| Server IP : 213.186.33.4 / Your IP : 216.73.216.193 Web Server : Apache System : Linux webm006.cluster103.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64 User : awebpaca ( 35430) PHP Version : 8.5.0 Disable Function : _dyuweyrj4,_dyuweyrj4r,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/awebpaca/boutiques/app/code/core/Mage/Core/Model/Session/Abstract/ |
Upload File : |
<?php
/**
* Magento
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@magentocommerce.com so we can send you a copy immediately.
*
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade Magento to newer
* versions in the future. If you wish to customize Magento for your
* needs please refer to http://www.magentocommerce.com for more information.
*
* @category Mage
* @package Mage_Core
* @copyright Copyright (c) 2010 Magento Inc. (http://www.magentocommerce.com)
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
*/
class Mage_Core_Model_Session_Abstract_Varien extends Varien_Object
{
const VALIDATOR_KEY = '_session_validator_data';
const VALIDATOR_HTTP_USER_AGENT_KEY = 'http_user_agent';
const VALIDATOR_HTTP_X_FORVARDED_FOR_KEY = 'http_x_forwarded_for';
const VALIDATOR_HTTP_VIA_KEY = 'http_via';
const VALIDATOR_REMOTE_ADDR_KEY = 'remote_addr';
/**
* Conigure and start session
*
* @param string $sessionName
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function start($sessionName=null)
{
if (isset($_SESSION)) {
return $this;
}
switch($this->getSessionSaveMethod()) {
case 'db':
ini_set('session.save_handler', 'user');
$sessionResource = Mage::getResourceSingleton('core/session');
/* @var $sessionResource Mage_Core_Model_Mysql4_Session */
$sessionResource->setSaveHandler();
break;
case 'memcache':
ini_set('session.save_handler', 'memcache');
session_save_path($this->getSessionSavePath());
break;
case 'eaccelerator':
ini_set('session.save_handler', 'eaccelerator');
break;
default:
session_module_name('files');
if (is_writable(Mage::getBaseDir('session'))) {
session_save_path($this->getSessionSavePath());
}
break;
}
$cookie = $this->getCookie();
if (Mage::app()->getStore()->isAdmin()) {
$adminSessionLifetime = (int)Mage::getStoreConfig('admin/security/session_cookie_lifetime');
if ($adminSessionLifetime > 60) {
$cookie->setLifetime($adminSessionLifetime);
}
}
// session cookie params
$cookieParams = array(
'lifetime' => $cookie->getLifetime(),
'path' => $cookie->getPath(),
'domain' => $cookie->getConfigDomain(),
'secure' => $cookie->isSecure(),
'httponly' => $cookie->getHttponly()
);
if (!$cookieParams['httponly']) {
unset($cookieParams['httponly']);
if (!$cookieParams['secure']) {
unset($cookieParams['secure']);
if (!$cookieParams['domain']) {
unset($cookieParams['domain']);
}
}
}
if (isset($cookieParams['domain'])) {
$cookieParams['domain'] = $cookie->getDomain();
}
call_user_func_array('session_set_cookie_params', $cookieParams);
if (!empty($sessionName)) {
$this->setSessionName($sessionName);
}
// potential custom logic for session id (ex. switching between hosts)
$this->setSessionId();
Varien_Profiler::start(__METHOD__.'/start');
$sessionCacheLimiter = Mage::getConfig()->getNode('global/session_cache_limiter');
if ($sessionCacheLimiter) {
session_cache_limiter((string)$sessionCacheLimiter);
}
session_start();
/**
* Renew cookie expiration time
*/
$cookie->renew(session_name());
Varien_Profiler::stop(__METHOD__.'/start');
return $this;
}
/**
* Retrieve cookie object
*
* @return Mage_Core_Model_Cookie
*/
public function getCookie()
{
return Mage::getSingleton('core/cookie');
}
/**
* Revalidate cookie
* @deprecated after 1.4 cookie renew moved to session start method
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function revalidateCookie()
{
return $this;
}
/**
* Init session with namespace
*
* @param string $namespace
* @param string $sessionName
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function init($namespace, $sessionName=null)
{
if (!isset($_SESSION)) {
$this->start($sessionName);
}
if (!isset($_SESSION[$namespace])) {
$_SESSION[$namespace] = array();
}
$this->_data = &$_SESSION[$namespace];
$this->validate();
$this->revalidateCookie();
return $this;
}
/**
* Additional get data with clear mode
*
* @param string $key
* @param bool $clear
* @return mixed
*/
public function getData($key='', $clear = false)
{
$data = parent::getData($key);
if ($clear && isset($this->_data[$key])) {
unset($this->_data[$key]);
}
return $data;
}
/**
* Retrieve session Id
*
* @return string
*/
public function getSessionId()
{
return session_id();
}
/**
* Set custom session id
*
* @param string $id
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function setSessionId($id=null)
{
if (!is_null($id) && preg_match('#^[0-9a-zA-Z,-]+$#', $id)) {
session_id($id);
}
return $this;
}
/**
* Retrieve session name
*
* @return string
*/
public function getSessionName()
{
return session_name();
}
/**
* Set session name
*
* @param string $name
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function setSessionName($name)
{
session_name($name);
return $this;
}
/**
* Unset all data
*
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function unsetAll()
{
$this->unsetData();
return $this;
}
/**
* Alias for unsetAll
*
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function clear()
{
return $this->unsetAll();
}
/**
* Retrieve session save method
* Default files
*
* @return string
*/
public function getSessionSaveMethod()
{
return 'files';
}
/**
* Get sesssion save path
*
* @return string
*/
public function getSessionSavePath()
{
return Mage::getBaseDir('session');
}
/**
* Use REMOTE_ADDR in validator key
*
* @return bool
*/
public function useValidateRemoteAddr()
{
return true;
}
/**
* Use HTTP_VIA in validator key
*
* @return bool
*/
public function useValidateHttpVia()
{
return true;
}
/**
* Use HTTP_X_FORWARDED_FOR in validator key
*
* @return bool
*/
public function useValidateHttpXForwardedFor()
{
return true;
}
/**
* Use HTTP_USER_AGENT in validator key
*
* @return bool
*/
public function useValidateHttpUserAgent()
{
return true;
}
/**
* Retrieve skip User Agent validation strings (Flash etc)
*
* @return array
*/
public function getValidateHttpUserAgentSkip()
{
return array();
}
/**
* Validate session
*
* @param string $namespace
* @return Mage_Core_Model_Session_Abstract_Varien
*/
public function validate()
{
if (!isset($this->_data[self::VALIDATOR_KEY])) {
$this->_data[self::VALIDATOR_KEY] = $this->getValidatorData();
}
else {
if (!$this->_validate()) {
$this->getCookie()->delete(session_name());
// throw core session exception
throw new Mage_Core_Model_Session_Exception('');
}
}
return $this;
}
/**
* Validate data
*
* @return bool
*/
protected function _validate()
{
$sessionData = $this->_data[self::VALIDATOR_KEY];
$validatorData = $this->getValidatorData();
if ($this->useValidateRemoteAddr() && $sessionData[self::VALIDATOR_REMOTE_ADDR_KEY] != $validatorData[self::VALIDATOR_REMOTE_ADDR_KEY]) {
return false;
}
if ($this->useValidateHttpVia() && $sessionData[self::VALIDATOR_HTTP_VIA_KEY] != $validatorData[self::VALIDATOR_HTTP_VIA_KEY]) {
return false;
}
if ($this->useValidateHttpXForwardedFor() && $sessionData[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY] != $validatorData[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY]) {
return false;
}
if ($this->useValidateHttpUserAgent()
&& $sessionData[self::VALIDATOR_HTTP_USER_AGENT_KEY] != $validatorData[self::VALIDATOR_HTTP_USER_AGENT_KEY]
&& !in_array($validatorData[self::VALIDATOR_HTTP_USER_AGENT_KEY], $this->getValidateHttpUserAgentSkip())) {
return false;
}
return true;
}
/**
* Retrieve unique user data for validator
*
* @return array
*/
public function getValidatorData()
{
$parts = array(
self::VALIDATOR_REMOTE_ADDR_KEY => '',
self::VALIDATOR_HTTP_VIA_KEY => '',
self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY => '',
self::VALIDATOR_HTTP_USER_AGENT_KEY => ''
);
// collect ip data
if (Mage::helper('core/http')->getRemoteAddr()) {
$parts[self::VALIDATOR_REMOTE_ADDR_KEY] = Mage::helper('core/http')->getRemoteAddr();
}
if (isset($_ENV['HTTP_VIA'])) {
$parts[self::VALIDATOR_HTTP_VIA_KEY] = (string)$_ENV['HTTP_VIA'];
}
if (isset($_ENV['HTTP_X_FORWARDED_FOR'])) {
$parts[self::VALIDATOR_HTTP_X_FORVARDED_FOR_KEY] = (string)$_ENV['HTTP_X_FORWARDED_FOR'];
}
// collect user agent data
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$parts[self::VALIDATOR_HTTP_USER_AGENT_KEY] = (string)$_SERVER['HTTP_USER_AGENT'];
}
return $parts;
}
}