TYPO3
7.6
|
Public Member Functions | |
__construct () | |
startSession () | |
destroySession () | |
resetSession () | |
hasSession () | |
getSessionId () | |
setAuthorized () | |
isAuthorized () | |
isExpired () | |
refreshSession () | |
addMessage (\TYPO3\CMS\Install\Status\StatusInterface $message) | |
getMessagesAndFlush () | |
open ($savePath, $sessionName) | |
close () | |
read ($id) | |
write ($id, $sessionData) | |
destroy ($id) | |
gc ($maxLifeTime) | |
__destruct () | |
Private Member Functions | |
getSessionSavePath () | |
ensureSessionSavePathExists ($sessionSavePath) | |
renewSession () | |
getSessionHash ($sessionId= '') | |
getSessionFile ($id) | |
Private Attributes | |
$typo3tempPath | |
$sessionPath = 'InstallToolSessions/%s' | |
$cookieName = 'Typo3InstallTool' | |
$expireTimeInMinutes = 60 | |
$regenerateSessionIdTime = 5 | |
Secure session handling for the install tool.
Definition at line 22 of file SessionService.php.
__construct | ( | ) |
Constructor. Starts PHP session handling in our own private store
Side-effect: might set a cookie, so must be called before any other output.
Definition at line 66 of file SessionService.php.
References elseif, GeneralUtility\getIndpEnv(), and SessionService\getSessionSavePath().
__destruct | ( | ) |
Writes the session data at the end, to overcome a PHP APC bug.
Writes the session data in a proper context that is not affected by the APC bug: http://pecl.php.net/bugs/bug.php?id=16721.
This behaviour was introduced in #17511, where self::write() made use of GeneralUtility which due to the APC bug throws a "Fatal error: Class 'GeneralUtility' not found" (and the session data is not saved). Calling session_write_close() at this point seems to be the most easy solution, according to PHP author.
Definition at line 462 of file SessionService.php.
addMessage | ( | \TYPO3\CMS\Install\Status\StatusInterface | $message | ) |
Add a message to "Flash" message storage.
\TYPO3\CMS\Install\Status\StatusInterface | $message | A message to add |
Definition at line 315 of file SessionService.php.
close | ( | ) |
destroy | ( | $id | ) |
Destroys one session. See
string | $id | The session id |
Definition at line 422 of file SessionService.php.
References SessionService\getSessionFile().
destroySession | ( | ) |
Destroys a session
Definition at line 169 of file SessionService.php.
|
private |
Create directories for the session save path and throw an exception if that fails.
string | $sessionSavePath | The absolute path to the session files |
\TYPO3\CMS\Install\Exception |
Definition at line 122 of file SessionService.php.
References GeneralUtility\mkdir_deep(), and GeneralUtility\writeFile().
Referenced by SessionService\getSessionSavePath().
gc | ( | $maxLifeTime | ) |
Garbage collect session info. See
int | $maxLifeTime | The setting of session.gc_maxlifetime |
Definition at line 434 of file SessionService.php.
References $filename, and SessionService\getSessionSavePath().
getMessagesAndFlush | ( | ) |
Return stored session messages and flush.
Definition at line 328 of file SessionService.php.
|
private |
Returns the file where to store our session data
string | $id |
Definition at line 350 of file SessionService.php.
References SessionService\getSessionHash(), and SessionService\getSessionSavePath().
Referenced by SessionService\destroy(), SessionService\read(), and SessionService\write().
|
private |
Returns a session hash, which can only be calculated by the server. Used to store our session files without exposing the session ID.
string | $sessionId | An alternative session ID. Defaults to our current session ID |
\TYPO3\CMS\Install\Exception |
Definition at line 222 of file SessionService.php.
References $GLOBALS, and SessionService\getSessionId().
Referenced by SessionService\getSessionFile().
getSessionId | ( | ) |
Returns the session ID of the running session.
Definition at line 209 of file SessionService.php.
Referenced by SessionService\getSessionHash().
|
private |
Returns the path where to store our session files
\TYPO3\CMS\Install\Exception |
Definition at line 99 of file SessionService.php.
References $GLOBALS, SessionService\ensureSessionSavePathExists(), and GeneralUtility\hmac().
Referenced by SessionService\__construct(), SessionService\gc(), and SessionService\getSessionFile().
hasSession | ( | ) |
Checks whether we already have an active session.
Definition at line 199 of file SessionService.php.
isAuthorized | ( | ) |
Check if we have an already authorized session
Definition at line 259 of file SessionService.php.
isExpired | ( | ) |
Check if our session is expired. Useful only right after a FALSE "isAuthorized" to see if this is the reason for not being authorized anymore.
Definition at line 278 of file SessionService.php.
open | ( | $savePath, | |
$sessionName | |||
) |
Open function. See
string | $savePath | |
string | $sessionName |
Definition at line 363 of file SessionService.php.
read | ( | $id | ) |
Read session data. See
string | $id | The session id |
Definition at line 384 of file SessionService.php.
References SessionService\getSessionFile(), and SessionService\write().
refreshSession | ( | ) |
Refreshes our session information, rising the expire time. Also generates a new session ID every 5 minutes to minimize the risk of session hijacking.
Definition at line 298 of file SessionService.php.
References SessionService\renewSession().
|
private |
Generates a new session ID and sends it to the client.
Definition at line 188 of file SessionService.php.
Referenced by SessionService\refreshSession(), SessionService\setAuthorized(), and SessionService\startSession().
resetSession | ( | ) |
Reset session. Sets _SESSION to empty array.
Definition at line 177 of file SessionService.php.
setAuthorized | ( | ) |
Marks this session as an "authorized" one (login successful). Should only be called if: a) we have a valid session running b) the "password" or some other authorization mechanism really matched
Definition at line 244 of file SessionService.php.
References SessionService\renewSession().
startSession | ( | ) |
Starts a new session
Definition at line 159 of file SessionService.php.
References SessionService\renewSession().
write | ( | $id, | |
$sessionData | |||
) |
Write session data. See
string | $id | The session id |
string | $sessionData | The data to be stored |
Exception |
Definition at line 403 of file SessionService.php.
References SessionService\getSessionFile(), and GeneralUtility\writeFile().
Referenced by SessionService\read().
|
private |
Definition at line 45 of file SessionService.php.
|
private |
Definition at line 52 of file SessionService.php.
|
private |
Definition at line 59 of file SessionService.php.
|
private |
Definition at line 38 of file SessionService.php.
|
private |
Definition at line 30 of file SessionService.php.