Inheritance diagram for OxidEsales\EshopCommunity\Core\Session:

Collaboration diagram for OxidEsales\EshopCommunity\Core\Session:

Public Member Functions
	getId ()

	setId ($sVal)

	setName ($sVal)

	getForcedName ()

	getName ()

	start ()

	getRequestChallengeToken ()

	getSessionChallengeToken ()

	checkSessionChallenge ()

	initNewSession ()

	regenerateSessionId ()

	freeze ()

	destroy ()

	hasVariable ($name)

	setVariable ($name, $value)

	getVariable ($name)

	deleteVariable ($name)

	sid ($blForceSid=false)

	hiddenSid ()

	getBasket ()

	setBasket ($oBasket)

	delBasket ()

	isNewSession ()

	setForceNewSession ()

	isSidNeeded ($sUrl=null)

	isActualSidInCookie ()

	processUrl ($sUrl)

	getRemoteAccessToken ($blGenerateNew=true)

	getBasketReservations ()

	isHeaderSent ()

	isSessionStarted ()

Protected Member Functions
	getSidFromRequest ()

	_initNewSessionChallenge ()

	_sessionStart ()

	_getNewSessionId ($blUnset=true)

	isSerializedBasketValid ($serializedBasket)

	isClassInSerializedObject ($serializedObject, $className)

	isClassOrNullInSerializedObjectAfterField ($serializedObject, $fieldName, $className)

	isUnserializedBasketValid ($basket, $emptyBasket)

	_validateBasket (\OxidEsales\Eshop\Application\Model\Basket $oBasket)

	_forceSessionStart ()

	_allowSessionStart ()

	_isSwappedClient ()

	_checkUserAgent ($sAgent, $sExistingAgent)

	_checkCookies ($sCookieSid, $aSessCookieSetOnce)

	_setSessionId ($sSessId)

	_getBasketName ()

	_getCookieSid ()

	_getRequireSessionWithParams ()

	_isSessionRequiredAction ()

	_getSessionUseCookies ()

	_isValidRemoteAccessToken ()

	getShopUrlId ()

	needToSetHeaders ()

	sidToUrlEvent ()

Protected Attributes
	$_sName = 'sid'

	$_sForcedPrefix = 'force_'

	$_sId = null

	$_blNewSession = false

	$_blForceNewSession = false

	$_sErrorMsg = null

	$_oBasket = null

	$_oBasketReservations = null

	$_blStarted = false

	$_aRequireSessionWithParams

	$_blSidNeeded = null

	$_aPersistentParams = ["actshop", "lang", "currency", "language", "tpllanguage"]

Static Protected Attributes
static	$_blIsNewSession = false

static	$_oUser = null

Detailed Description

Session manager. Performs session managing function, such as variables deletion, initialisation and other session functions.

Member Function Documentation

◆ _allowSessionStart()

OxidEsales\EshopCommunity\Core\Session::_allowSessionStart ( )

protected

Checks if we can start new session. Returns bool success status

Returns: bool

◆ _checkCookies()

OxidEsales\EshopCommunity\Core\Session::_checkCookies	(	$sCookieSid,
		$aSessCookieSetOnce
	)

protected

Check for existing cookie. Cookie info is dropped from time to time.

Parameters

string	$sCookieSid	coockie sid
array	$aSessCookieSetOnce	if session cookie is set

Returns: bool

◆ _checkUserAgent()

OxidEsales\EshopCommunity\Core\Session::_checkUserAgent	(	$sAgent,
		$sExistingAgent
	)

protected

Checking user agent

Parameters

string	$sAgent	current user agent
string	$sExistingAgent	existing user agent

Returns: bool

◆ _forceSessionStart()

OxidEsales\EshopCommunity\Core\Session::_forceSessionStart ( )

protected

Returns true if its not search engine and config option blForceSessionStart = 1/true or _GET parameter "su" (suggested user id) is set.

Returns: bool

◆ _getBasketName()

OxidEsales\EshopCommunity\Core\Session::_getBasketName ( )

protected

Returns name of shopping basket.

Returns: string

◆ _getCookieSid()

OxidEsales\EshopCommunity\Core\Session::_getCookieSid ( )

protected

Returns cookie sid value

Returns: string

◆ _getNewSessionId()

OxidEsales\EshopCommunity\Core\Session::_getNewSessionId ( $blUnset = true )

protected

Update the current session id with a newly generated one, deletes the old associated session file, frees all session variables.

Parameters

bool $blUnset if true, calls session_unset [optional]

Returns: string

◆ _getRequireSessionWithParams()

OxidEsales\EshopCommunity\Core\Session::_getRequireSessionWithParams ( )

protected

returns configuration array with info which parameters require session start

Returns: array

◆ _getSessionUseCookies()

OxidEsales\EshopCommunity\Core\Session::_getSessionUseCookies ( )

protected

return cookies usage for sid possibilities

Returns: bool

◆ _initNewSessionChallenge()

OxidEsales\EshopCommunity\Core\Session::_initNewSessionChallenge ( )

protected

initialize new session challenge token

◆ _isSessionRequiredAction()

OxidEsales\EshopCommunity\Core\Session::_isSessionRequiredAction ( )

protected

Tests if current action requires session

Returns: bool

◆ _isSwappedClient()

OxidEsales\EshopCommunity\Core\Session::_isSwappedClient ( )

protected

Saves various visitor parameters and compares with current data. Returns true if any change is detected. Using this method we can detect different visitor with same session id.

Returns: bool

◆ _isValidRemoteAccessToken()

OxidEsales\EshopCommunity\Core\Session::_isValidRemoteAccessToken ( )

protected

Checks if token supplied over 'rtoken' parameter matches remote access session token.

Returns: bool

◆ _sessionStart()

OxidEsales\EshopCommunity\Core\Session::_sessionStart ( )

protected

Initialize session data (calls php::session_start())

Returns: null

◆ _setSessionId()

OxidEsales\EshopCommunity\Core\Session::_setSessionId ( $sSessId )

protected

Sests session id to $sSessId

Parameters

string $sSessId sesion ID

Returns: null

◆ _validateBasket()

OxidEsales\EshopCommunity\Core\Session::_validateBasket ( \OxidEsales\Eshop\Application\Model\Basket $oBasket )

protected

Validate loaded from session basket content. Check for language change.

Parameters

\OxidEsales\Eshop\Application\Model\Basket $oBasket Basket object loaded from session.

Returns: null

◆ checkSessionChallenge()

OxidEsales\EshopCommunity\Core\Session::checkSessionChallenge ( )

check for CSRF, returns true, if request (get/post) token matches session saved var false, if CSRF is possible

Returns: bool

◆ delBasket()

OxidEsales\EshopCommunity\Core\Session::delBasket ( )

Deletes basket session object.

◆ deleteVariable()

OxidEsales\EshopCommunity\Core\Session::deleteVariable ( $name )

Destroys a single element (passed to method) of an session array.

Parameters

string $name Name of parameter to destroy

◆ destroy()

OxidEsales\EshopCommunity\Core\Session::destroy ( )

Destroys all data registered to a session.

◆ freeze()

OxidEsales\EshopCommunity\Core\Session::freeze ( )

Ends the current session and store session data.

◆ getBasket()

OxidEsales\EshopCommunity\Core\Session::getBasket ( )

Returns basket session object.

Returns: \OxidEsales\Eshop\Application\Model\Basket

◆ getBasketReservations()

OxidEsales\EshopCommunity\Core\Session::getBasketReservations ( )

return basket reservations handler object

Returns: oxBasketReservation

◆ getForcedName()

OxidEsales\EshopCommunity\Core\Session::getForcedName ( )

Returns forced session id param name

Returns: string

◆ getId()

OxidEsales\EshopCommunity\Core\Session::getId ( )

Returns session ID

Returns: string

◆ getName()

OxidEsales\EshopCommunity\Core\Session::getName ( )

Returns session param name

Returns: string

◆ getRemoteAccessToken()

OxidEsales\EshopCommunity\Core\Session::getRemoteAccessToken ( $blGenerateNew = true )

Returns remote access key. With this key (called over "remotekey" URL parameter) and session id (sid parameter) you can access session from another client. The key is generated once per session after the first request.

Parameters

bool $blGenerateNew Should new token be generated

Returns: string

◆ getRequestChallengeToken()

OxidEsales\EshopCommunity\Core\Session::getRequestChallengeToken ( )

retrieve session challenge token from request

Returns: string

◆ getSessionChallengeToken()

OxidEsales\EshopCommunity\Core\Session::getSessionChallengeToken ( )

retrieve session challenge token from session

Returns: string

◆ getShopUrlId()

OxidEsales\EshopCommunity\Core\Session::getShopUrlId ( )

protected

Return Shop IR parameter for Url.

Returns: string

◆ getSidFromRequest()

OxidEsales\EshopCommunity\Core\Session::getSidFromRequest ( )

protected

retrieves the session id from the request if any

Returns: string|null

◆ getVariable()

OxidEsales\EshopCommunity\Core\Session::getVariable ( $name )

IF available returns value of parameter, stored in session array.

Parameters

string $name Name of parameter

Returns: mixed

◆ hasVariable()

OxidEsales\EshopCommunity\Core\Session::hasVariable ( $name )

Checks if variable is set in session. Returns true on success.

Parameters

string $name Name to check

Returns: bool

◆ hiddenSid()

OxidEsales\EshopCommunity\Core\Session::hiddenSid ( )

Forms input ("hidden" type) to pass session ID after submitting forms.

Returns: string

◆ initNewSession()

OxidEsales\EshopCommunity\Core\Session::initNewSession ( )

Assigns new session ID, clean existing data except persistent.

◆ isActualSidInCookie()

OxidEsales\EshopCommunity\Core\Session::isActualSidInCookie ( )

Checks if current session id is the same as in originally received cookie. This method is intended to indicate if new session cookie is to be sent as header from this script execution.

Returns: bool

◆ isClassInSerializedObject()

OxidEsales\EshopCommunity\Core\Session::isClassInSerializedObject	(	$serializedObject,
		$className
	)

protected

True if given class is found within serialized object.

Parameters

string	$serializedObject
string	$className

Returns: bool

◆ isClassOrNullInSerializedObjectAfterField()

OxidEsales\EshopCommunity\Core\Session::isClassOrNullInSerializedObjectAfterField	(	$serializedObject,
		$fieldName,
		$className
	)

protected

True if given class or null value is found after given field in serialized object.

Parameters

string	$serializedObject
string	$fieldName
string	$className

Returns: bool

◆ isHeaderSent()

OxidEsales\EshopCommunity\Core\Session::isHeaderSent ( )

Checks if headers were already outputed

Returns: bool

◆ isNewSession()

OxidEsales\EshopCommunity\Core\Session::isNewSession ( )

Indicates if setting of session id is executed in this script.

Returns: bool

◆ isSerializedBasketValid()

OxidEsales\EshopCommunity\Core\Session::isSerializedBasketValid ( $serializedBasket )

protected

True if given serialized object is constructed with compatible classes.

Parameters

string $serializedBasket

Returns: bool

◆ isSessionStarted()

OxidEsales\EshopCommunity\Core\Session::isSessionStarted ( )

Returns true if session was started

Returns: bool

◆ isSidNeeded()

OxidEsales\EshopCommunity\Core\Session::isSidNeeded ( $sUrl = null )

Checks if cookies are not available. Returns TRUE of sid needed

Parameters

string $sUrl if passed domain does not match current - returns true (optional)

Returns: bool

◆ isUnserializedBasketValid()

OxidEsales\EshopCommunity\Core\Session::isUnserializedBasketValid	(	$basket,
		$emptyBasket
	)

protected

True if both basket objects have been constructed from same class.

Shop cannot function properly if provided with different basket class.

Parameters

\OxidEsales\Eshop\Application\Model\Basket	$basket
\OxidEsales\Eshop\Application\Model\Basket	$emptyBasket

Returns: bool

◆ needToSetHeaders()

OxidEsales\EshopCommunity\Core\Session::needToSetHeaders ( )

protected

Decide if need to set session headers to browser.

Returns: bool

◆ processUrl()

OxidEsales\EshopCommunity\Core\Session::processUrl ( $sUrl )

Appends url with session ID, but only if \OxidEsales\Eshop\Core\Session::_isSidNeeded() returns true Direct usage of this method to retrieve end url result is discouraged - instead see \OxidEsales\Eshop\Core\UtilsUrl::processUrl

Parameters

string $sUrl url to append with sid

See also: \OxidEsales\Eshop\Core\UtilsUrl::processUrl

Returns: string

◆ regenerateSessionId()

OxidEsales\EshopCommunity\Core\Session::regenerateSessionId ( )

Regenerates session id

◆ setBasket()

OxidEsales\EshopCommunity\Core\Session::setBasket ( $oBasket )

Sets basket session object.

Parameters

object $oBasket basket object

◆ setForceNewSession()

OxidEsales\EshopCommunity\Core\Session::setForceNewSession ( )

Forces starting session and skips checking if session is allowed to start when calling \OxidEsales\Eshop\Core\Session::start();

◆ setId()

OxidEsales\EshopCommunity\Core\Session::setId ( $sVal )

Sets session id

Parameters

string $sVal id value

◆ setName()

OxidEsales\EshopCommunity\Core\Session::setName ( $sVal )

Sets session param name

Parameters

string $sVal name value

◆ setVariable()

OxidEsales\EshopCommunity\Core\Session::setVariable	(	$name,
		$value
	)

Sets parameter and its value to global session mixedvar array.

Parameters

string	$name	Name of parameter to store
mixed	$value	Value of parameter

◆ sid()

OxidEsales\EshopCommunity\Core\Session::sid ( $blForceSid = false )

Returns string prefix to URL with session ID parameter. In some cases (if client is robot, such as Google) adds parameter shp, to identify, witch shop is currently running.

Parameters

bool $blForceSid forces sid getter, ignores cookie check (optional)

Returns: string

◆ sidToUrlEvent()

OxidEsales\EshopCommunity\Core\Session::sidToUrlEvent ( )

protected

Place to hook when SID is added to URL.

◆ start()

OxidEsales\EshopCommunity\Core\Session::start ( )

Starts shop session, generates unique session ID, extracts user IP.

Member Data Documentation

◆ $_aPersistentParams

OxidEsales\EshopCommunity\Core\Session::$_aPersistentParams = ["actshop", "lang", "currency", "language", "tpllanguage"]

protected

◆ $_aRequireSessionWithParams

OxidEsales\EshopCommunity\Core\Session::$_aRequireSessionWithParams

protected

Initial value:

= [
        'cl'          => [
            'register' => true,
            'account'  => true,
        ],
        'fnc'         => [
            'tobasket'         => true,
            'login_noredirect' => true,
            'tocomparelist'    => true,
        ],
        '_artperpage' => true,
        'ldtype'      => true,
        'listorderby' => true,
    ]

◆ $_blForceNewSession

OxidEsales\EshopCommunity\Core\Session::$_blForceNewSession = false

protected

◆ $_blIsNewSession

OxidEsales\EshopCommunity\Core\Session::$_blIsNewSession = false

staticprotected

◆ $_blNewSession

OxidEsales\EshopCommunity\Core\Session::$_blNewSession = false

protected

◆ $_blSidNeeded

OxidEsales\EshopCommunity\Core\Session::$_blSidNeeded = null

protected

◆ $_blStarted

OxidEsales\EshopCommunity\Core\Session::$_blStarted = false

protected

◆ $_oBasket

OxidEsales\EshopCommunity\Core\Session::$_oBasket = null

protected

◆ $_oBasketReservations

OxidEsales\EshopCommunity\Core\Session::$_oBasketReservations = null

protected

◆ $_oUser

OxidEsales\EshopCommunity\Core\Session::$_oUser = null

staticprotected

◆ $_sErrorMsg

OxidEsales\EshopCommunity\Core\Session::$_sErrorMsg = null

protected

◆ $_sForcedPrefix

OxidEsales\EshopCommunity\Core\Session::$_sForcedPrefix = 'force_'

protected

◆ $_sId

OxidEsales\EshopCommunity\Core\Session::$_sId = null

protected

◆ $_sName

OxidEsales\EshopCommunity\Core\Session::$_sName = 'sid'

protected

The documentation for this class was generated from the following file:

/oxideshop-ce/source/Core/Session.php

Public Member Functions

Protected Member Functions

Protected Attributes

Static Protected Attributes

Detailed Description

Member Function Documentation

◆ _allowSessionStart()

◆ _checkCookies()

◆ _checkUserAgent()

◆ _forceSessionStart()

◆ _getBasketName()

◆ _getCookieSid()

◆ _getNewSessionId()

◆ _getRequireSessionWithParams()

◆ _getSessionUseCookies()

◆ _initNewSessionChallenge()

◆ _isSessionRequiredAction()

◆ _isSwappedClient()

◆ _isValidRemoteAccessToken()

◆ _sessionStart()

◆ _setSessionId()

◆ _validateBasket()

◆ checkSessionChallenge()

◆ delBasket()

◆ deleteVariable()

◆ destroy()

◆ freeze()

◆ getBasket()

◆ getBasketReservations()

◆ getForcedName()

◆ getId()

◆ getName()

◆ getRemoteAccessToken()

◆ getRequestChallengeToken()

◆ getSessionChallengeToken()

◆ getShopUrlId()

◆ getSidFromRequest()

◆ getVariable()

◆ hasVariable()

◆ hiddenSid()

◆ initNewSession()

◆ isActualSidInCookie()

◆ isClassInSerializedObject()

◆ isClassOrNullInSerializedObjectAfterField()

◆ isHeaderSent()

◆ isNewSession()

◆ isSerializedBasketValid()

◆ isSessionStarted()

◆ isSidNeeded()

◆ isUnserializedBasketValid()

◆ needToSetHeaders()

◆ processUrl()

◆ regenerateSessionId()

◆ setBasket()

◆ setForceNewSession()

◆ setId()

◆ setName()

◆ setVariable()

◆ sid()

◆ sidToUrlEvent()

◆ start()

Member Data Documentation

◆ $_aPersistentParams

◆ $_aRequireSessionWithParams

◆ $_blForceNewSession

◆ $_blIsNewSession

◆ $_blNewSession

◆ $_blSidNeeded

◆ $_blStarted

◆ $_oBasket

◆ $_oBasketReservations

◆ $_oUser

◆ $_sErrorMsg

◆ $_sForcedPrefix

◆ $_sId

◆ $_sName