entrouvert
/
spkitlasso
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

do not use the PHP session, implement our own

This commit is contained in:
<bdauvergne@entrouvert.com> 1206630374 +0100 0001-01-01 00:00:00 +00:00
parent b107ec0b7e
commit 770ff3e143
3 changed files with 51 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/lassospkit_config.inc.php
View File

@ -3,6 +3,9 @@ require_once('lassospkit_datadir.inc.php');
/** This class represents the non-SAML-metadata part
* of the config of the spkit. */
LassoSPKitConfig::$default_values['cookiename'] = md5("".rand());
class LassoSPKitConfig {
static $default_values = array(
'federate' => 'file', /* Does the backend persist federation ? no, file or mysql. */
@ -17,8 +20,9 @@ class LassoSPKitConfig {
'conformance' => "",
'idp_metadata_url' => "",
'baseUrl' => "",
'session' => "DummySession",
'storage' => "File"
'session' => "AutoPersistentSession",
'storage' => "File",
'cookiename' => 0
);
private static $instance = null;
private static $file;

3
include/lassospkit_configgen.inc.php
View File

@ -44,7 +44,8 @@ class LassoSPKitConfigUIGen
'mysql_password' => array('Mot de passe sur la base', 'password'),
'mysql_database' => array('Nom de la base'),
'mysql_table' => array('Nom de la table'),
'lasso_lib' => array('Emplacement de la bibliothèque Lasso PHP'));
'lasso_lib' => array('Emplacement de la bibliothèque Lasso PHP'),
'cookiename' => array('Cookiename', 'text'));
}
function itype($name) {
if (isset($this->special_input[$name][1])) {

48
include/lassospkit_utils_session.inc.php
View File

@ -1,4 +1,6 @@
<?php
require_once("lassospkit_config.inc.php");
require_once("lassospkit_datadir.inc.php");
/** This object encapsulate the communication between the frontend and the
backend of the LassoSPkit.
@ -10,8 +12,10 @@
code.
*/
LassoSPKitUtilsSession::$cookiename = LassoSPKitConfig::get('cookiename');
class LassoSPKitUtilsSession {
private static $key = "__LassoSPKitSessionObject";
public static $cookiename;
private static $THIS;
private $vars;
@ -48,13 +52,39 @@ class LassoSPKitUtilsSession {
'federateParams'=>0,
'sloParams'=>0,
'defederationParams'=>0);
private static $use_session = 0;
private $id = null;
private function __construct() {
if (! isset($_SESSION)) {
throw new Exception("LassoSPKit cannot work without sessions.");
$content = null;
if (self::$use_session) {
if (! isset($_SESSION)) {
throw new Exception("LassoSPKit cannot work without sessions.");
}
if (isset($_SESSION[self::$key])) {
$content = $_SESSION[self::$key];
}
} else {
if (isset($_COOKIE[self::$cookiename])) {
$this->id = $_COOKIE[self::$cookiename];
$valid = ereg("^[[:alnum:]]+$",$this->id);
if ($valid) {
$filepath = lassospkit_datadir() . "/cookie_session_" . $this->id;
if (! file_exists($filepath)) {
lassospkit_debuglog("$filepath does not exist but cookie exists.");
}
$content = @file_get_contents($filepath);
if ($content === FALSE) {
lassospkit_debuglog("cannot read $filepath");
}
}
} else {
$this->id = md5("lasso" . rand());
setcookie(self::$cookiename, $this->id);
}
}
if (isset($_SESSION[self::$key])) {
$t = @unserialize($_SESSION[self::$key]);
if ($content) {
$t = @unserialize($content);
if ($t && is_array($t)) {
$this->vars = $t;
} else {
@ -72,7 +102,15 @@ class LassoSPKitUtilsSession {
foreach ($this->clears as $k => $v) {
unset($this->vars[$k]);
}
$_SESSION[self::$key] = serialize($this->vars);
$content = serialize($this->vars);
if (self::$use_session) {
$_SESSION[self::$key] = $content;
} else {
$ret = @file_put_contents(lassospkit_datadir() . "/cookie_session_" . $this->id, $content);
if ($ret === FALSE) {
lassospkit_debuglog("cannot write into " . lassospkit_datadir() . "/cookie_session_" . $this->id);
}
}
}
/** Get the singleton object to communicate