = $array;
213 return true;
214 }
215
216 return false;
217 }
218
219 /**
220 * Regenerate the current session's ID.
221 *
222 * @param bool $delete_old Flag whether or not to delete the old session data from the server.
223 */
224 public function regenerate_id( $delete_old = false ) {
225 if ( $delete_old ) {
226 delete_option( "_wp_session_{$this->session_id}" );
227 }
228
229 $this->session_id = $this->generate_id();
230
231 $this->set_cookie();
232 }
233
234 /**
235 * Check if a session has been initialized.
236 *
237 * @return bool
238 */
239 public function session_started() {
240 return !!self::$instance;
241 }
242
243 /**
244 * Return the read-only cache expiration value.
245 *
246 * @return int
247 */
248 public function cache_expiration() {
249 return $this->expires;
250 }
251
252 /**
253 * Flushes all session variables.
254 */
255 public function reset() {
256 $this->container = array();
257 }
258
259 /*****************************************************************/
260 /* Iterator Implementation */
261 /*****************************************************************/
262
263 /**
264 * Current position of the array.
265 *
266 * @link http://php.net/manual/en/iterator.current.php
267 *
268 * @return mixed
269 */
270 public function current() {
271 return current( $this->container );
272 }
273
274 /**
275 * Key of the current element.
276 *
277 * @link http://php.net/manual/en/iterator.key.php
278 *
279 * @return mixed
280 */
281 public function key() {
282 return key( $this->container );
283 }
284
285 /**
286 * Move the internal point of the container array to the next item
287 *
288 * @link http://php.net/manual/en/iterator.next.php
289 *
290 * @return void
291 */
292 public function next() {
293 next( $this->container );
294 }
295
296 /**
297 * Rewind the internal point of the container array.
298 *
299 * @link http://php.net/manual/en/iterator.rewind.php
300 *
301 * @return void
302 */
303 public function rewind() {
304 reset( $this->container );
305 }
306
307 /**
308 * Is the current key valid?
309 *
310 * @link http://php.net/manual/en/iterator.rewind.php
311 *
312 * @return bool
313 */
314 public function valid() {
315 return $this->offsetExists( $this->key() );
316 }
317
318 /*****************************************************************/
319 /* Countable Implementation */
320 /*****************************************************************/
321
322 /**
323 * Get the count of elements in the container array.
324 *
325 * @link http://php.net/manual/en/countable.count.php
326 *
327 * @return int
328 */
329 public function count() {
330 return count( $this->container );
331 }
332 }
333