Mage_Core_Model_Session_Abstract_Varien Class Reference

Inheritance diagram for Mage_Core_Model_Session_Abstract_Varien:

Varien_Object Mage_Core_Model_Session_Abstract Mage_Admin_Model_Session Mage_Adminhtml_Model_Session Mage_Adminhtml_Model_Session_Quote Mage_AmazonPayments_Model_Session Mage_Api_Model_Session Mage_Catalog_Model_Session Mage_CatalogSearch_Model_Session Mage_Checkout_Model_Session Mage_Core_Model_Session Mage_Customer_Model_Session Mage_Install_Model_Session Mage_Newsletter_Model_Session Mage_Paypal_Model_Session Mage_PaypalUk_Model_Session Mage_Reports_Model_Session Mage_Review_Model_Session Mage_Rss_Model_Session Mage_Tag_Model_Session Mage_Wishlist_Model_Session

List of all members.

Public Member Functions

 start ($sessionName=null)
 getCookie ()
 revalidateCookie ()
 init ($namespace, $sessionName=null)
 getData ($key='', $clear=false)
 getSessionId ()
 setSessionId ($id=null)
 getSessionName ()
 setSessionName ($name)
 unsetAll ()
 clear ()
 getSessionSaveMethod ()
 getSessionSavePath ()
 useValidateRemoteAddr ()
 useValidateHttpVia ()
 useValidateHttpXForwardedFor ()
 useValidateHttpUserAgent ()
 getValidateHttpUserAgentSkip ()
 validate ()
 getValidatorData ()

Public Attributes

const VALIDATOR_KEY = '_session_validator_data'
const VALIDATOR_HTTP_USER_AGENT_KEY = 'http_user_agent'
const VALIDATOR_HTTP_X_FORVARDED_FOR_KEY = 'http_x_forwarded_for'
const VALIDATOR_HTTP_VIA_KEY = 'http_via'
const VALIDATOR_REMOTE_ADDR_KEY = 'remote_addr'

Protected Member Functions

 _validate ()

Detailed Description

Definition at line 28 of file Varien.php.

Member Function Documentation

_validate (  )  [protected]

Validate data

Returns:
bool

Definition at line 349 of file Varien.php.

00350     {
00351         $sessionData = $this->_data[self::VALIDATOR_KEY];
00352         $validatorData = $this->getValidatorData();
00353 
00354         if ($this->useValidateRemoteAddr() && $sessionData[self::VALIDATOR_REMOTE_ADDR_KEY] != $validatorData[self::VALIDATOR_REMOTE_ADDR_KEY]) {
00355             return false;
00356         }
00357         if ($this->useValidateHttpVia() && $sessionData[self::VALIDATOR_HTTP_VIA_KEY] != $validatorData[self::VALIDATOR_HTTP_VIA_KEY]) {
00358             return false;
00359         }
00360         if ($this->useValidateHttpXForwardedFor() && $sessionData[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY] != $validatorData[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY]) {
00361             return false;
00362         }
00363         if ($this->useValidateHttpUserAgent()
00364             && $sessionData[self::VALIDATOR_HTTP_USER_AGENT_KEY] != $validatorData[self::VALIDATOR_HTTP_USER_AGENT_KEY]
00365             && !in_array($validatorData[self::VALIDATOR_HTTP_USER_AGENT_KEY], $this->getValidateHttpUserAgentSkip())) {
00366             return false;
00367         }
00368 
00369         return true;
00370     }

clear (  ) 

Alias for unsetAll

Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Api_Model_Session, and Mage_Checkout_Model_Session.

Definition at line 246 of file Varien.php.

00247     {
00248         return $this->unsetAll();
00249     }

getCookie (  ) 

Retrieve cookie object

Returns:
Mage_Core_Model_Cookie

Definition at line 111 of file Varien.php.

00112     {
00113         return Mage::getSingleton('core/cookie');
00114     }

getData ( key = '',
clear = false 
)

Additional get data with clear mode

Parameters:
string $key
bool $clear
Returns:
mixed

Reimplemented from Varien_Object.

Definition at line 175 of file Varien.php.

00176     {
00177         $data = parent::getData($key);
00178         if ($clear && isset($this->_data[$key])) {
00179             unset($this->_data[$key]);
00180         }
00181         return $data;
00182     }

getSessionId (  ) 

Retrieve session Id

Returns:
string

Reimplemented in Mage_Api_Model_Session.

Definition at line 189 of file Varien.php.

00190     {
00191         return session_id();
00192     }

getSessionName (  ) 

Retrieve session name

Returns:
string

Definition at line 213 of file Varien.php.

00214     {
00215         return session_name();
00216     }

getSessionSaveMethod (  ) 

Retrieve session save method Default files

Returns:
string

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 257 of file Varien.php.

00258     {
00259         return 'files';
00260     }

getSessionSavePath (  ) 

Get sesssion save path

Returns:
string

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 267 of file Varien.php.

00268     {
00269         return Mage::getBaseDir('session');
00270     }

getValidateHttpUserAgentSkip (  ) 

Retrieve skip User Agent validation strings (Flash etc)

Returns:
array

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 317 of file Varien.php.

00318     {
00319         return array();
00320     }

getValidatorData (  ) 

Retrieve unique user data for validator

Returns:
array

Definition at line 377 of file Varien.php.

00378     {
00379         $parts = array(
00380             self::VALIDATOR_REMOTE_ADDR_KEY             => '',
00381             self::VALIDATOR_HTTP_VIA_KEY                => '',
00382             self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY    => '',
00383             self::VALIDATOR_HTTP_USER_AGENT_KEY         => ''
00384         );
00385 
00386         // collect ip data
00387         if (isset($_SERVER['REMOTE_ADDR'])) {
00388             $parts[self::VALIDATOR_REMOTE_ADDR_KEY] = (string)$_SERVER['REMOTE_ADDR'];
00389         }
00390         if (isset($_ENV['HTTP_VIA'])) {
00391             $parts[self::VALIDATOR_HTTP_VIA_KEY] = (string)$_ENV['HTTP_VIA'];
00392         }
00393         if (isset($_ENV['HTTP_X_FORWARDED_FOR'])) {
00394             $parts[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY] = (string)$_ENV['HTTP_X_FORWARDED_FOR'];
00395         }
00396 
00397         // collect user agent data
00398         if (isset($_SERVER['HTTP_USER_AGENT'])) {
00399             $parts[self::VALIDATOR_HTTP_USER_AGENT_KEY] = (string)$_SERVER['HTTP_USER_AGENT'];
00400         }
00401 
00402         return $parts;
00403     }

init ( namespace,
sessionName = null 
)

Init session with namespace

Parameters:
string $namespace
string $sessionName
Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Api_Model_Session, and Mage_Core_Model_Session_Abstract.

Definition at line 151 of file Varien.php.

00152     {
00153         if (!isset($_SESSION)) {
00154             $this->start($sessionName);
00155         }
00156         if (!isset($_SESSION[$namespace])) {
00157             $_SESSION[$namespace] = array();
00158         }
00159 
00160         $this->_data = &$_SESSION[$namespace];
00161 
00162         $this->validate();
00163         $this->revalidateCookie();
00164 
00165         return $this;
00166     }

revalidateCookie (  ) 

Revalidate cookie

Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Api_Model_Session.

Definition at line 121 of file Varien.php.

00122     {
00123         if (!$this->getCookie()->getLifetime()) {
00124             return $this;
00125         }
00126         if (empty($_SESSION['_cookie_revalidate'])) {
00127             $time = time() + round($this->getCookie()->getLifetime() / 4);
00128             $_SESSION['_cookie_revalidate'] = $time;
00129         }
00130         else {
00131             if ($_SESSION['_cookie_revalidate'] < time()) {
00132                 if (!headers_sent()) {
00133                     $this->getCookie()->set(session_name(), session_id());
00134 
00135                     $time = time() + round($this->getCookie()->getLifetime() / 4);
00136                     $_SESSION['_cookie_revalidate'] = $time;
00137                 }
00138             }
00139         }
00140 
00141         return $this;
00142     }

setSessionId ( id = null  ) 

Set custom session id

Parameters:
string $id
Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Api_Model_Session, and Mage_Core_Model_Session_Abstract.

Definition at line 200 of file Varien.php.

00201     {
00202         if (!is_null($id) && preg_match('#^[0-9a-zA-Z,-]+$#', $id)) {
00203             session_id($id);
00204         }
00205         return $this;
00206     }

setSessionName ( name  ) 

Set session name

Parameters:
string $name
Returns:
Mage_Core_Model_Session_Abstract_Varien

Definition at line 224 of file Varien.php.

00225     {
00226         session_name($name);
00227         return $this;
00228     }

start ( sessionName = null  ) 

Conigure and start session

Parameters:
string $sessionName
Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Api_Model_Session.

Definition at line 42 of file Varien.php.

00043     {
00044         if (isset($_SESSION)) {
00045             return $this;
00046         }
00047 
00048         Varien_Profiler::start(__METHOD__.'/setOptions');
00049         if (is_writable(Mage::getBaseDir('session'))) {
00050             session_save_path($this->getSessionSavePath());
00051         }
00052         Varien_Profiler::stop(__METHOD__.'/setOptions');
00053 
00054         switch($this->getSessionSaveMethod()) {
00055             case 'db':
00056                 ini_set('session.save_handler', 'user');
00057                 $sessionResource = Mage::getResourceSingleton('core/session');
00058                 /* @var $sessionResource Mage_Core_Model_Mysql4_Session */
00059                 $sessionResource->setSaveHandler();
00060                 break;
00061             case 'memcache':
00062                 ini_set('session.save_handler', 'memcache');
00063                 session_save_path($this->getSessionSavePath());
00064                 break;
00065             default:
00066                 session_module_name('files');
00067                 break;
00068         }
00069 
00070         if (Mage::app()->getStore()->isAdmin()) {
00071             $adminSessionLifetime = (int)Mage::getStoreConfig('admin/security/session_cookie_lifetime');
00072             if ($adminSessionLifetime > 60) {
00073                 Mage::getSingleton('core/cookie')->setLifetime($adminSessionLifetime);
00074             }
00075         }
00076 
00077         // set session cookie params
00078         session_set_cookie_params(
00079             $this->getCookie()->getLifetime(),
00080             $this->getCookie()->getPath(),
00081             $this->getCookie()->getDomain(),
00082             $this->getCookie()->isSecure(),
00083             $this->getCookie()->getHttponly()
00084         );
00085 
00086         if (!empty($sessionName)) {
00087             $this->setSessionName($sessionName);
00088         }
00089 
00090         // potential custom logic for session id (ex. switching between hosts)
00091         $this->setSessionId();
00092 
00093         Varien_Profiler::start(__METHOD__.'/start');
00094 
00095         if ($sessionCacheLimiter = Mage::getConfig()->getNode('global/session_cache_limiter')) {
00096             session_cache_limiter((string)$sessionCacheLimiter);
00097         }
00098 
00099         session_start();
00100 
00101         Varien_Profiler::stop(__METHOD__.'/start');
00102 
00103         return $this;
00104     }

unsetAll (  ) 

Unset all data

Returns:
Mage_Core_Model_Session_Abstract_Varien

Reimplemented in Mage_Checkout_Model_Session.

Definition at line 235 of file Varien.php.

00236     {
00237         $this->unsetData();
00238         return $this;
00239     }

useValidateHttpUserAgent (  ) 

Use HTTP_USER_AGENT in validator key

Returns:
bool

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 307 of file Varien.php.

00308     {
00309         return true;
00310     }

useValidateHttpVia (  ) 

Use HTTP_VIA in validator key

Returns:
bool

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 287 of file Varien.php.

00288     {
00289         return true;
00290     }

useValidateHttpXForwardedFor (  ) 

Use HTTP_X_FORWARDED_FOR in validator key

Returns:
bool

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 297 of file Varien.php.

00298     {
00299         return true;
00300     }

useValidateRemoteAddr (  ) 

Use REMOTE_ADDR in validator key

Returns:
bool

Reimplemented in Mage_Core_Model_Session_Abstract.

Definition at line 277 of file Varien.php.

00278     {
00279         return true;
00280     }

validate (  ) 

Validate session

Parameters:
string $namespace
Returns:
Mage_Core_Model_Session_Abstract_Varien

Definition at line 328 of file Varien.php.

00329     {
00330         if (!isset($this->_data[self::VALIDATOR_KEY])) {
00331             $this->_data[self::VALIDATOR_KEY] = $this->getValidatorData();
00332         }
00333         else {
00334             if (!$this->_validate()) {
00335                 $this->getCookie()->delete(session_name());
00336                 // throw core session exception
00337                 throw new Mage_Core_Model_Session_Exception('');
00338             }
00339         }
00340 
00341         return $this;
00342     }

Member Data Documentation

const VALIDATOR_HTTP_USER_AGENT_KEY = 'http_user_agent'

Definition at line 31 of file Varien.php.

const VALIDATOR_HTTP_VIA_KEY = 'http_via'

Definition at line 33 of file Varien.php.

const VALIDATOR_HTTP_X_FORVARDED_FOR_KEY = 'http_x_forwarded_for'

Definition at line 32 of file Varien.php.

const VALIDATOR_KEY = '_session_validator_data'

Definition at line 30 of file Varien.php.

const VALIDATOR_REMOTE_ADDR_KEY = 'remote_addr'

Definition at line 34 of file Varien.php.

The documentation for this class was generated from the following file:
Generated on Sat Jul 4 17:24:00 2009 for Magento by  doxygen 1.5.8