Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
Static Public Member Functions | Static Public Attributes | Protected Member Functions | Static Protected Member Functions | Static Protected Attributes
Zend_Session Class Reference
Inheritance diagram for Zend_Session:
Zend_Session_Abstract

Static Public Member Functions

static setOptions (array $userOptions=array())
 
static getOptions ($optionName=null)
 
static setSaveHandler (Zend_Session_SaveHandler_Interface $saveHandler)
 
static getSaveHandler ()
 
static regenerateId ()
 
static rememberMe ($seconds=null)
 
static forgetMe ()
 
static rememberUntil ($seconds=0)
 
static sessionExists ()
 
static isDestroyed ()
 
static start ($options=false)
 
static isStarted ()
 
static isRegenerated ()
 
static getId ()
 
static setId ($id)
 
static registerValidator (Zend_Session_Validator_Interface $validator)
 
static stop ()
 
static writeClose ($readonly=true)
 
static destroy ($remove_cookie=true, $readonly=true)
 
static expireSessionCookie ()
 
static namespaceIsset ($namespace)
 
static namespaceUnset ($namespace)
 
static namespaceGet ($namespace)
 
static getIterator ()
 
static isWritable ()
 
static isReadable ()
 

Static Public Attributes

static $_unitTestEnabled = false
 

Protected Member Functions

 __construct ()
 

Static Protected Member Functions

static _checkId ($id)
 
- Static Protected Member Functions inherited from Zend_Session_Abstract
static _namespaceIsset ($namespace, $name=null)
 
static _namespaceUnset ($namespace, $name=null)
 
static & _namespaceGet ($namespace, $name=null)
 
static _namespaceGetAll ($namespace)
 

Static Protected Attributes

static $_throwStartupExceptions = true
 
- Static Protected Attributes inherited from Zend_Session_Abstract
static $_writable = false
 
static $_readable = false
 
static $_expiringData = array()
 

Additional Inherited Members

- Data Fields inherited from Zend_Session_Abstract
const _THROW_NOT_WRITABLE_MSG = 'Zend_Session is currently marked as read-only.'
 
const _THROW_NOT_READABLE_MSG = 'Zend_Session is not marked as readable.'
 

Detailed Description

Definition at line 49 of file Session.php.

Constructor & Destructor Documentation

◆ __construct()

__construct ( )
protected

Constructor overriding - make sure that a developer cannot instantiate

Definition at line 187 of file Session.php.

188  {
189  }

Member Function Documentation

◆ _checkId()

static _checkId (   $id)
staticprotected

Perform a hash-bits check on the session ID

Parameters
string$idSession ID
Returns
bool

Definition at line 521 of file Session.php.

522  {
523  $saveHandler = ini_get('session.save_handler');
524  if ($saveHandler == 'cluster') { // Zend Server SC, validate only after last dash
525  $dashPos = strrpos($id, '-');
526  if ($dashPos) {
527  $id = substr($id, $dashPos + 1);
528  }
529  }
530 
531  $hashBitsPerChar = ini_get('session.hash_bits_per_character');
532  if (!$hashBitsPerChar) {
533  $hashBitsPerChar = 5; // the default value
534  }
535  switch($hashBitsPerChar) {
536  case 4: $pattern = '^[0-9a-f]*$'; break;
537  case 5: $pattern = '^[0-9a-v]*$'; break;
538  case 6: $pattern = '^[0-9a-zA-Z-,]*$'; break;
539  }
540  return preg_match('#'.$pattern.'#', $id);
541  }
$pattern
$pattern
Definition: website.php:22
$id
$id
Definition: fieldset.phtml:14

◆ destroy()

static destroy (   $remove_cookie = true,
  $readonly = true 
)
static

destroy() - This is used to destroy session data, and optionally, the session cookie itself

Parameters
bool$remove_cookie- OPTIONAL remove session id cookie, defaults to true (remove cookie)
bool$readonly- OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
Returns
void

Definition at line 744 of file Session.php.

745  {
746  if (self::$_unitTestEnabled) {
747  return;
748  }
749 
750  if (self::$_destroyed) {
751  return;
752  }
753 
754  if ($readonly) {
755  parent::$_writable = false;
756  }
757 
758  session_destroy();
759  self::$_destroyed = true;
760 
761  if ($remove_cookie) {
762  self::expireSessionCookie();
763  }
764  }
Zend_Session\expireSessionCookie
static expireSessionCookie()
Definition: Session.php:772

◆ expireSessionCookie()

static expireSessionCookie ( )
static

expireSessionCookie() - Sends an expired session id cookie, causing the client to delete the session cookie

Returns
void

Definition at line 772 of file Session.php.

773  {
774  if (self::$_unitTestEnabled) {
775  return;
776  }
777 
778  if (self::$_sessionCookieDeleted) {
779  return;
780  }
781 
782  self::$_sessionCookieDeleted = true;
783 
784  if (isset($_COOKIE[session_name()])) {
785  $cookie_params = session_get_cookie_params();
786 
787  setcookie(
788  session_name(),
789  false,
790  315554400, // strtotime('1980-01-01'),
791  $cookie_params['path'],
792  $cookie_params['domain'],
793  $cookie_params['secure']
794  );
795  }
796  }

◆ forgetMe()

static forgetMe ( )
static

forgetMe() - Write a volatile session cookie, removing any persistent cookie that may have existed. The session would end upon, for example, termination of a web browser program.

Returns
void

Definition at line 350 of file Session.php.

351  {
352  self::rememberUntil(0);
353  }
Zend_Session\rememberUntil
static rememberUntil($seconds=0)
Definition: Session.php:363

◆ getId()

static getId ( )
static

getId() - get the current session id

Returns
string

Definition at line 649 of file Session.php.

650  {
651  return session_id();
652  }

◆ getIterator()

static getIterator ( )
static

getIterator() - return an iteratable object for use in foreach and the like, this completes the IteratorAggregate interface

Exceptions
Zend_Session_Exception
Returns
ArrayObject
See also
Zend_Session_Exception

Definition at line 868 of file Session.php.

869  {
870  if (parent::$_readable === false) {
872  #require_once 'Zend/Session/Exception.php';
873  throw new Zend_Session_Exception(parent::_THROW_NOT_READABLE_MSG);
874  }
875 
876  $spaces = array();
877  if (isset($_SESSION)) {
878  $spaces = array_keys($_SESSION);
879  foreach($spaces as $key => $space) {
880  if (!strncmp($space, '__', 2) || !is_array($_SESSION[$space])) {
881  unset($spaces[$key]);
882  }
883  }
884  }
885 
886  return new ArrayObject(array_merge($spaces, array_keys(parent::$_expiringData)));
887  }
Zend_Session_Exception
Definition: Exception.php:38

◆ getOptions()

static getOptions (   $optionName = null)
static

getOptions()

Parameters
string$optionNameOPTIONAL
Returns
array|string

Definition at line 238 of file Session.php.

239  {
240  $options = array();
241  foreach (ini_get_all('session') as $sysOptionName => $sysOptionValues) {
242  $options[substr($sysOptionName, 8)] = $sysOptionValues['local_value'];
243  }
244  foreach (self::$_localOptions as $localOptionName => $localOptionMemberName) {
245  $options[$localOptionName] = self::${$localOptionMemberName};
246  }
247 
248  if ($optionName) {
249  if (array_key_exists($optionName, $options)) {
250  return $options[$optionName];
251  }
252  return null;
253  }
254 
255  return $options;
256  }
$options
$options
Definition: multiple_mixed_products.php:29

◆ getSaveHandler()

static getSaveHandler ( )
static

getSaveHandler() - Get the session Save Handler

Returns
Zend_Session_SaveHandler_Interface

Definition at line 293 of file Session.php.

294  {
295  return self::$_saveHandler;
296  }

◆ isDestroyed()

static isDestroyed ( )
static

Whether or not session has been destroyed via session_destroy()

Returns
bool

Definition at line 408 of file Session.php.

409  {
410  return self::$_destroyed;
411  }

◆ isReadable()

static isReadable ( )
static

isReadable() - returns a boolean indicating if namespaces can write (use setters)

Returns
bool

Definition at line 906 of file Session.php.

907  {
908  return parent::$_readable;
909  }

◆ isRegenerated()

static isRegenerated ( )
static

isRegenerated() - convenience method to determine if session_regenerate_id() has been called during this request by Zend_Session.

Returns
bool

Definition at line 638 of file Session.php.

639  {
640  return ( (self::$_regenerateIdState > 0) ? true : false );
641  }

◆ isStarted()

static isStarted ( )
static

isStarted() - convenience method to determine if the session is already started.

Returns
bool

Definition at line 626 of file Session.php.

627  {
628  return self::$_sessionStarted;
629  }

◆ isWritable()

static isWritable ( )
static

isWritable() - returns a boolean indicating if namespaces can write (use setters)

Returns
bool

Definition at line 895 of file Session.php.

896  {
897  return parent::$_writable;
898  }

◆ namespaceGet()

static namespaceGet (   $namespace)
static

namespaceGet() - get all variables in a namespace Deprecated: Use getIterator() in Zend_Session_Namespace.

Parameters
string$namespace
Returns
array

Definition at line 855 of file Session.php.

856  {
857  return parent::_namespaceGetAll($namespace);
858  }

◆ namespaceIsset()

static namespaceIsset (   $namespace)
static

namespaceIsset() - check to see if a namespace is set

Parameters
string$namespace
Returns
bool

Definition at line 828 of file Session.php.

829  {
830  return parent::_namespaceIsset($namespace);
831  }

◆ namespaceUnset()

static namespaceUnset (   $namespace)
static

namespaceUnset() - unset a namespace or a variable within a namespace

Parameters
string$namespace
Exceptions
Zend_Session_Exception
Returns
void

Definition at line 841 of file Session.php.

842  {
843  parent::_namespaceUnset($namespace);
844  Zend_Session_Namespace::resetSingleInstance($namespace);
845  }
Zend_Session_Namespace\resetSingleInstance
static resetSingleInstance($namespaceName=null)
Definition: Namespace.php:79

◆ regenerateId()

static regenerateId ( )
static

regenerateId() - Regenerate the session id. Best practice is to call this after session is started. If called prior to session starting, session id will be regenerated at start time.

Exceptions
Zend_Session_Exception
Returns
void
See also
Zend_Session_Exception

Definition at line 307 of file Session.php.

308  {
309  if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
311  #require_once 'Zend/Session/Exception.php';
312  throw new Zend_Session_Exception("You must call " . __CLASS__ . '::' . __FUNCTION__ .
313  "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
314  }
315 
316  if ( !self::$_sessionStarted ) {
317  self::$_regenerateIdState = -1;
318  } else {
319  if (!self::$_unitTestEnabled) {
320  session_regenerate_id(true);
321  }
322  self::$_regenerateIdState = 1;
323  }
324  }
Zend_Session_Exception
Definition: Exception.php:38

◆ registerValidator()

static registerValidator ( Zend_Session_Validator_Interface  $validator)
static

registerValidator() - register a validator that will attempt to validate this session for every future request

Parameters
Zend_Session_Validator_Interface$validator
Returns
void

Definition at line 694 of file Session.php.

695  {
696  $validator->setup();
697  }
Zend_Session_Validator_Interface\setup
setup()

◆ rememberMe()

static rememberMe (   $seconds = null)
static

rememberMe() - Write a persistent cookie that expires after a number of seconds in the future. If no number of seconds is specified, then this defaults to self::$_rememberMeSeconds. Due to clock errors on end users' systems, large values are recommended to avoid undesirable expiration of session cookies.

Parameters
int$secondsOPTIONAL specifies TTL for cookie in seconds from present time
Returns
void

Definition at line 335 of file Session.php.

336  {
337  $seconds = (int) $seconds;
338  $seconds = ($seconds > 0) ? $seconds : self::$_rememberMeSeconds;
339 
340  self::rememberUntil($seconds);
341  }
Zend_Session\rememberUntil
static rememberUntil($seconds=0)
Definition: Session.php:363

◆ rememberUntil()

static rememberUntil (   $seconds = 0)
static

rememberUntil() - This method does the work of changing the state of the session cookie and making sure that it gets resent to the browser via regenerateId()

Parameters
int$seconds
Returns
void

Definition at line 363 of file Session.php.

364  {
365  if (self::$_unitTestEnabled) {
366  self::regenerateId();
367  return;
368  }
369 
370  $cookieParams = session_get_cookie_params();
371 
372  session_set_cookie_params(
373  $seconds,
374  $cookieParams['path'],
375  $cookieParams['domain'],
376  $cookieParams['secure']
377  );
378 
379  // normally "rememberMe()" represents a security context change, so should use new session id
380  self::regenerateId();
381  }
Zend_Session\regenerateId
static regenerateId()
Definition: Session.php:307

◆ sessionExists()

static sessionExists ( )
static

sessionExists() - whether or not a session exists for the current request

Returns
bool

Definition at line 389 of file Session.php.

390  {
391  if ((bool)ini_get('session.use_cookies') == true && isset($_COOKIE[session_name()])) {
392  return true;
393  } elseif ((bool)ini_get('session.use_only_cookies') == false && isset($_REQUEST[session_name()])) {
394  return true;
395  } elseif (self::$_unitTestEnabled) {
396  return true;
397  }
398 
399  return false;
400  }
elseif
elseif(isset( $params[ 'redirect_parent']))
Definition: iframe.phtml:17

◆ setId()

static setId (   $id)
static

setId() - set an id to a user specified id

Exceptions
Zend_Session_Exception
Parameters
string$id
Returns
void
See also
Zend_Session_Exception
Zend_Session_Exception
Zend_Session_Exception

Definition at line 662 of file Session.php.

663  {
664  if (!self::$_unitTestEnabled && defined('SID')) {
666  #require_once 'Zend/Session/Exception.php';
667  throw new Zend_Session_Exception('The session has already been started. The session id must be set first.');
668  }
669 
670  if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
672  #require_once 'Zend/Session/Exception.php';
673  throw new Zend_Session_Exception("You must call ".__CLASS__.'::'.__FUNCTION__.
674  "() before any output has been sent to the browser; output started in {$filename}/{$linenum}");
675  }
676 
677  if (!is_string($id) || $id === '') {
679  #require_once 'Zend/Session/Exception.php';
680  throw new Zend_Session_Exception('You must provide a non-empty string as a session identifier.');
681  }
682 
683  session_id($id);
684  }
$id
$id
Definition: fieldset.phtml:14
Zend_Session_Exception
Definition: Exception.php:38

◆ setOptions()

static setOptions ( array  $userOptions = array())
static

setOptions - set both the class specified

Parameters
array$userOptions- pass-by-keyword style array of <option name, option value> pairs
Exceptions
Zend_Session_Exception
Returns
void
See also
Zend_Session_Exception

Definition at line 199 of file Session.php.

200  {
201  // set default options on first run only (before applying user settings)
202  if (!self::$_defaultOptionsSet) {
203  foreach (self::$_defaultOptions as $defaultOptionName => $defaultOptionValue) {
204  if (isset(self::$_defaultOptions[$defaultOptionName])) {
205  ini_set("session.$defaultOptionName", $defaultOptionValue);
206  }
207  }
208 
209  self::$_defaultOptionsSet = true;
210  }
211 
212  // set the options the user has requested to set
213  foreach ($userOptions as $userOptionName => $userOptionValue) {
214 
215  $userOptionName = strtolower($userOptionName);
216 
217  // set the ini based values
218  if (array_key_exists($userOptionName, self::$_defaultOptions)) {
219  ini_set("session.$userOptionName", $userOptionValue);
220  }
221  elseif (isset(self::$_localOptions[$userOptionName])) {
222  self::${self::$_localOptions[$userOptionName]} = $userOptionValue;
223  }
224  else {
226  #require_once 'Zend/Session/Exception.php';
227  throw new Zend_Session_Exception("Unknown option: $userOptionName = $userOptionValue");
228  }
229  }
230  }
Magento\Framework\Session\ini_set
ini_set($varName, $newValue)
Definition: mock_ini_set.php:18
elseif
elseif(isset( $params[ 'redirect_parent']))
Definition: iframe.phtml:17
Zend_Session_Exception
Definition: Exception.php:38

◆ setSaveHandler()

static setSaveHandler ( Zend_Session_SaveHandler_Interface  $saveHandler)
static

setSaveHandler() - Session Save Handler assignment

Parameters
Zend_Session_SaveHandler_Interface$interface
Exceptions
Zend_Session_ExceptionWhen the session_set_save_handler call fails
Returns
void

Definition at line 265 of file Session.php.

266  {
267  self::$_saveHandler = $saveHandler;
268 
269  if (self::$_unitTestEnabled) {
270  return;
271  }
272 
273  $result = session_set_save_handler(
274  array(&$saveHandler, 'open'),
275  array(&$saveHandler, 'close'),
276  array(&$saveHandler, 'read'),
277  array(&$saveHandler, 'write'),
278  array(&$saveHandler, 'destroy'),
279  array(&$saveHandler, 'gc')
280  );
281 
282  if (!$result) {
283  throw new Zend_Session_Exception('Unable to set session handler');
284  }
285  }
$result
$result
Definition: product_configurable_not_available_rollback.php:26
Zend_Session_Exception
Definition: Exception.php:38

◆ start()

static start (   $options = false)
static

start() - Start the session.

Parameters
bool | array$optionsOPTIONAL Either user supplied options, or flag indicating if start initiated automatically
Exceptions
Zend_Session_Exception
Returns
void
See also
Zend_Session_Exception
Zend_Session_Exception
Zend_Session_Exception

Hack to throw exceptions on start instead of php errors

See also
http://framework.zend.com/issues/browse/ZF-1325
Zend_Session_Exception

Definition at line 421 of file Session.php.

422  {
423  // Check to see if we've been passed an invalid session ID
424  if ( self::getId() && !self::_checkId(self::getId()) ) {
425  // Generate a valid, temporary replacement
426  self::setId(md5(self::getId()));
427  // Force a regenerate after session is started
428  self::$_regenerateIdState = -1;
429  }
430 
431  if (self::$_sessionStarted && self::$_destroyed) {
432  #require_once 'Zend/Session/Exception.php';
433  throw new Zend_Session_Exception('The session was explicitly destroyed during this request, attempting to re-start is not allowed.');
434  }
435 
436  if (self::$_sessionStarted) {
437  return; // already started
438  }
439 
440  // make sure our default options (at the least) have been set
441  if (!self::$_defaultOptionsSet) {
442  self::setOptions(is_array($options) ? $options : array());
443  }
444 
445  // In strict mode, do not allow auto-starting Zend_Session, such as via "new Zend_Session_Namespace()"
446  if (self::$_strict && $options === true) {
448  #require_once 'Zend/Session/Exception.php';
449  throw new Zend_Session_Exception('You must explicitly start the session with Zend_Session::start() when session options are set to strict.');
450  }
451 
452  $filename = $linenum = null;
453  if (!self::$_unitTestEnabled && headers_sent($filename, $linenum)) {
455  #require_once 'Zend/Session/Exception.php';
456  throw new Zend_Session_Exception("Session must be started before any output has been sent to the browser;"
457  . " output started in {$filename}/{$linenum}");
458  }
459 
460  // See http://www.php.net/manual/en/ref.session.php for explanation
461  if (!self::$_unitTestEnabled && defined('SID')) {
463  #require_once 'Zend/Session/Exception.php';
464  throw new Zend_Session_Exception('session has already been started by session.auto-start or session_start()');
465  }
466 
472  $errorLevel = (is_int(self::$_throwStartupExceptions)) ? self::$_throwStartupExceptions : E_ALL;
473 
475  if (!self::$_unitTestEnabled) {
476 
477  if (self::$_throwStartupExceptions) {
478  #require_once 'Zend/Session/Exception.php';
479  set_error_handler(array('Zend_Session_Exception', 'handleSessionStartError'), $errorLevel);
480  }
481 
482  $startedCleanly = session_start();
483 
484  if (self::$_throwStartupExceptions) {
485  restore_error_handler();
486  }
487 
488  if (!$startedCleanly || Zend_Session_Exception::$sessionStartError != null) {
489  if (self::$_throwStartupExceptions) {
490  set_error_handler(array('Zend_Session_Exception', 'handleSilentWriteClose'), $errorLevel);
491  }
492  session_write_close();
493  if (self::$_throwStartupExceptions) {
494  restore_error_handler();
495  throw new Zend_Session_Exception(__CLASS__ . '::' . __FUNCTION__ . '() - ' . Zend_Session_Exception::$sessionStartError);
496  }
497  }
498  }
499 
500  parent::$_readable = true;
501  parent::$_writable = true;
502  self::$_sessionStarted = true;
503  if (self::$_regenerateIdState === -1) {
504  self::regenerateId();
505  }
506 
507  // run validators if they exist
508  if (isset($_SESSION['__ZF']['VALID'])) {
509  self::_processValidators();
510  }
511 
512  self::_processStartupMetadataGlobal();
513  }
Zend_Session\regenerateId
static regenerateId()
Definition: Session.php:307
Zend_Session_Exception
Definition: Exception.php:38
Zend_Session\setId
static setId($id)
Definition: Session.php:662
Zend_Session\setOptions
static setOptions(array $userOptions=array())
Definition: Session.php:199
Zend_Session_Exception\$sessionStartError
static $sessionStartError
Definition: Exception.php:46
$options
$options
Definition: multiple_mixed_products.php:29

◆ stop()

static stop ( )
static

stop() - Disable write access. Optionally disable read (not implemented).

Returns
void

Definition at line 705 of file Session.php.

706  {
707  parent::$_writable = false;
708  }

◆ writeClose()

static writeClose (   $readonly = true)
static

writeClose() - Shutdown the sesssion, close writing and detach $_SESSION from the back-end storage mechanism. This will complete the internal data transformation on this request.

Parameters
bool$readonly- OPTIONAL remove write access (i.e. throw error if Zend_Session's attempt writes)
Returns
void

Definition at line 718 of file Session.php.

719  {
720  if (self::$_unitTestEnabled) {
721  return;
722  }
723 
724  if (self::$_writeClosed) {
725  return;
726  }
727 
728  if ($readonly) {
729  parent::$_writable = false;
730  }
731 
732  session_write_close();
733  self::$_writeClosed = true;
734  }

Field Documentation

◆ $_throwStartupExceptions

$_throwStartupExceptions = true
staticprotected

Definition at line 64 of file Session.php.

◆ $_unitTestEnabled

$_unitTestEnabled = false
static

Whether or not Zend_Session is being used with unit tests

Definition at line 57 of file Session.php.

The documentation for this class was generated from the following file: