3 DEFINE(
'_DB_SESSION_HANDLER', getShopBasePath() .
'core/adodblite/session/adodb-session.php');
106 'login_noredirect' =>
true,
107 'tocomparelist' =>
true,
109 '_artperpage' =>
true,
111 'listorderby' =>
true,
155 $this->_sName = $sVal;
165 return $this->_sForcedPrefix . $this->
getName();
196 if ($sForceSidParam) {
197 $sid = $sForceSidParam;
200 } elseif ($sSidParam) {
209 self::$_blIsNewSession =
true;
212 self::$_blIsNewSession =
false;
218 if ($this->_sId != session_id()) {
224 if (!self::$_blIsNewSession && $blSwapped) {
228 if ($this->_sErrorMsg &&
$myConfig->getConfigParam(
'iDebug')) {
231 } elseif (!$blSwapped) {
245 return preg_replace(
'/[^a-z0-9]/i',
'', $this->
getConfig()->getRequestParameter(
'stoken'));
255 $sRet = preg_replace(
'/[^a-z0-9]/i',
'', $this->
getVariable(
'sess_stoken'));
292 $blSetNoCache =
true;
295 session_cache_limiter(
'nocache');
299 if (isset($_SERVER[
'HTTP_USER_AGENT']) &&
300 strpos($_SERVER[
'HTTP_USER_AGENT'],
'AOL') !==
false
303 session_cache_limiter(
false);
304 header(
"Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");
311 include_once _DB_SESSION_HANDLER;
314 $this->_blStarted = @session_start();
328 if (self::$_blIsNewSession) {
333 $aPersistent = array();
334 foreach ($this->_aPersistentParams as $sParam) {
336 $aPersistent[$sParam] = $sValue;
343 foreach ($aPersistent as $sKey => $sParam) {
359 if (self::$_blIsNewSession) {
380 $sOldId = session_id();
382 $sNewId = session_id();
390 $oDB->execute(
"UPDATE oxsessions SET SessionID = " . $oDB->quote($sNewId) .
" WHERE SessionID = " . $oDB->quote($sOldId));
404 session_write_close();
426 if (defined(
'OXID_PHP_UNIT')) {
427 if (isset(modSession::$unitMOD) && is_object(modSession::$unitMOD)) {
429 $sVal = modSession::getInstance()->getVar($name);
438 return isset($_SESSION[$name]);
451 if (defined(
'OXID_PHP_UNIT')) {
452 if (isset(modSession::$unitMOD) && is_object(modSession::$unitMOD)) {
454 return modSession::getInstance()->setVar($name, $value);
461 $_SESSION[$name] = $value;
474 if (defined(
'OXID_PHP_UNIT')) {
475 if (isset(modSession::$unitMOD) && is_object(modSession::$unitMOD)) {
477 return modSession::getInstance()->getVar($name);
484 if (isset($_SESSION[$name])) {
485 return $_SESSION[$name];
500 if (defined(
'OXID_PHP_UNIT')) {
501 if (isset(modSession::$unitMOD) && is_object(modSession::$unitMOD)) {
503 return modSession::getInstance()->setVar($name, null);
510 $_SESSION[$name] = null;
512 unset($_SESSION[$name]);
524 public function sid($blForceSid =
false)
531 && is_array(
$myConfig->getConfigParam(
'aCacheViews'))
535 if (!$blDisableSid && $this->
getId() && ($blForceSid || !$blUseCookies || !$this->
_getCookieSid())) {
557 $sSid = $sToken =
'';
559 $sSid =
"<input type=\"hidden\" name=\"" . $this->
getForcedName() .
"\" value=\"" . $this->
getId() .
"\" />";
561 if ($this->
getId()) {
565 return $sToken . $sSid;
575 if ($this->_oBasket === null) {
580 oxNew(
'oxbasketitem');
583 $oEmptyBasket =
oxNew(
'oxbasket');
585 $oBasket = ($sBasket && ($oBasket = unserialize($sBasket))) ? $oBasket : null;
587 if (!$oBasket || (get_class($oBasket) !== get_class($oEmptyBasket))) {
588 $oBasket = $oEmptyBasket;
608 if (empty($aCurrContent)) {
613 foreach ($aCurrContent as $oContent) {
614 if ($oContent->getLanguageId() != $iCurrLang) {
615 $oContent->setLanguageId($iCurrLang);
628 $this->_oBasket = $oBasket;
656 $this->_blForceNewSession =
true;
679 if ($sUrl && !$oConfig->isCurrentUrl($sUrl)) {
681 } elseif ($this->_blSidNeeded === null) {
683 $this->_blSidNeeded =
false;
689 $this->_blSidNeeded =
false;
691 $this->_blSidNeeded =
true;
694 if ($blSidNeeded = $this->
getVariable(
'blSidNeeded')) {
695 $this->_blSidNeeded =
true;
698 if (!count($_COOKIE)) {
699 $this->_blSidNeeded =
true;
702 $this->
setVariable(
'blSidNeeded', $this->_blSidNeeded);
721 $blReturn = (isset($_COOKIE[$this->
getName()]) && ($_COOKIE[$this->
getName()] == $this->
getId()));
742 $sSid = $this->
sid($blSid);
747 $aUrlParts = explode(
'#', $sUrl);
748 if (!$oStr->preg_match(
'/(\?|&(amp;)?)sid=/i', $aUrlParts[0]) && (
false === $oStr->strpos($aUrlParts[0], $sSid))) {
749 if (!$oStr->preg_match(
'/(\?|&(amp;)?)$/', $sUrl)) {
750 $aUrlParts[0] .= ($oStr->strstr($aUrlParts[0],
'?') !==
false ?
'&' :
'?');
752 $aUrlParts[0] .= $sSid .
'&';
754 $sUrl = join(
'#', $aUrlParts);
773 if (!$sToken && $blGenerateNew) {
774 $sToken = md5(rand() . $this->
getId());
775 $sToken = substr($sToken, 0, 8);
800 $blAllowSessionStart =
true;
806 $blAllowSessionStart =
false;
808 $blAllowSessionStart =
true;
815 !(
$myConfig->getRequestParameter($this->getName()) ||
$myConfig->getRequestParameter($this->getForcedName())) &&
818 $blAllowSessionStart =
false;
823 return $blAllowSessionStart;
846 if (
$myConfig->getConfigParam(
'blAdodbSessionHandler')) {
851 $blDisableCookieCheck =
$myConfig->getConfigParam(
'blDisableCookieCheck');
853 if (!$blDisableCookieCheck && $blUseCookies) {
854 $blSwapped = $this->
_checkCookies($myUtilsServer->getOxCookie(
'sid_key'), $this->
getVariable(
"sessioncookieisset"));
877 $sAgent = $oUtils->processUserAgentInfo($sAgent);
878 $sExistingAgent = $oUtils->processUserAgentInfo($sExistingAgent);
880 if ($sAgent && $sAgent !== $sExistingAgent) {
881 if ($sExistingAgent) {
882 $this->_sErrorMsg =
"Different browser ({$sExistingAgent}, {$sAgent}), creating new SID...<br>";
899 $sSID = $oDb->getOne(
"select SessionID from oxsessions where SessionID = " . $oDb->quote($this->getId()));
903 if (!$this->_blNewSession && (!isset($sSID) || !$sSID)) {
905 $this->_sErrorMsg =
"Session has expired in the past and someone uses this sid to reactivate it, creating new SID...<br>";
928 $blSessCookieSetOnce =
false;
929 if (is_array($aSessCookieSetOnce) && isset($aSessCookieSetOnce[$sCurrUrl])) {
930 $blSessCookieSetOnce = $aSessCookieSetOnce[$sCurrUrl];
934 if ($blSessCookieSetOnce && !$sCookieSid) {
935 if (
$myConfig->getConfigParam(
'iDebug')) {
936 $this->_sErrorMsg =
"Cookie not found, creating new SID...<br>";
937 $this->_sErrorMsg .=
"Cookie: $sCookieSid<br>";
938 $this->_sErrorMsg .=
"Session: $blSessCookieSetOnce<br>";
939 $this->_sErrorMsg .=
"URL: " . $sCurrUrl .
"<br>";
945 if ($sCookieSid ==
"oxid" && !$blSessCookieSetOnce) {
946 if (!is_array($aSessCookieSetOnce)) {
947 $aSessCookieSetOnce = array();
950 $aSessCookieSetOnce[$sCurrUrl] =
"ox_true";
951 $this->
setVariable(
"sessioncookieisset", $aSessCookieSetOnce);
972 if ($sSessId && session_id() != $sSessId) {
973 $this->_blNewSession =
true;
976 session_id($sSessId);
978 $this->
setId($sSessId);
1004 if (
$myConfig->getConfigParam(
'blMallSharedBasket') == 0) {
1005 return $myConfig->getShopId() .
"_basket";
1029 $aCfgArray = $this->
getConfig()->getConfigParam(
'aRequireSessionWithParams');
1030 if (is_array($aCfgArray)) {
1032 foreach ($aCfgArray as $key => $val) {
1033 if (!is_array($val) && $val) {
1034 unset($aDefault[$key]);
1038 return array_merge_recursive($aCfgArray, $aDefault);
1052 $sValue = $this->
getConfig()->getRequestParameter($sParam);
1053 if (isset($sValue)) {
1054 if (is_array($aValues)) {
1055 if (isset($aValues[$sValue]) && $aValues[$sValue]) {
1058 } elseif ($aValues) {
1064 return (isset($_SERVER[
'REQUEST_METHOD']) && $_SERVER[
'REQUEST_METHOD'] ==
'POST');
1074 return $this->
isAdmin() || $this->
getConfig()->getConfigParam(
'blSessionUseCookies');
1084 $sInputToken = $this->
getConfig()->getRequestParameter(
'rtoken');
1086 $blTokenEqual = !(bool) strcmp($sInputToken, $sToken);
1087 $blValid = $sInputToken && $blTokenEqual;
1099 if (!$this->_oBasketReservations) {
1100 $this->_oBasketReservations =
oxNew(
'oxBasketReservation');
1113 return headers_sent();