2e86c939
 xu
“首次提交”
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
|
<?php
/**
* @link http://www.yiiframework.com/
* @copyright Copyright (c) 2008 Yii Software LLC
* @license http://www.yiiframework.com/license/
*/
namespace yii\web;
use Yii;
use yii\db\Connection;
use yii\db\Query;
use yii\base\InvalidConfigException;
use yii\di\Instance;
/**
* DbSession extends [[Session]] by using database as session data storage.
*
* By default, DbSession stores session data in a DB table named 'session'. This table
* must be pre-created. The table name can be changed by setting [[sessionTable]].
*
* The following example shows how you can configure the application to use DbSession:
* Add the following to your application config under `components`:
*
* ```php
* 'session' => [
* 'class' => 'yii\web\DbSession',
* // 'db' => 'mydb',
* // 'sessionTable' => 'my_session',
* ]
* ```
*
* DbSession extends [[MultiFieldSession]], thus it allows saving extra fields into the [[sessionTable]].
* Refer to [[MultiFieldSession]] for more details.
*
* @author Qiang Xue <qiang.xue@gmail.com>
* @since 2.0
*/
class DbSession extends MultiFieldSession
{
/**
* @var Connection|array|string the DB connection object or the application component ID of the DB connection.
* After the DbSession object is created, if you want to change this property, you should only assign it
* with a DB connection object.
* Starting from version 2.0.2, this can also be a configuration array for creating the object.
*/
public $db = 'db';
/**
* @var string the name of the DB table that stores the session data.
* The table should be pre-created as follows:
*
* ```sql
* CREATE TABLE session
* (
* id CHAR(40) NOT NULL PRIMARY KEY,
* expire INTEGER,
* data BLOB
* )
* ```
*
* where 'BLOB' refers to the BLOB-type of your preferred DBMS. Below are the BLOB type
* that can be used for some popular DBMS:
*
* - MySQL: LONGBLOB
* - PostgreSQL: BYTEA
* - MSSQL: BLOB
*
* When using DbSession in a production server, we recommend you create a DB index for the 'expire'
* column in the session table to improve the performance.
*
* Note that according to the php.ini setting of `session.hash_function`, you may need to adjust
* the length of the `id` column. For example, if `session.hash_function=sha256`, you should use
* length 64 instead of 40.
*/
public $sessionTable = '{{%session}}';
/**
* Initializes the DbSession component.
* This method will initialize the [[db]] property to make sure it refers to a valid DB connection.
* @throws InvalidConfigException if [[db]] is invalid.
*/
public function init()
{
parent::init();
$this->db = Instance::ensure($this->db, Connection::className());
}
/**
* Updates the current session ID with a newly generated one .
* Please refer to <http://php.net/session_regenerate_id> for more details.
* @param bool $deleteOldSession Whether to delete the old associated session file or not.
*/
public function regenerateID($deleteOldSession = false)
{
$oldID = session_id();
// if no session is started, there is nothing to regenerate
if (empty($oldID)) {
return;
}
parent::regenerateID(false);
$newID = session_id();
// if session id regeneration failed, no need to create/update it.
if (empty($newID)) {
Yii::warning('Failed to generate new session ID', __METHOD__);
return;
}
$query = new Query();
$row = $query->from($this->sessionTable)
->where(['id' => $oldID])
->createCommand($this->db)
->queryOne();
if ($row !== false) {
if ($deleteOldSession) {
$this->db->createCommand()
->update($this->sessionTable, ['id' => $newID], ['id' => $oldID])
->execute();
} else {
$row['id'] = $newID;
$this->db->createCommand()
->insert($this->sessionTable, $row)
->execute();
}
} else {
// shouldn't reach here normally
$this->db->createCommand()
->insert($this->sessionTable, $this->composeFields($newID, ''))
->execute();
}
}
/**
* Session read handler.
* @internal Do not call this method directly.
* @param string $id session ID
* @return string the session data
*/
public function readSession($id)
{
$query = new Query();
$query->from($this->sessionTable)
->where('[[expire]]>:expire AND [[id]]=:id', [':expire' => time(), ':id' => $id]);
if ($this->readCallback !== null) {
$fields = $query->one($this->db);
return $fields === false ? '' : $this->extractData($fields);
}
$data = $query->select(['data'])->scalar($this->db);
return $data === false ? '' : $data;
}
/**
* Session write handler.
* @internal Do not call this method directly.
* @param string $id session ID
* @param string $data session data
* @return bool whether session write is successful
*/
public function writeSession($id, $data)
{
// exception must be caught in session write handler
// http://us.php.net/manual/en/function.session-set-save-handler.php#refsect1-function.session-set-save-handler-notes
try {
$query = new Query;
$exists = $query->select(['id'])
->from($this->sessionTable)
->where(['id' => $id])
->createCommand($this->db)
->queryScalar();
$fields = $this->composeFields($id, $data);
if ($exists === false) {
$this->db->createCommand()
->insert($this->sessionTable, $fields)
->execute();
} else {
unset($fields['id']);
$this->db->createCommand()
->update($this->sessionTable, $fields, ['id' => $id])
->execute();
}
} catch (\Exception $e) {
$exception = ErrorHandler::convertExceptionToString($e);
// its too late to use Yii logging here
error_log($exception);
if (YII_DEBUG) {
echo $exception;
}
return false;
}
return true;
}
/**
* Session destroy handler.
* @internal Do not call this method directly.
* @param string $id session ID
* @return bool whether session is destroyed successfully
*/
public function destroySession($id)
{
$this->db->createCommand()
->delete($this->sessionTable, ['id' => $id])
->execute();
return true;
}
/**
* Session GC (garbage collection) handler.
* @internal Do not call this method directly.
* @param int $maxLifetime the number of seconds after which data will be seen as 'garbage' and cleaned up.
* @return bool whether session is GCed successfully
*/
public function gcSession($maxLifetime)
{
$this->db->createCommand()
->delete($this->sessionTable, '[[expire]]<:expire', [':expire' => time()])
->execute();
return true;
}
}
|