oxsession.php

Go to the documentation of this file.
00001 <?php
00002 
00003 DEFINE('_DB_SESSION_HANDLER', getShopBasePath() . 'core/adodblite/session/adodb-session.php');
00004 // Including database session managing class if needed.
00005 if (oxConfig::getInstance()->getConfigParam( 'blAdodbSessionHandler' ) ) {
00006     $oDB = oxDb::getDb();
00007     include_once _DB_SESSION_HANDLER;
00008 }
00009 
00015 class oxSession extends oxSuperCfg
00016 {
00022     protected $_sName = 'sid';
00023 
00029     protected $_sForcedPrefix = 'force_';
00030 
00035     protected  $_sId     = null;
00036 
00042     protected static $_blIsNewSession = false;
00043 
00047     protected static $_instance = null;
00048 
00053     protected static  $_oUser = null;
00054 
00061     protected $_blNewSession = false;
00062 
00068     protected $_blForceNewSession = false;
00069 
00075     protected $_sErrorMsg = null;
00076 
00082     protected $_oBasket = null;
00083 
00089     protected $_oBasketReservations = null;
00090 
00096     protected $_blStarted = false;
00097 
00106     protected $_aRequireSessionWithParams = array(
00107                        'cl' => array (
00108                             'register' => true,
00109                             'account'  => true,
00110                            ),
00111                        'fnc' => array (
00112                            'tobasket'         => true,
00113                            'login_noredirect' => true,
00114                            'tocomparelist'    => true,
00115                            ),
00116                        '_artperpage' => true,
00117                        'ldtype'      => true,
00118                        'listorderby' => true,
00119     );
00120 
00126     protected $_blSidNeeded = null;
00127 
00133     protected $_aPersistentParams = array("actshop", "lang", "currency", "language", "tpllanguage");
00134 
00140     public static function getInstance()
00141     {
00142         if ( defined('OXID_PHP_UNIT')) {
00143             if ( isset( modSession::$unitMOD) && is_object( modSession::$unitMOD)) {
00144                 return modSession::$unitMOD;
00145             }
00146         }
00147         if (!isset(self::$_instance)) {
00148             self::$_instance  = oxNew( 'oxsession' );
00149         }
00150         return self::$_instance;
00151     }
00152 
00158     public function getId()
00159     {
00160         return $this->_sId;
00161     }
00162 
00170     public function setId($sVal)
00171     {
00172         $this->_sId = $sVal;
00173     }
00174 
00182     public function setName($sVal)
00183     {
00184         $this->_sName = $sVal;
00185     }
00186 
00192     public function getForcedName()
00193     {
00194         return $this->_sForcedPrefix . $this->getName();
00195     }
00196 
00202     public function getName()
00203     {
00204         return $this->_sName;
00205     }
00206 
00212     public function start()
00213     {
00214         $myConfig = $this->getConfig();
00215         $sid = null;
00216 
00217         if ( $this->isAdmin() ) {
00218             $this->setName("admin_sid");
00219         } else {
00220             $this->setName("sid");
00221         }
00222 
00223         $sForceSidParam = oxConfig::getParameter($this->getForcedName());
00224         $sSidParam = oxConfig::getParameter($this->getName());
00225 
00226         //forcing sid for SSL<->nonSSL transitions
00227         if ($sForceSidParam) {
00228             $sid = $sForceSidParam;
00229         } elseif ($this->_getSessionUseCookies() && $this->_getCookieSid()) {
00230             $sid = $this->_getCookieSid();
00231         } elseif ($sSidParam) {
00232             $sid = $sSidParam;
00233         }
00234 
00235         //starting session if only we can
00236         if ( $this->_allowSessionStart() ) {
00237 
00238             //creating new sid
00239             if ( !$sid ) {
00240                 self::$_blIsNewSession = true;
00241                 $this->initNewSession();
00242             } else {
00243                 self::$_blIsNewSession = false;
00244                 $this->_setSessionId( $sid );
00245                 $this->_sessionStart();
00246             }
00247 
00248             //special handling for new ZP cluster session, as in that case session_start() regenerates id
00249             if ( $this->_sId != session_id() ) {
00250                 $this->_setSessionId( session_id() );
00251             }
00252 
00253             //checking for swapped client
00254             $blSwapped = $this->_isSwappedClient();
00255             if ( !self::$_blIsNewSession && $blSwapped ) {
00256                 $this->initNewSession();
00257 
00258                 // passing notification about session problems
00259                 if ( $this->_sErrorMsg && $myConfig->getConfigParam( 'iDebug' ) ) {
00260                     oxUtilsView::getInstance()->addErrorToDisplay( oxNew( "oxException", $this->_sErrorMsg ) );
00261                 }
00262             } elseif ( !$blSwapped ) {
00263                 // transferring cookies between hosts
00264                 oxUtilsServer::getInstance()->loadSessionCookies();
00265             }
00266         }
00267     }
00268 
00274     public function getRequestChallengeToken()
00275     {
00276         return preg_replace('/[^a-z0-9]/i', '', oxConfig::getParameter('stoken'));
00277     }
00278 
00284     public function getSessionChallengeToken()
00285     {
00286         $sRet = preg_replace('/[^a-z0-9]/i', '', self::getVar('sess_stoken'));
00287         if (!$sRet) {
00288             $this->_initNewSessionChallenge();
00289             $sRet = self::getVar('sess_stoken');
00290         }
00291         return $sRet;
00292     }
00293 
00300     public function checkSessionChallenge()
00301     {
00302         $sToken = $this->getSessionChallengeToken();
00303         return $sToken && ($sToken == $this->getRequestChallengeToken());
00304     }
00305 
00311     protected function _initNewSessionChallenge()
00312     {
00313         self::setVar('sess_stoken', sprintf('%X', crc32(oxUtilsObject::getInstance()->generateUID())));
00314     }
00315 
00321     protected function _sessionStart()
00322     {
00323         //enforcing no caching when session is started
00324         session_cache_limiter( 'nocache' );
00325 
00326         //cache limiter workaround for AOL browsers
00327         //as suggested at http://ilia.ws/archives/59-AOL-Browser-Woes.html
00328         if ( isset( $_SERVER['HTTP_USER_AGENT'] ) &&
00329              strpos( $_SERVER['HTTP_USER_AGENT'], 'AOL' ) !== false ) {
00330 
00331             session_cache_limiter(false);
00332             header("Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");
00333         }
00334 
00335         $this->_blStarted = @session_start();
00336         if ( !$this->getSessionChallengeToken() ) {
00337             $this->_initNewSessionChallenge();
00338         }
00339 
00340         return $this->_blStarted;
00341     }
00342 
00348     public function initNewSession()
00349     {
00350         // starting session only if it was not started yet
00351         if ( self::$_blIsNewSession ) {
00352             $this->_sessionStart();
00353         }
00354 
00355         //saving persistent params if old session exists
00356         $aPersistent = array();
00357         foreach ( $this->_aPersistentParams as $sParam ) {
00358             if ( ( $sValue = self::getVar( $sParam ) ) ) {
00359                 $aPersistent[$sParam] = $sValue;
00360             }
00361         }
00362 
00363         $this->_setSessionId( $this->_getNewSessionId() );
00364 
00365         //restoring persistent params to session
00366         foreach ( $aPersistent as $sKey => $sParam ) {
00367             self::setVar( $sKey, $aPersistent[$sKey] );
00368         }
00369 
00370         $this->_initNewSessionChallenge();
00371 
00372         // (re)setting actual user agent when initiating new session
00373         self::setVar( "sessionagent", oxUtilsServer::getInstance()->getServerVar( 'HTTP_USER_AGENT' ) );
00374     }
00375 
00381     public function regenerateSessionId()
00382     {
00383         // starting session only if it was not started yet
00384         if ( self::$_blIsNewSession ) {
00385             $this->_sessionStart();
00386 
00387             // (re)setting actual user agent when initiating new session
00388             self::setVar( "sessionagent", oxUtilsServer::getInstance()->getServerVar( 'HTTP_USER_AGENT' ) );
00389         }
00390 
00391         $this->_setSessionId( $this->_getNewSessionId( false ) );
00392         $this->_initNewSessionChallenge();
00393     }
00394 
00403     protected function _getNewSessionId( $blUnset = true )
00404     {
00405         $sOldId = session_id();
00406         session_regenerate_id( ! oxConfig::getInstance()->getConfigParam( 'blAdodbSessionHandler' ) );
00407         $sNewId = session_id();
00408 
00409         if ( $blUnset ) {
00410             session_unset();
00411         }
00412 
00413         if ( oxConfig::getInstance()->getConfigParam( 'blAdodbSessionHandler' ) ) {
00414             $oDB = oxDb::getDb();
00415             $oDB->execute("UPDATE oxsessions SET SessionID = ".$oDB->quote( $sNewId )." WHERE SessionID = ".$oDB->quote( $sOldId ) );
00416         }
00417 
00418         return session_id();
00419     }
00420 
00426     public function freeze()
00427     {
00428         // storing basket ..
00429         self::setVar( $this->_getBasketName(), serialize( $this->getBasket() ) );
00430 
00431         session_write_close();
00432     }
00433 
00439     public function destroy()
00440     {
00441         //session_unset();
00442         unset($_SESSION);
00443         session_destroy();
00444     }
00445 
00453     public static function hasVar( $name )
00454     {
00455         if ( defined( 'OXID_PHP_UNIT' ) ) {
00456             if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00457                 try{
00458                     $sVal = modSession::getInstance()->getVar( $name );
00459                     return isset( $sVal );
00460                 } catch( Exception $e ) {
00461                     // if exception is thrown, use default
00462                 }
00463             }
00464         }
00465 
00466         return isset($_SESSION[$name]);
00467     }
00468 
00477     public static function setVar( $name, $value)
00478     {
00479         if ( defined( 'OXID_PHP_UNIT' ) ) {
00480             if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00481                 try{
00482                     return modSession::getInstance()->setVar(  $name, $value );
00483                 } catch( Exception $e ) {
00484                     // if exception is thrown, use default
00485                 }
00486             }
00487         }
00488 
00489         $_SESSION[$name] = $value;
00490         //logger( "set sessionvar : $name -> $value");
00491     }
00492 
00500     public static function getVar( $name )
00501     {
00502         if ( defined( 'OXID_PHP_UNIT' ) ) {
00503             if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00504                 try{
00505                     return modSession::getInstance()->getVar( $name );
00506                 } catch( Exception $e ) {
00507                     // if exception is thrown, use default
00508                 }
00509             }
00510         }
00511 
00512         if ( isset( $_SESSION[$name] )) {
00513             return $_SESSION[$name];
00514         } else {
00515             return null;
00516         }
00517     }
00518 
00526     public static function deleteVar( $name )
00527     {
00528         if ( defined( 'OXID_PHP_UNIT' ) ) {
00529             if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00530                 try{
00531                     return modSession::getInstance()->setVar( $name, null );
00532                 } catch( Exception $e ) {
00533                     // if exception is thrown, use default
00534                 }
00535             }
00536         }
00537 
00538         $_SESSION[$name] = null;
00539         //logger( "delete sessionvar : $name");
00540         unset($_SESSION[$name]);
00541     }
00542 
00552     public function sid( $blForceSid = false )
00553     {
00554         $myConfig     = $this->getConfig();
00555         $blUseCookies = $this->_getSessionUseCookies();
00556         $sRet         = '';
00557 
00558         $blDisableSid = oxUtils::getInstance()->isSearchEngine()
00559                         && is_array($myConfig->getConfigParam( 'aCacheViews' ) )
00560                         && !$this->isAdmin();
00561 
00562         //no cookie?
00563         if ( !$blDisableSid && $this->getId() && ($blForceSid || !$blUseCookies || !$this->_getCookieSid())) {
00564             $sRet = ( $blForceSid ? $this->getForcedName() : $this->getName() )."=".$this->getId();
00565         }
00566 
00567         if ($this->isAdmin()) {
00568             // admin mode always has to have token
00569             if ($sRet) {
00570                 $sRet .= '&amp;';
00571             }
00572             $sRet .= 'stoken='.$this->getSessionChallengeToken();
00573         }
00574 
00575         return $sRet;
00576     }
00577 
00583     public function hiddenSid()
00584     {
00585         $sToken = "<input type=\"hidden\" name=\"stoken\" value=\"".$this->getSessionChallengeToken(). "\">";
00586         $sSid   = "<input type=\"hidden\" name=\"".$this->getForcedName()."\" value=\"". $this->getId() . "\">";
00587         return $sToken.$sSid;
00588     }
00589 
00595     public function getBasket()
00596     {
00597         if ( $this->_oBasket === null ) {
00598             $sBasket = self::getVar( $this->_getBasketName() );
00599 
00600             //init oxbasketitem class first
00601             //#1746
00602             oxNew('oxbasketitem');
00603 
00604             $oBasket = ( $sBasket && ( $oBasket = unserialize( $sBasket ) ) ) ? $oBasket : oxNew( 'oxbasket' );
00605             $this->_validateBasket($oBasket);
00606             $this->setBasket( $oBasket );
00607         }
00608 
00609         return $this->_oBasket;
00610     }
00611 
00619     protected function _validateBasket(oxBasket $oBasket)
00620     {
00621         $aCurrContent = $oBasket->getContents();
00622         if (empty($aCurrContent)) {
00623             return;
00624         }
00625 
00626         $iCurrLang = oxLang::getInstance()->getBaseLanguage();
00627         foreach ($aCurrContent as $oContent) {
00628             if ($oContent->getLanguageId() != $iCurrLang) {
00629                 $oContent->setLanguageId($iCurrLang);
00630             }
00631         }
00632     }
00633 
00641     public function setBasket( $oBasket )
00642     {
00643         // sets basket session object
00644         $this->_oBasket = $oBasket;
00645     }
00646 
00652     public function delBasket()
00653     {
00654         $this->setBasket( null );
00655         self::deleteVar( $this->_getBasketName());
00656     }
00657 
00663     public function isNewSession()
00664     {
00665         return self::$_blIsNewSession;
00666     }
00667 
00674     public function setForceNewSession()
00675     {
00676         $this->_blForceNewSession = true;
00677     }
00678 
00686     public function isSidNeeded( $sUrl = null )
00687     {
00688         if ( $this->_getSessionUseCookies() && $this->_getCookieSid() ) {
00689             // switching from ssl to non ssl or vice versa?
00690             if ( ( strpos( $sUrl, "https:" ) === 0 && !$this->getConfig()->isSsl() ) ||
00691                  ( strpos( $sUrl, "http:" ) === 0 && $this->getConfig()->isSsl() ) ) {
00692                 return true;
00693             }
00694         }
00695 
00696         if ( $sUrl && !$this->getConfig()->isCurrentUrl( $sUrl ) ) {
00697             return true;
00698         } elseif ( $this->_blSidNeeded === null ) {
00699             // setting initial state
00700             $this->_blSidNeeded = false;
00701 
00702             // no SIDs for seach engines
00703             if ( !oxUtils::getInstance()->isSearchEngine() ) {
00704                 // cookie found - SID is not needed
00705                 if ( oxUtilsServer::getInstance()->getOxCookie( $this->getName() ) ) {
00706                     $this->_blSidNeeded = false;
00707                 } elseif ( $this->_forceSessionStart() ) {
00708                     $this->_blSidNeeded = true;
00709                 } else {
00710                     // no cookie, so must check session
00711                     if ( $blSidNeeded = self::getVar( 'blSidNeeded' ) ) {
00712                         $this->_blSidNeeded = true;
00713                     } elseif ( $this->_isSessionRequiredAction() ) {
00714                         $this->_blSidNeeded = true;
00715 
00716                         // storing to session, performance..
00717                         self::setVar( 'blSidNeeded', $this->_blSidNeeded  );
00718                     }
00719                 }
00720             }
00721         }
00722 
00723         return $this->_blSidNeeded;
00724     }
00725 
00737     public function processUrl( $sUrl )
00738     {
00739         $sSid = $this->sid( $this->isSidNeeded( $sUrl ) );
00740         if ($sSid) {
00741             $oStr = getStr();
00742             $aUrlParts = explode( '#', $sUrl );
00743             if ( !$oStr->preg_match('/(\?|&(amp;)?)sid=/i', $aUrlParts[0]) && (false === $oStr->strpos($aUrlParts[0], $sSid))) {
00744                 if (!$oStr->preg_match('/(\?|&(amp;)?)$/', $sUrl)) {
00745                     $aUrlParts[0] .= ( $oStr->strstr( $aUrlParts[0], '?' ) !== false ?  '&amp;' : '?' );
00746                 }
00747                 $aUrlParts[0] .= $sSid . '&amp;';
00748             }
00749             $sUrl = join( '#', $aUrlParts );
00750         }
00751         return $sUrl;
00752     }
00753 
00763     public function getRemoteAccessToken($blGenerateNew = true)
00764     {
00765         $sToken = $this->getVar('_rtoken');
00766         if (!$sToken && $blGenerateNew) {
00767             $sToken = md5(rand() . $this->getId());
00768             $sToken = substr($sToken, 0, 8);
00769             self::setVar('_rtoken', $sToken);
00770         }
00771 
00772         return $sToken;
00773     }
00774 
00781     protected function _forceSessionStart()
00782     {
00783         return ( !oxUtils::getInstance()->isSearchEngine() ) && ( (( bool ) $this->getConfig()->getConfigParam( 'blForceSessionStart' )) || oxConfig::getParameter( "su" ) || $this->_blForceNewSession );
00784     }
00785 
00791     protected function _allowSessionStart()
00792     {
00793         $blAllowSessionStart = true;
00794         $myConfig = oxConfig::getInstance();
00795 
00796         // special handling only in non-admin mode
00797         if ( !$this->isAdmin() ) {
00798             if ( oxUtils::getInstance()->isSearchEngine() || oxConfig::getParameter( 'skipSession' ) ) {
00799                 $blAllowSessionStart = false;
00800             } elseif (oxUtilsServer::getInstance()->getOxCookie( 'oxid_'.$myConfig->getShopId().'_autologin' ) === '1') {
00801                 $blAllowSessionStart = true;
00802             } elseif ( !$this->_forceSessionStart() && !oxUtilsServer::getInstance()->getOxCookie( 'sid_key' ) ) {
00803 
00804                 // session is not needed to start when it is not necessary:
00805                 // - no sid in request and also user executes no session connected action
00806                 // - no cookie set and user executes no session connected action
00807                 if ( !oxUtilsServer::getInstance()->getOxCookie( $this->getName() ) &&
00808                      !( oxConfig::getParameter( $this->getName() ) || oxConfig::getParameter( $this->getForcedName() ) ) &&
00809                      !$this->_isSessionRequiredAction() ) {
00810                     $blAllowSessionStart = false;
00811                 }
00812             }
00813         }
00814 
00815         return $blAllowSessionStart;
00816     }
00817 
00825     protected function _isSwappedClient()
00826     {
00827         $blSwapped = false;
00828         $myUtilsServer = oxUtilsServer::getInstance();
00829 
00830         // check only for non search engines
00831         if ( !oxUtils::getInstance()->isSearchEngine() && !$myUtilsServer->isTrustedClientIp() && !$this->_isValidRemoteAccessToken()) {
00832 
00833             $myConfig = $this->getConfig();
00834 
00835             // checking if session user agent matches actual
00836             $blSwapped = $this->_checkUserAgent( $myUtilsServer->getServerVar( 'HTTP_USER_AGENT' ), self::getVar( 'sessionagent' ) );
00837             if ( !$blSwapped ) {
00838                 if ( $myConfig->getConfigParam( 'blAdodbSessionHandler' ) ) {
00839                     $blSwapped = $this->_checkSid();
00840                 }
00841 
00842                 if ( !$blSwapped ) {
00843                     $blDisableCookieCheck = $myConfig->getConfigParam( 'blDisableCookieCheck' );
00844                     $blUseCookies         = $this->_getSessionUseCookies();
00845                     if ( !$blDisableCookieCheck && $blUseCookies ) {
00846                         $blSwapped = $this->_checkCookies( $myUtilsServer->getOxCookie( 'sid_key' ), self::getVar( "sessioncookieisset" ) );
00847                     }
00848                 }
00849             }
00850         }
00851 
00852         return $blSwapped;
00853     }
00854 
00863     protected function _checkUserAgent( $sAgent, $sExistingAgent )
00864     {
00865         $blCheck = false;
00866 
00867         // processing
00868         $oUtils = oxUtilsServer::getInstance();
00869         $sAgent = $oUtils->processUserAgentInfo( $sAgent );
00870         $sExistingAgent = $oUtils->processUserAgentInfo( $sExistingAgent );
00871 
00872         if ( $sAgent && $sAgent !== $sExistingAgent ) {
00873             if ( $sExistingAgent ) {
00874                 $this->_sErrorMsg = "Different browser ({$sExistingAgent}, {$sAgent}), creating new SID...<br>";
00875             }
00876             $blCheck = true;
00877         }
00878 
00879         return $blCheck;
00880     }
00881 
00887     protected function _checkSid()
00888     {
00889         $oDb = oxDb::getDb();
00890         //matze changed sesskey to SessionID because structure of oxsession changed!!
00891         $sSID = $oDb->GetOne("select SessionID from oxsessions where SessionID = ".$oDb->quote( $this->getId() ));
00892 
00893         //2007-05-14
00894         //we check _blNewSession as well as this may be actually new session not written to db yet
00895         if ( !$this->_blNewSession && (!isset( $sSID) || !$sSID)) {
00896             // this means, that this session has expired in the past and someone uses this sid to reactivate it
00897             $this->_sErrorMsg = "Session has expired in the past and someone uses this sid to reactivate it, creating new SID...<br>";
00898             return true;
00899         }
00900         return false;
00901     }
00902 
00912     protected function _checkCookies( $sCookieSid, $aSessCookieSetOnce )
00913     {
00914         $blSwapped = false;
00915         $myConfig  = $this->getConfig();
00916         $sCurrUrl  = $myConfig->isSsl() ? $myConfig->getSslShopUrl() : $myConfig->getShopUrl();
00917 
00918         $blSessCookieSetOnce = false;
00919         if ( isset( $aSessCookieSetOnce[$sCurrUrl] ) ) {
00920             $blSessCookieSetOnce = $aSessCookieSetOnce[$sCurrUrl];
00921         }
00922 
00923         //if cookie was there once but now is gone it means we have to reset
00924         if ( $blSessCookieSetOnce && !$sCookieSid ) {
00925             if ( $myConfig->getConfigParam( 'iDebug' ) ) {
00926                 $this->_sErrorMsg  = "Cookie not found, creating new SID...<br>";
00927                 $this->_sErrorMsg .= "Cookie: $sCookieSid<br>";
00928                 $this->_sErrorMsg .= "Session: $blSessCookieSetOnce<br>";
00929                 $this->_sErrorMsg .= "URL: ".$sCurrUrl."<br>";
00930             }
00931             $blSwapped = true;
00932         }
00933 
00934         //if we detect the cookie then set session var for possible later use
00935         if ( $sCookieSid == "oxid" && !$blSessCookieSetOnce ) {
00936             $aSessCookieSetOnce[$sCurrUrl] = "ox_true";
00937             self::setVar( "sessioncookieisset", $aSessCookieSetOnce );
00938         }
00939 
00940         //if we have no cookie then try to set it
00941         if ( !$sCookieSid ) {
00942             oxUtilsServer::getInstance()->setOxCookie( 'sid_key', 'oxid' );
00943         }
00944         return $blSwapped;
00945     }
00946 
00954     protected function _setSessionId($sSessId)
00955     {
00956         //marking this session as new one, as it might be not writen to db yet
00957         if ( $sSessId && session_id() != $sSessId ) {
00958             $this->_blNewSession = true;
00959         }
00960 
00961         session_id( $sSessId );
00962 
00963         $this->setId( $sSessId );
00964 
00965         $blUseCookies = $this->_getSessionUseCookies();
00966 
00967         if ( !$this->_allowSessionStart() ) {
00968             if ( $blUseCookies ) {
00969                 oxUtilsServer::getInstance()->setOxCookie( $this->getName(), null );
00970             }
00971             return;
00972         }
00973 
00974         if ( $blUseCookies ) {
00975             //setting session cookie
00976             oxUtilsServer::getInstance()->setOxCookie( $this->getName(), $sSessId );
00977         }
00978     }
00979 
00985     protected function _getBasketName()
00986     {
00987         $myConfig = $this->getConfig();
00988         if ( $myConfig->getConfigParam( 'blMallSharedBasket' ) == 0 ) {
00989             return $myConfig->getShopId()."_basket";
00990         }
00991         return "basket";
00992     }
00993 
00999     protected function _getCookieSid()
01000     {
01001         return oxUtilsServer::getInstance()->getOxCookie($this->getName());
01002     }
01003 
01010     protected function _getRequireSessionWithParams()
01011     {
01012         $aCfgArray = $this->getConfig()->getConfigParam('aRequireSessionWithParams');
01013         if (is_array($aCfgArray)) {
01014             $aDefault = $this->_aRequireSessionWithParams;
01015             foreach ($aCfgArray as $key => $val) {
01016                 if (!is_array($val) && $val) {
01017                     unset($aDefault[$key]);
01018                 }
01019             }
01020             return array_merge_recursive($aCfgArray, $aDefault);
01021         }
01022         return $this->_aRequireSessionWithParams;
01023     }
01024 
01030     protected function _isSessionRequiredAction()
01031     {
01032         foreach ($this->_getRequireSessionWithParams() as $sParam => $aValues) {
01033             $sValue = oxConfig::getParameter( $sParam );
01034             if (isset($sValue)) {
01035                 if (is_array($aValues)) {
01036                     if (isset($aValues[$sValue]) && $aValues[$sValue]) {
01037                         return true;
01038                     }
01039                 } elseif ($aValues) {
01040                     return true;
01041                 }
01042             }
01043         }
01044 
01045         return ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] == 'POST');
01046     }
01047 
01053     protected function _getSessionUseCookies()
01054     {
01055         return $this->isAdmin() || $this->getConfig()->getConfigParam( 'blSessionUseCookies');
01056     }
01057 
01063     protected function _isValidRemoteAccessToken()
01064     {
01065         $sInputToken = oxConfig::getParameter('rtoken');
01066         $sToken = $this->getRemoteAccessToken(false);
01067         $blTokenEqual = !(bool)strcmp($sInputToken, $sToken);
01068         $blValid = $sInputToken && $blTokenEqual;
01069 
01070         return $blValid;
01071     }
01072 
01078     public function getBasketReservations()
01079     {
01080         if (!$this->_oBasketReservations) {
01081             $this->_oBasketReservations = oxNew('oxBasketReservation');
01082         }
01083         return $this->_oBasketReservations;
01084     }
01085 
01091     public function isHeaderSent()
01092     {
01093         return headers_sent();
01094     }
01095 
01101     public function isSessionStarted()
01102     {
01103         return $this->_blStarted;
01104     }
01105 }
Generated by  doxygen 1.7.1