Elgg  Version 3.0
ElggSession.php
Go to the documentation of this file.
1 <?php
2 
3 use Elgg\Config;
4 use Elgg\Database;
5 use Elgg\Http\DatabaseSessionHandler;
6 use Symfony\Component\HttpFoundation\Session\Session;
7 use Symfony\Component\HttpFoundation\Session\SessionInterface;
8 use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
9 use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
10 
18 class ElggSession {
19 
23  protected $storage;
24 
28  protected $logged_in_user;
29 
33  protected $ignore_access = false;
34 
38  protected $show_disabled_entities = false;
39 
45  public function __construct(SessionInterface $storage) {
46  $this->storage = $storage;
47  }
48 
56  public function start() {
57 
58  if ($this->storage->getId()) {
59  return true;
60  }
61 
62  $result = $this->storage->start();
63  $this->generateSessionToken();
64  return $result;
65  }
66 
74  public function migrate($destroy = false) {
75  return $this->storage->migrate($destroy);
76  }
77 
86  public function invalidate() {
87  $this->storage->clear();
88  $this->logged_in_user = null;
89  $result = $this->migrate(true);
90  $this->generateSessionToken();
91  _elgg_services()->sessionCache->clear();
92  return $result;
93  }
94 
101  public function save() {
102  $this->storage->save();
103  }
104 
111  public function isStarted() {
112  return $this->storage->isStarted();
113  }
114 
121  public function getId() {
122  return $this->storage->getId();
123  }
124 
132  public function setId($id) {
133  $this->storage->setId($id);
134  }
135 
142  public function getName() {
143  return $this->storage->getName();
144  }
145 
153  public function setName($name) {
154  $this->storage->setName($name);
155  }
156 
164  public function get($name, $default = null) {
165  return $this->storage->get($name, $default);
166  }
167 
175  public function set($name, $value) {
176  $this->storage->set($name, $value);
177  }
178 
186  public function remove($name) {
187  return $this->storage->remove($name);
188  }
189 
197  public function has($name) {
198  return $this->storage->has($name);
199  }
200 
208  public function setLoggedInUser(\ElggUser $user) {
209  $current_user = $this->getLoggedInUser();
210  if ($current_user != $user) {
211  $this->set('guid', $user->guid);
212  $this->logged_in_user = $user;
213  _elgg_services()->sessionCache->clear();
214  _elgg_services()->translator->setCurrentLanguage($user->language);
215  }
216  }
217 
224  public function getLoggedInUser() {
225  return $this->logged_in_user;
226  }
227 
234  public function getLoggedInUserGuid() {
235  $user = $this->getLoggedInUser();
236  return $user ? $user->guid : 0;
237  }
238 
244  public function isAdminLoggedIn() {
245  $user = $this->getLoggedInUser();
246 
247  return $user && $user->isAdmin();
248  }
249 
255  public function isLoggedIn() {
256  return (bool) $this->getLoggedInUser();
257  }
258 
265  public function removeLoggedInUser() {
266  $this->logged_in_user = null;
267  $this->remove('guid');
268  _elgg_services()->sessionCache->clear();
269  }
270 
276  public function getIgnoreAccess() {
277  return $this->ignore_access;
278  }
279 
287  public function setIgnoreAccess($ignore = true) {
288  $prev = $this->ignore_access;
289  $this->ignore_access = $ignore;
290 
291  return $prev;
292  }
293 
299  public function getDisabledEntityVisibility() {
300  global $ENTITY_SHOW_HIDDEN_OVERRIDE;
301  if (isset($ENTITY_SHOW_HIDDEN_OVERRIDE)) {
302  return $ENTITY_SHOW_HIDDEN_OVERRIDE;
303  }
304 
305  return $this->show_disabled_entities;
306  }
307 
315  public function setDisabledEntityVisibility($show = true) {
316  global $ENTITY_SHOW_HIDDEN_OVERRIDE;
317  $ENTITY_SHOW_HIDDEN_OVERRIDE = $show;
318 
319  $prev = $this->show_disabled_entities;
320  $this->show_disabled_entities = $show;
321 
322  return $prev;
323  }
324 
333  protected function generateSessionToken() {
334  // Generate a simple token that we store server side
335  if (!$this->has('__elgg_session')) {
336  $this->set('__elgg_session', _elgg_services()->crypto->getRandomString(22));
337  }
338  }
339 
347  public static function getMock() {
348  $storage = new MockArraySessionStorage();
349  $session = new Session($storage);
350  return new self($session);
351  }
352 
363  public static function fromDatabase(Config $config, Database $db) {
364  $params = $config->getCookieConfig()['session'];
365  $options = [
366  // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage
367  // constructor, so we must capture and inject it directly.
368  'cache_limiter' => session_cache_limiter(),
369 
370  'name' => $params['name'],
371  'cookie_path' => $params['path'],
372  'cookie_domain' => $params['domain'],
373  'cookie_secure' => $params['secure'],
374  'cookie_httponly' => $params['httponly'],
375  'cookie_lifetime' => $params['lifetime'],
376  ];
377 
378  $handler = new DatabaseSessionHandler($db);
379  $storage = new NativeSessionStorage($options, $handler);
380  $session = new Session($storage);
381  return new self($session);
382  }
383 
393  public static function fromFiles(Config $config) {
394  $params = $config->getCookieConfig()['session'];
395  $options = [
396  // session.cache_limiter is unfortunately set to "" by the NativeSessionStorage
397  // constructor, so we must capture and inject it directly.
398  'cache_limiter' => session_cache_limiter(),
399 
400  'name' => $params['name'],
401  'cookie_path' => $params['path'],
402  'cookie_domain' => $params['domain'],
403  'cookie_secure' => $params['secure'],
404  'cookie_httponly' => $params['httponly'],
405  'cookie_lifetime' => $params['lifetime'],
406  ];
407 
408  $storage = new NativeSessionStorage($options);
409  $session = new Session($storage);
410  return new self($session);
411  }
412 }
ElggSession\setId
setId($id)
Set the session ID.
Definition: ElggSession.php:132
ElggSession\setName
setName($name)
Set the session name.
Definition: ElggSession.php:153
ElggSession\setLoggedInUser
setLoggedInUser(\ElggUser $user)
Sets the logged in user.
Definition: ElggSession.php:208
ElggSession\has
has($name)
Has the attribute been defined.
Definition: ElggSession.php:197
ElggSession\save
save()
Save the session data and closes the session.
Definition: ElggSession.php:101
$name
if(!$user||!$user->canDelete()) $name
Definition: delete.php:22
$params
$params
Saves global plugin settings.
Definition: save.php:13
$result
$result
Definition: set_maintenance_mode.php:11
ElggSession\setDisabledEntityVisibility
setDisabledEntityVisibility($show=true)
Include disabled entities in queries.
Definition: ElggSession.php:315
ElggSession\generateSessionToken
generateSessionToken()
Adds a token to the session.
Definition: ElggSession.php:333
ElggSession\migrate
migrate($destroy=false)
Migrates the session to a new session id while maintaining session attributes.
Definition: ElggSession.php:74
ElggSession\getName
getName()
Get the session name.
Definition: ElggSession.php:142
ElggSession\isLoggedIn
isLoggedIn()
Returns whether or not the user is currently logged in.
Definition: ElggSession.php:255
ElggSession\removeLoggedInUser
removeLoggedInUser()
Remove the logged in user.
Definition: ElggSession.php:265
ElggSession\invalidate
invalidate()
Invalidates the session.
Definition: ElggSession.php:86
ElggSession\fromFiles
static fromFiles(Config $config)
Create a session stored in files.
Definition: ElggSession.php:393
ElggSession\getDisabledEntityVisibility
getDisabledEntityVisibility()
Are disabled entities shown?
Definition: ElggSession.php:299
ElggSession\isStarted
isStarted()
Has the session been started.
Definition: ElggSession.php:111
ElggSession\getId
getId()
Get the session ID.
Definition: ElggSession.php:121
ElggSession\start
start()
Start the session.
Definition: ElggSession.php:56
ElggSession\getLoggedInUserGuid
getLoggedInUserGuid()
Return the current logged in user by guid.
Definition: ElggSession.php:234
$options
$options
Elgg admin footer.
Definition: footer.php:6
$config
$config
Advanced site settings, debugging section.
Definition: debugging.php:6
ElggSession\getIgnoreAccess
getIgnoreAccess()
Get current ignore access setting.
Definition: ElggSession.php:276
$id
$id
River item delete action.
Definition: delete.php:6
$ENTITY_SHOW_HIDDEN_OVERRIDE
global $ENTITY_SHOW_HIDDEN_OVERRIDE
Allow disabled entities and metadata to be returned by getter functions.
Definition: access.php:20
ElggSession\getLoggedInUser
getLoggedInUser()
Gets the logged in user.
Definition: ElggSession.php:224
ElggSession\isAdminLoggedIn
isAdminLoggedIn()
Returns whether or not the viewer is currently logged in and an admin user.
Definition: ElggSession.php:244
$user
$user
Definition: ban.php:7
global
elgg global
Pointer to the global context.
Definition: elgglib.js:12
$default
$default
Definition: checkbox.php:35
ElggSession\__construct
__construct(SessionInterface $storage)
Constructor.
Definition: ElggSession.php:45
Elgg\Config\getCookieConfig
getCookieConfig()
Set up and return the cookie configuration array resolved from settings.
Definition: Config.php:334
$value
$value
Definition: debugging.php:7
ElggSession\setIgnoreAccess
setIgnoreAccess($ignore=true)
Set ignore access.
Definition: ElggSession.php:287
_elgg_services
_elgg_services()
Get the global service provider.
Definition: elgglib.php:1292
ElggSession\getMock
static getMock()
Get an isolated ElggSession that does not persist between requests.
Definition: ElggSession.php:347
$handler
$handler
Definition: add.php:7
ElggSession\fromDatabase
static fromDatabase(Config $config, Database $db)
Create a session stored in the DB.
Definition: ElggSession.php:363
Generated on Tue Jul 14 2020 00:00:17 for Elgg by   doxygen 1.8.11