do not use the PHP session, implement our own
This commit is contained in:
parent
b107ec0b7e
commit
770ff3e143
|
@ -3,6 +3,9 @@ require_once('lassospkit_datadir.inc.php');
|
|||
|
||||
/** This class represents the non-SAML-metadata part
|
||||
* of the config of the spkit. */
|
||||
|
||||
LassoSPKitConfig::$default_values['cookiename'] = md5("".rand());
|
||||
|
||||
class LassoSPKitConfig {
|
||||
static $default_values = array(
|
||||
'federate' => 'file', /* Does the backend persist federation ? no, file or mysql. */
|
||||
|
@ -17,8 +20,9 @@ class LassoSPKitConfig {
|
|||
'conformance' => "",
|
||||
'idp_metadata_url' => "",
|
||||
'baseUrl' => "",
|
||||
'session' => "DummySession",
|
||||
'storage' => "File"
|
||||
'session' => "AutoPersistentSession",
|
||||
'storage' => "File",
|
||||
'cookiename' => 0
|
||||
);
|
||||
private static $instance = null;
|
||||
private static $file;
|
||||
|
|
|
@ -44,7 +44,8 @@ class LassoSPKitConfigUIGen
|
|||
'mysql_password' => array('Mot de passe sur la base', 'password'),
|
||||
'mysql_database' => array('Nom de la base'),
|
||||
'mysql_table' => array('Nom de la table'),
|
||||
'lasso_lib' => array('Emplacement de la bibliothèque Lasso PHP'));
|
||||
'lasso_lib' => array('Emplacement de la bibliothèque Lasso PHP'),
|
||||
'cookiename' => array('Cookiename', 'text'));
|
||||
}
|
||||
function itype($name) {
|
||||
if (isset($this->special_input[$name][1])) {
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
require_once("lassospkit_config.inc.php");
|
||||
require_once("lassospkit_datadir.inc.php");
|
||||
|
||||
/** This object encapsulate the communication between the frontend and the
|
||||
backend of the LassoSPkit.
|
||||
|
@ -10,8 +12,10 @@
|
|||
code.
|
||||
|
||||
*/
|
||||
LassoSPKitUtilsSession::$cookiename = LassoSPKitConfig::get('cookiename');
|
||||
class LassoSPKitUtilsSession {
|
||||
private static $key = "__LassoSPKitSessionObject";
|
||||
public static $cookiename;
|
||||
private static $THIS;
|
||||
private $vars;
|
||||
|
||||
|
@ -48,13 +52,39 @@ class LassoSPKitUtilsSession {
|
|||
'federateParams'=>0,
|
||||
'sloParams'=>0,
|
||||
'defederationParams'=>0);
|
||||
private static $use_session = 0;
|
||||
private $id = null;
|
||||
|
||||
private function __construct() {
|
||||
if (! isset($_SESSION)) {
|
||||
throw new Exception("LassoSPKit cannot work without sessions.");
|
||||
$content = null;
|
||||
if (self::$use_session) {
|
||||
if (! isset($_SESSION)) {
|
||||
throw new Exception("LassoSPKit cannot work without sessions.");
|
||||
}
|
||||
if (isset($_SESSION[self::$key])) {
|
||||
$content = $_SESSION[self::$key];
|
||||
}
|
||||
} else {
|
||||
if (isset($_COOKIE[self::$cookiename])) {
|
||||
$this->id = $_COOKIE[self::$cookiename];
|
||||
$valid = ereg("^[[:alnum:]]+$",$this->id);
|
||||
if ($valid) {
|
||||
$filepath = lassospkit_datadir() . "/cookie_session_" . $this->id;
|
||||
if (! file_exists($filepath)) {
|
||||
lassospkit_debuglog("$filepath does not exist but cookie exists.");
|
||||
}
|
||||
$content = @file_get_contents($filepath);
|
||||
if ($content === FALSE) {
|
||||
lassospkit_debuglog("cannot read $filepath");
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$this->id = md5("lasso" . rand());
|
||||
setcookie(self::$cookiename, $this->id);
|
||||
}
|
||||
}
|
||||
if (isset($_SESSION[self::$key])) {
|
||||
$t = @unserialize($_SESSION[self::$key]);
|
||||
if ($content) {
|
||||
$t = @unserialize($content);
|
||||
if ($t && is_array($t)) {
|
||||
$this->vars = $t;
|
||||
} else {
|
||||
|
@ -72,7 +102,15 @@ class LassoSPKitUtilsSession {
|
|||
foreach ($this->clears as $k => $v) {
|
||||
unset($this->vars[$k]);
|
||||
}
|
||||
$_SESSION[self::$key] = serialize($this->vars);
|
||||
$content = serialize($this->vars);
|
||||
if (self::$use_session) {
|
||||
$_SESSION[self::$key] = $content;
|
||||
} else {
|
||||
$ret = @file_put_contents(lassospkit_datadir() . "/cookie_session_" . $this->id, $content);
|
||||
if ($ret === FALSE) {
|
||||
lassospkit_debuglog("cannot write into " . lassospkit_datadir() . "/cookie_session_" . $this->id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/** Get the singleton object to communicate
|
||||
|
|
Reference in New Issue