Subversion-Projekte lars-tiefland.ci

Revision

Revision 2107 | Revision 2254 | Zur aktuellen Revision | Details | Vergleich mit vorheriger | Letzte Änderung | Log anzeigen | RSS feed

Revision Autor Zeilennr. Zeile
68 lars 1
<?php
2
/**
3
 * CodeIgniter
4
 *
5
 * An open source application development framework for PHP
6
 *
7
 * This content is released under the MIT License (MIT)
8
 *
2242 lars 9
 * Copyright (c) 2014 - 2018, British Columbia Institute of Technology
68 lars 10
 *
11
 * Permission is hereby granted, free of charge, to any person obtaining a copy
12
 * of this software and associated documentation files (the "Software"), to deal
13
 * in the Software without restriction, including without limitation the rights
14
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15
 * copies of the Software, and to permit persons to whom the Software is
16
 * furnished to do so, subject to the following conditions:
17
 *
18
 * The above copyright notice and this permission notice shall be included in
19
 * all copies or substantial portions of the Software.
20
 *
21
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27
 * THE SOFTWARE.
28
 *
29
 * @package	CodeIgniter
30
 * @author	EllisLab Dev Team
31
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
2242 lars 32
 * @copyright	Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
68 lars 33
 * @license	http://opensource.org/licenses/MIT	MIT License
34
 * @link	https://codeigniter.com
35
 * @since	Version 3.0.0
36
 * @filesource
37
 */
38
defined('BASEPATH') OR exit('No direct script access allowed');
39
 
40
/**
41
 * CodeIgniter Session Redis Driver
42
 *
43
 * @package	CodeIgniter
44
 * @subpackage	Libraries
45
 * @category	Sessions
46
 * @author	Andrey Andreev
47
 * @link	https://codeigniter.com/user_guide/libraries/sessions.html
48
 */
49
class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface {
50
 
51
	/**
52
	 * phpRedis instance
53
	 *
2107 lars 54
	 * @var	Redis
68 lars 55
	 */
56
	protected $_redis;
57
 
58
	/**
59
	 * Key prefix
60
	 *
61
	 * @var	string
62
	 */
63
	protected $_key_prefix = 'ci_session:';
64
 
65
	/**
66
	 * Lock key
67
	 *
68
	 * @var	string
69
	 */
70
	protected $_lock_key;
71
 
72
	/**
73
	 * Key exists flag
74
	 *
75
	 * @var bool
76
	 */
77
	protected $_key_exists = FALSE;
78
 
79
	// ------------------------------------------------------------------------
80
 
81
	/**
82
	 * Class constructor
83
	 *
84
	 * @param	array	$params	Configuration parameters
85
	 * @return	void
86
	 */
87
	public function __construct(&$params)
88
	{
89
		parent::__construct($params);
90
 
91
		if (empty($this->_config['save_path']))
92
		{
93
			log_message('error', 'Session: No Redis save path configured.');
94
		}
95
		elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches))
96
		{
97
			isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below
98
			$this->_config['save_path'] = array(
99
				'host' => $matches[1],
100
				'port' => empty($matches[2]) ? NULL : $matches[2],
101
				'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL,
102
				'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL,
103
				'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL
104
			);
105
 
106
			preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1];
107
		}
108
		else
109
		{
110
			log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']);
111
		}
112
 
113
		if ($this->_config['match_ip'] === TRUE)
114
		{
115
			$this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':';
116
		}
117
	}
118
 
119
	// ------------------------------------------------------------------------
120
 
121
	/**
122
	 * Open
123
	 *
124
	 * Sanitizes save_path and initializes connection.
125
	 *
126
	 * @param	string	$save_path	Server path
127
	 * @param	string	$name		Session cookie name, unused
128
	 * @return	bool
129
	 */
130
	public function open($save_path, $name)
131
	{
132
		if (empty($this->_config['save_path']))
133
		{
134
			return $this->_fail();
135
		}
136
 
137
		$redis = new Redis();
138
		if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout']))
139
		{
140
			log_message('error', 'Session: Unable to connect to Redis with the configured settings.');
141
		}
142
		elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password']))
143
		{
144
			log_message('error', 'Session: Unable to authenticate to Redis instance.');
145
		}
146
		elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database']))
147
		{
148
			log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']);
149
		}
150
		else
151
		{
152
			$this->_redis = $redis;
153
			return $this->_success;
154
		}
155
 
2242 lars 156
		$this->php5_validate_id();
157
 
68 lars 158
		return $this->_fail();
159
	}
160
 
161
	// ------------------------------------------------------------------------
162
 
163
	/**
164
	 * Read
165
	 *
166
	 * Reads session data and acquires a lock
167
	 *
168
	 * @param	string	$session_id	Session ID
169
	 * @return	string	Serialized session data
170
	 */
171
	public function read($session_id)
172
	{
173
		if (isset($this->_redis) && $this->_get_lock($session_id))
174
		{
175
			// Needed by write() to detect session_regenerate_id() calls
176
			$this->_session_id = $session_id;
177
 
178
			$session_data = $this->_redis->get($this->_key_prefix.$session_id);
179
 
180
			is_string($session_data)
181
				? $this->_key_exists = TRUE
182
				: $session_data = '';
183
 
184
			$this->_fingerprint = md5($session_data);
185
			return $session_data;
186
		}
187
 
188
		return $this->_fail();
189
	}
190
 
191
	// ------------------------------------------------------------------------
192
 
193
	/**
194
	 * Write
195
	 *
196
	 * Writes (create / update) session data
197
	 *
198
	 * @param	string	$session_id	Session ID
199
	 * @param	string	$session_data	Serialized session data
200
	 * @return	bool
201
	 */
202
	public function write($session_id, $session_data)
203
	{
2049 lars 204
		if ( ! isset($this->_redis, $this->_lock_key))
68 lars 205
		{
206
			return $this->_fail();
207
		}
208
		// Was the ID regenerated?
209
		elseif ($session_id !== $this->_session_id)
210
		{
211
			if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
212
			{
213
				return $this->_fail();
214
			}
215
 
216
			$this->_key_exists = FALSE;
217
			$this->_session_id = $session_id;
218
		}
219
 
2049 lars 220
		$this->_redis->setTimeout($this->_lock_key, 300);
221
		if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE)
68 lars 222
		{
2049 lars 223
			if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
68 lars 224
			{
2049 lars 225
				$this->_fingerprint = $fingerprint;
226
				$this->_key_exists = TRUE;
227
				return $this->_success;
68 lars 228
			}
229
 
2049 lars 230
			return $this->_fail();
68 lars 231
		}
232
 
2049 lars 233
		return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']))
234
			? $this->_success
235
			: $this->_fail();
68 lars 236
	}
237
 
238
	// ------------------------------------------------------------------------
239
 
240
	/**
241
	 * Close
242
	 *
243
	 * Releases locks and closes connection.
244
	 *
245
	 * @return	bool
246
	 */
247
	public function close()
248
	{
249
		if (isset($this->_redis))
250
		{
251
			try {
252
				if ($this->_redis->ping() === '+PONG')
253
				{
254
					$this->_release_lock();
255
					if ($this->_redis->close() === FALSE)
256
					{
257
						return $this->_fail();
258
					}
259
				}
260
			}
261
			catch (RedisException $e)
262
			{
263
				log_message('error', 'Session: Got RedisException on close(): '.$e->getMessage());
264
			}
265
 
266
			$this->_redis = NULL;
267
			return $this->_success;
268
		}
269
 
270
		return $this->_success;
271
	}
272
 
273
	// ------------------------------------------------------------------------
274
 
275
	/**
276
	 * Destroy
277
	 *
278
	 * Destroys the current session.
279
	 *
280
	 * @param	string	$session_id	Session ID
281
	 * @return	bool
282
	 */
283
	public function destroy($session_id)
284
	{
285
		if (isset($this->_redis, $this->_lock_key))
286
		{
287
			if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1)
288
			{
289
				log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
290
			}
291
 
292
			$this->_cookie_destroy();
293
			return $this->_success;
294
		}
295
 
296
		return $this->_fail();
297
	}
298
 
299
	// ------------------------------------------------------------------------
300
 
301
	/**
302
	 * Garbage Collector
303
	 *
304
	 * Deletes expired sessions
305
	 *
306
	 * @param	int 	$maxlifetime	Maximum lifetime of sessions
307
	 * @return	bool
308
	 */
309
	public function gc($maxlifetime)
310
	{
311
		// Not necessary, Redis takes care of that.
312
		return $this->_success;
313
	}
314
 
2242 lars 315
	// --------------------------------------------------------------------
316
 
317
	/**
318
	 * Validate ID
319
	 *
320
	 * Checks whether a session ID record exists server-side,
321
	 * to enforce session.use_strict_mode.
322
	 *
323
	 * @param	string	$id
324
	 * @return	bool
325
	 */
326
	public function validateId($id)
327
	{
328
		return (bool) $this->_redis->exists($this->_key_prefix.$id);
329
	}
330
 
68 lars 331
	// ------------------------------------------------------------------------
332
 
333
	/**
334
	 * Get lock
335
	 *
336
	 * Acquires an (emulated) lock.
337
	 *
338
	 * @param	string	$session_id	Session ID
339
	 * @return	bool
340
	 */
341
	protected function _get_lock($session_id)
342
	{
343
		// PHP 7 reuses the SessionHandler object on regeneration,
344
		// so we need to check here if the lock key is for the
345
		// correct session ID.
346
		if ($this->_lock_key === $this->_key_prefix.$session_id.':lock')
347
		{
348
			return $this->_redis->setTimeout($this->_lock_key, 300);
349
		}
350
 
351
		// 30 attempts to obtain a lock, in case another request already has it
352
		$lock_key = $this->_key_prefix.$session_id.':lock';
353
		$attempt = 0;
354
		do
355
		{
356
			if (($ttl = $this->_redis->ttl($lock_key)) > 0)
357
			{
358
				sleep(1);
359
				continue;
360
			}
361
 
2107 lars 362
			$result = ($ttl === -2)
363
				? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300))
364
				: $this->_redis->setex($lock_key, 300, time());
365
 
366
			if ( ! $result)
68 lars 367
			{
368
				log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
369
				return FALSE;
370
			}
371
 
372
			$this->_lock_key = $lock_key;
373
			break;
374
		}
375
		while (++$attempt < 30);
376
 
377
		if ($attempt === 30)
378
		{
379
			log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
380
			return FALSE;
381
		}
382
		elseif ($ttl === -1)
383
		{
384
			log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.');
385
		}
386
 
387
		$this->_lock = TRUE;
388
		return TRUE;
389
	}
390
 
391
	// ------------------------------------------------------------------------
392
 
393
	/**
394
	 * Release lock
395
	 *
396
	 * Releases a previously acquired lock
397
	 *
398
	 * @return	bool
399
	 */
400
	protected function _release_lock()
401
	{
402
		if (isset($this->_redis, $this->_lock_key) && $this->_lock)
403
		{
404
			if ( ! $this->_redis->delete($this->_lock_key))
405
			{
406
				log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
407
				return FALSE;
408
			}
409
 
410
			$this->_lock_key = NULL;
411
			$this->_lock = FALSE;
412
		}
413
 
414
		return TRUE;
415
	}
416
 
417
}