Skip to content
Snippets Groups Projects
Commit 0b89bc2c authored by Olav Morken's avatar Olav Morken
Browse files

SessionHandler: Replace set & get with saveSession & loadSession.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2416 44740490-163a-0410-bde0-09ae8108e29a
parent 18b87ccd
No related branches found
No related tags found
No related merge requests found
......@@ -789,34 +789,26 @@ class SimpleSAML_Session {
private static function loadSession() {
$sh = SimpleSAML_SessionHandler::getSessionHandler();
$sessionData = $sh->get('SimpleSAMLphp_SESSION');
if($sessionData == NULL) {
return NULL;
}
if(!is_string($sessionData)) {
$session = $sh->loadSession();
if($session === NULL) {
return NULL;
}
$sessionData = unserialize($sessionData);
if(!($sessionData instanceof self)) {
SimpleSAML_Logger::warning('Retrieved and deserialized session data was not a session.');
return NULL;
}
assert('$session instanceof self');
if ($sessionData->authToken !== NULL) {
if ($session->authToken !== NULL) {
if (!isset($_COOKIE['SimpleSAMLAuthToken'])) {
SimpleSAML_Logger::warning('Missing AuthToken cookie.');
return NULL;
}
if ($_COOKIE['SimpleSAMLAuthToken'] !== $sessionData->authToken) {
if ($_COOKIE['SimpleSAMLAuthToken'] !== $session->authToken) {
SimpleSAML_Logger::warning('Invalid AuthToken cookie.');
return NULL;
}
}
return $sessionData;
return $session;
}
......@@ -833,10 +825,9 @@ class SimpleSAML_Session {
}
$this->dirty = FALSE;
$sessionData = serialize($this);
$sh = SimpleSAML_SessionHandler::getSessionHandler();
$sh->set('SimpleSAMLphp_SESSION', $sessionData);
$sh->saveSession($this);
}
......
......@@ -55,31 +55,20 @@ abstract class SimpleSAML_SessionHandler {
abstract public function getSessionId();
/* This function is used to store data in this session object.
*
* Note: You are allowed to store a reference to an object in the
* session. We will store the latest value the object has on script
* termination.
/**
* Save the session.
*
* Parameters:
* $key The key we are going to set the value of. This key must
* be an alphanumeric string.
* $value The value the key should have.
* @param SimpleSAML_Session $session The session object we should save.
*/
abstract public function set($key, $value);
abstract public function saveSession(SimpleSAML_Session $session);
/* This function retrieves a value from this session object.
*
* Parameters:
* $key The key we are going to retrieve the value of. This key
* must be an alphanumeric string.
/**
* Load the session.
*
* Returns:
* The value of the key, or NULL if no value is associated with
* this key.
* @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
abstract public function get($key);
abstract public function loadSession();
/**
......
......@@ -47,24 +47,35 @@ extends SimpleSAML_SessionHandlerCookie {
}
/* This function is used to store data in this session object.
/**
* Save the current session to the PHP session array.
*
* See the information in SimpleSAML_SessionHandler::set(...) for
* more information.
* @param SimpleSAML_Session $session The session object we should save.
*/
public function set($key, $value) {
$this->store->set($key, $value);
public function saveSession(SimpleSAML_Session $session) {
$this->store->set('SimpleSAMLphp_SESSION', serialize($session));
}
/* This function retrieves a value from this session object.
/**
* Load the session from the PHP session array.
*
* See the information in SimpleSAML_SessionHandler::get(...) for
* more information.
* @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
public function get($key) {
return $this->store->get($key);
public function loadSession() {
$session = $this->store->get('SimpleSAMLphp_SESSION');
if ($session === NULL) {
return NULL;
}
assert('is_string($session)');
$session = unserialize($session);
assert('$session instanceof SimpleSAML_Session');
return $session;
}
}
?>
\ No newline at end of file
}
......@@ -75,34 +75,35 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler {
}
/* This function is used to store data in this session object.
/**
* Save the current session to the PHP session array.
*
* See the information in SimpleSAML_SessionHandler::set(...) for
* more information.
* @param SimpleSAML_Session $session The session object we should save.
*/
public function set($key, $value) {
$_SESSION[$key] = $value;
public function saveSession(SimpleSAML_Session $session) {
$_SESSION['SimpleSAMLphp_SESSION'] = serialize($session);
}
/* This function retrieves a value from this session object.
/**
* Load the session from the PHP session array.
*
* See the information in SimpleSAML_SessionHandler::get(...) for
* more information.
* @return SimpleSAML_Session|NULL The session object, or NULL if it doesn't exist.
*/
public function get($key) {
/* Check if key exists first to avoid notice-messages in the
* log.
*/
if (!isset($_SESSION)) return NULL;
if(!array_key_exists($key, $_SESSION)) {
/* We should return NULL if we don't have that
* key in the session.
*/
public function loadSession() {
if (!isset($_SESSION['SimpleSAMLphp_SESSION'])) {
return NULL;
}
return $_SESSION[$key];
$session = $_SESSION['SimpleSAMLphp_SESSION'];
assert('is_string($session)');
$session = unserialize($session);
assert('$session instanceof SimpleSAML_Session');
return $session;
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment