4 * This file is part of the Symfony package.
6 * (c) Fabien Potencier <fabien@symfony.com>
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
12 namespace Symfony\Component\HttpFoundation\Session\Storage\Handler;
15 * This abstract session handler provides a generic implementation
16 * of the PHP 7.0 SessionUpdateTimestampHandlerInterface,
17 * enabling strict and lazy session handling.
19 * @author Nicolas Grekas <p@tchwork.com>
21 abstract class AbstractSessionHandler implements \SessionHandlerInterface, \SessionUpdateTimestampHandlerInterface
25 private $prefetchData;
26 private $newSessionId;
27 private $igbinaryEmptyData;
32 public function open($savePath, $sessionName)
34 $this->sessionName = $sessionName;
35 if (!headers_sent() && !ini_get('session.cache_limiter') && '0' !== ini_get('session.cache_limiter')) {
36 header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
43 * @param string $sessionId
47 abstract protected function doRead($sessionId);
50 * @param string $sessionId
55 abstract protected function doWrite($sessionId, $data);
58 * @param string $sessionId
62 abstract protected function doDestroy($sessionId);
67 public function validateId($sessionId)
69 $this->prefetchData = $this->read($sessionId);
70 $this->prefetchId = $sessionId;
72 return '' !== $this->prefetchData;
78 public function read($sessionId)
80 if (null !== $this->prefetchId) {
81 $prefetchId = $this->prefetchId;
82 $prefetchData = $this->prefetchData;
83 $this->prefetchId = $this->prefetchData = null;
85 if ($prefetchId === $sessionId || '' === $prefetchData) {
86 $this->newSessionId = '' === $prefetchData ? $sessionId : null;
92 $data = $this->doRead($sessionId);
93 $this->newSessionId = '' === $data ? $sessionId : null;
94 if (\PHP_VERSION_ID < 70000) {
95 $this->prefetchData = $data;
104 public function write($sessionId, $data)
106 if (\PHP_VERSION_ID < 70000 && $this->prefetchData) {
107 $readData = $this->prefetchData;
108 $this->prefetchData = null;
110 if ($readData === $data) {
111 return $this->updateTimestamp($sessionId, $data);
114 if (null === $this->igbinaryEmptyData) {
115 // see https://github.com/igbinary/igbinary/issues/146
116 $this->igbinaryEmptyData = \function_exists('igbinary_serialize') ? igbinary_serialize(array()) : '';
118 if ('' === $data || $this->igbinaryEmptyData === $data) {
119 return $this->destroy($sessionId);
121 $this->newSessionId = null;
123 return $this->doWrite($sessionId, $data);
129 public function destroy($sessionId)
131 if (\PHP_VERSION_ID < 70000) {
132 $this->prefetchData = null;
134 if (!headers_sent() && ini_get('session.use_cookies')) {
135 if (!$this->sessionName) {
136 throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', get_class($this)));
138 $sessionCookie = sprintf(' %s=', urlencode($this->sessionName));
139 $sessionCookieWithId = sprintf('%s%s;', $sessionCookie, urlencode($sessionId));
140 $sessionCookieFound = false;
141 $otherCookies = array();
142 foreach (headers_list() as $h) {
143 if (0 !== stripos($h, 'Set-Cookie:')) {
146 if (11 === strpos($h, $sessionCookie, 11)) {
147 $sessionCookieFound = true;
149 if (11 !== strpos($h, $sessionCookieWithId, 11)) {
150 $otherCookies[] = $h;
153 $otherCookies[] = $h;
156 if ($sessionCookieFound) {
157 header_remove('Set-Cookie');
158 foreach ($otherCookies as $h) {
162 setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));
166 return $this->newSessionId === $sessionId || $this->doDestroy($sessionId);