Use the new session wrapper

13 years ago · 44f9af5a7f
parent 76d13120ea
commit 44f9af5a7f
8 changed files with 57 additions and 57 deletions
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@ -220,7 +220,7 @@ class Proxy extends \OC_FileProxy

 		} elseif (
 			Crypt::mode() == 'server'
-			&& isset( $_SESSION['legacyenckey'] )
+			&&\OC::$session->exists('legacyenckey')
 			&& Crypt::isEncryptedMeta( $path )
 		) {
 			$plainData = Crypt::legacyBlockDecrypt( $data, $session->getLegacyKey() );
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@ -106,7 +106,7 @@ class Session
 	 */
 	public function setPrivateKey( $privateKey ) {

-		$_SESSION['privateKey'] = $privateKey;
+		\OC::$session->set('privateKey', $privateKey)

 		return true;

@ -119,12 +119,9 @@ class Session
 	 */
 	public function getPrivateKey() {

-		if (
-			isset( $_SESSION['privateKey'] )
-			&& !empty( $_SESSION['privateKey'] )
-		) {
+		if ( !is_null( \OC::$session->get('privateKey') ) ) {

-			return $_SESSION['privateKey'];
+			return \OC::$session->get('privateKey');

 		} else {

@ -141,7 +138,7 @@ class Session
 	 */
 	public function setLegacyKey( $legacyKey ) {

-		$_SESSION['legacyKey'] = $legacyKey;
+		\OC::$session->set('legacyKey', $legacyKey);

 		return true;
 	}
@ -153,12 +150,9 @@ class Session
 	 */
 	public function getLegacyKey() {

-		if (
-			isset( $_SESSION['legacyKey'] )
-			&& !empty( $_SESSION['legacyKey'] )
-		) {
+		if ( !is_null( \OC::$session->get('legacyKey') ) ) {

-			return $_SESSION['legacyKey'];
+			return \OC::$session->get('legacyKey');

 		} else {

@ -168,4 +162,4 @@ class Session

 	}

-}
+}
--- a/apps/files_encryption/tests/util.php
+++ b/apps/files_encryption/tests/util.php
@ -183,7 +183,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {

 		$this->assertTrue(OCA\Encryption\Hooks::login($params));

-		$this->assertEquals($this->legacyKey, $_SESSION['legacyKey']);
+		$this->assertEquals($this->legacyKey, \OC::$session->get('legacyKey'));
 	}

 	function testRecoveryEnabledForUser() {
@ -273,7 +273,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {

 		$this->assertTrue(OCA\Encryption\Hooks::login($params));

-		$this->assertEquals($this->legacyKey, $_SESSION['legacyKey']);
+		$this->assertEquals($this->legacyKey, \OC::$session->get('legacyKey'));

 		$files = $util->findEncFiles('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER . '/files/');

@ -314,4 +314,4 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {
 		$params['password'] = $password;
 		OCA\Encryption\Hooks::login($params);
 	}
-}
+}
--- a/apps/files_sharing/public.php
+++ b/apps/files_sharing/public.php
@ -84,7 +84,7 @@ if (isset($path)) {
 					exit();
 				} else {
 					// Save item id in session for future requests
-					$_SESSION['public_link_authenticated'] = $linkItem['id'];
+					\OC::$session->set('public_link_authenticated', $linkItem['id']);
 				}
 			} else {
 				OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
@ -97,8 +97,8 @@ if (isset($path)) {

 		} else {
 			// Check if item id is set in session
-			if (!isset($_SESSION['public_link_authenticated'])
-				|| $_SESSION['public_link_authenticated'] !== $linkItem['id']
+			if ( ! \OC::$session->exists('public_link_authenticated')
+				|| \OC::$session->get('public_link_authenticated') !== $linkItem['id']
 			) {
 				// Prompt for password
 				$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
--- a/lib/base.php
+++ b/lib/base.php
@ -74,6 +74,11 @@ class OC {
 	 */
 	protected static $router = null;

+	/**
+	 * @var \OC\Session\Session
+	 */
+	public static $session = null;
+
 	/**
 	 * @var \OC\Autoloader $loader
 	 */
@ -283,14 +288,14 @@ class OC {
 		$cookie_path = OC::$WEBROOT ?: '/';
 		ini_set('session.cookie_path', $cookie_path);

-		// set the session name to the instance id - which is unique
-		session_name(OC_Util::getInstanceId());
-
-		// if session cant be started break with http 500 error
-		if (session_start() === false){
-			OC_Log::write('core', 'Session could not be initialized', 
+		try{
+			// set the session name to the instance id - which is unique
+			self::$session=new \OC\Session\Internal(OC_Util::getInstanceId());
+			// if session cant be started break with http 500 error
+		}catch (Exception $e){
+			OC_Log::write('core', 'Session could not be initialized',
 				OC_Log::ERROR);
-			
+
 			header('HTTP/1.1 500 Internal Server Error');
 			OC_Util::addStyle("styles");
 			$error = 'Session could not be initialized. Please contact your ';
@ -304,15 +309,15 @@ class OC {
 		}

 		// regenerate session id periodically to avoid session fixation
-		if (!isset($_SESSION['SID_CREATED'])) {
-			$_SESSION['SID_CREATED'] = time();
-		} else if (time() - $_SESSION['SID_CREATED'] > 60*60*12) {
+		if (!self::$session->exists('SID_CREATED')) {
+			self::$session->set('SID_CREATED', time());
+		} else if (time() - self::$session->get('SID_CREATED') > 60*60*12) {
 			session_regenerate_id(true);
-			$_SESSION['SID_CREATED'] = time();
+			self::$session->set('SID_CREATED', time());
 		}

 		// session timeout
-		if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60*60*24)) {
+		if (self::$session->exists('LAST_ACTIVITY') && (time() - self::$session->get('LAST_ACTIVITY') > 60*60*24)) {
 			if (isset($_COOKIE[session_name()])) {
 				setcookie(session_name(), '', time() - 42000, $cookie_path);
 			}
@ -320,7 +325,8 @@ class OC {
 			session_destroy();
 			session_start();
 		}
-		$_SESSION['LAST_ACTIVITY'] = time();
+
+		self::$session->set('LAST_ACTIVITY', time());
 	}

 	public static function getRouter() {
@ -446,14 +452,14 @@ class OC {

 		// User and Groups
 		if (!OC_Config::getValue("installed", false)) {
-			$_SESSION['user_id'] = '';
+			self::$session->set('user_id','');
 		}

 		OC_User::useBackend(new OC_User_Database());
 		OC_Group::useBackend(new OC_Group_Database());

-		if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id'])
-			&& $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) {
+		if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('user_id')
+			&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('user_id')) {
 			OC_User::logout();
 		}

@ -598,7 +604,7 @@ class OC {
 		// Handle redirect URL for logged in users
 		if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
 			$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
-			
+
 			// Deny the redirect if the URL contains a @
 			// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
 			if (strpos($location, '@') === false) {
@ -748,7 +754,7 @@ class OC {
 		if (OC_User::login($_POST["user"], $_POST["password"])) {
 			// setting up the time zone
 			if (isset($_POST['timezone-offset'])) {
-				$_SESSION['timezone'] = $_POST['timezone-offset'];
+				self::$session->set('timezone', $_POST['timezone-offset']);
 			}

 			self::cleanupLoginTokens($_POST['user']);
--- a/lib/template.php
+++ b/lib/template.php
@ -246,14 +246,14 @@ class OC_Template{
 		// if the formfactor is not yet autodetected do the
 		// autodetection now. For possible formfactors check the
 		// detectFormfactor documentation
-		if(!isset($_SESSION['formfactor'])) {
-			$_SESSION['formfactor'] = self::detectFormfactor();
+		if (!\OC::$session->exists('formfactor')) {
+			\OC::$session->set('formfactor', self::detectFormfactor());
 		}
 		// allow manual override via GET parameter
 		if(isset($_GET['formfactor'])) {
-			$_SESSION['formfactor']=$_GET['formfactor'];
+			\OC::$session->set('formfactor', $_GET['formfactor']);
 		}
-		$formfactor=$_SESSION['formfactor'];
+		$formfactor = \OC::$session->get('formfactor');
 		if($formfactor=='default') {
 			$fext='';
 		}elseif($formfactor=='mobile') {
--- a/lib/user.php
+++ b/lib/user.php
@ -264,7 +264,7 @@ class OC_User {
 	 * @brief Sets user id for session and triggers emit
 	 */
 	public static function setUserId($uid) {
-		$_SESSION['user_id'] = $uid;
+		\OC::$session->set('user_id', $uid);
 	}

 	/**
@ -285,7 +285,7 @@ class OC_User {
 			$result = true;
 		}
 		if (OC_User::getUser() === $uid) {
-			$_SESSION['display_name'] = $displayName;
+			\OC::$session->set('display_name', $displayName);
 		}
 		return $result;
 	}
@ -328,10 +328,10 @@ class OC_User {
 	 * Checks if the user is logged in
 	 */
 	public static function isLoggedIn() {
-		if( isset($_SESSION['user_id']) AND $_SESSION['user_id']) {
+		if( \OC::$session->get('user_id')) {
 			OC_App::loadApps(array('authentication'));
 			self::setupBackends();
-			if (self::userExists($_SESSION['user_id']) ) {
+			if (self::userExists(\OC::$session->get('user_id')) ) {
 				return true;
 			}
 		}
@ -356,8 +356,8 @@ class OC_User {
 	 * @return string uid or false
 	 */
 	public static function getUser() {
-		if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) {
-			return $_SESSION['user_id'];
+		if( \OC::$session->get('user_id') ) {
+			return \OC::$session->get('user_id');
 		}
 		else{
 			return false;
@ -371,8 +371,8 @@ class OC_User {
 	public static function getDisplayName($user=null) {
 		if ( $user ) {
 			return self::determineDisplayName($user);
-		} else if( isset($_SESSION['display_name']) AND $_SESSION['display_name'] ) {
-			return $_SESSION['display_name'];
+		} else if( \OC::$session->get('display_name') ) {
+			return \OC::$session->get('display_name');
 		}
 		else{
 			return false;
--- a/lib/util.php
+++ b/lib/util.php
@ -151,10 +151,10 @@ class OC_Util {
 	 * @param bool dateOnly option to omit time from the result
 	 */
 	public static function formatDate( $timestamp, $dateOnly=false) {
-		if(isset($_SESSION['timezone'])) {//adjust to clients timezone if we know it
+		if(\OC::$session->exists('timezone')) {//adjust to clients timezone if we know it
 			$systemTimeZone = intval(date('O'));
 			$systemTimeZone=(round($systemTimeZone/100, 0)*60)+($systemTimeZone%100);
-			$clientTimeZone=$_SESSION['timezone']*60;
+			$clientTimeZone=\OC::$session->get('timezone')*60;
 			$offset=$clientTimeZone-$systemTimeZone;
 			$timestamp=$timestamp+$offset*60;
 		}
@ -458,13 +458,13 @@ class OC_Util {
 	 */
 	public static function callRegister() {
 		// Check if a token exists
-		if(!isset($_SESSION['requesttoken'])) {
+		if(!\OC::$session->exists('requesttoken')) {
 			// No valid token found, generate a new one.
 			$requestToken = self::generate_random_bytes(20);
-			$_SESSION['requesttoken']=$requestToken;
+			\OC::$session->set('requesttoken', $requestToken);
 		} else {
 			// Valid token already exists, send it
-			$requestToken = $_SESSION['requesttoken'];
+			$requestToken = \OC::$session->get('requesttoken');
 		}
 		return($requestToken);
 	}
@ -476,7 +476,7 @@ class OC_Util {
 	 * @see OC_Util::callRegister()
 	 */
 	public static function isCallRegistered() {
-		if(!isset($_SESSION['requesttoken'])) {
+		if(!\OC::$session->exists('requesttoken')) {
 			return false;
 		}

@ -492,7 +492,7 @@ class OC_Util {
 		}

 		// Check if the token is valid
-		if($token !== $_SESSION['requesttoken']) {
+		if($token !== \OC::$session->get('requesttoken')) {
 			// Not valid
 			return false;
 		} else {