static array getRemoteIdentifier(
)
|
|
Return a value that we can use to identify the client. We can't tie it to the IP address because that changes too frequently (dialup users, users behind proxies) so we have to be creative. Changing this algorithm will cause all existing sessions to be discarded.
string addToNavigation(
array
$navigationData
)
|
|
Start new navigation.
Parameters:
|
array |
$navigationData: |
data for this new navigation: array('returnName' => ... 'returnUrl' => ... ['returnNavId' => ...]) |
API Tags:
| Return: | the navigation id |
| Deprecated: | |
Information Tags:
| Todo: | will be removed in the next API branch |
int compareIdentifiers(
$a,
$b
)
|
|
Compare two arrays and return score consisting of 1 point for each matching element.
Example input: $a = array(0, 'x', 2); $b = array(0, 'y', 2); Example output: 2 (Indexes 0 and 2 match, index 1 does not)
Parameters:
API Tags:
Instruct the session to not return a pseudo temporary session id on getId() calls Makes sure that the URL generator and other componennts don't use a pseudo session id for guest users without a real session. Call this method before starting to output immediate views the progress bar.
void exists(
string
$key
)
|
|
Check to see if a value exists in the session.
Parameters:
string &get(
string
$key
)
|
|
Get a value from the session data.
Parameters:
API Tags:
| Return: | the value or null if it doesn't exist |
Returns the authentication token associated with this session.
API Tags:
| Return: | the authentication token |
Return the Unix timestamp from when this session was created.
API Tags:
| Return: | the creation time |
The session id.
API Tags:
| Return: | an id (like "A124DFE7A90") |
The session key parameter used in URLs and the cookie.
int getModificationTime(
)
|
|
Return the Unix timestamp from when this session was last modified.
API Tags:
| Return: | the modification time |
array getNavigation(
string
$navId
)
|
|
Get data for a specific navigation id.
Parameters:
|
string |
$navId: |
the navigation id |
API Tags:
| Return: | the navigation data |
| Deprecated: | |
Information Tags:
| Todo: | will be removed in the next API branch |
Return the session id.
API Tags:
| Return: | the session id |
| Deprecated: | |
Information Tags:
| Todo: | will be removed in the next API branch |
array getStatus(
[boolean
$remove = true]
)
|
|
Get a status message.
Parameters:
|
boolean |
$remove: |
(optional) |
API Tags:
| Return: | the status message |
Redefined in descendants as:
Return the user id of the active user of this sesison.
API Tags:
array hasSiteAdminSessionExpired(
)
|
|
Check if the site admininstration session timeout has expired
API Tags:
| Return: | GalleryStatus a status code boolean true if the timeout has expired. |
| Access: | public |
Either create a new session, or attach to an existing one.
API Tags:
GalleryStatus initEmpty(
[boolean
$emptyRemoteId = false], [int
$userId = null]
)
|
|
Set a new/unused sessionid.
Parameters:
|
boolean |
$emptyRemoteId: |
(optional) if true don't initialize remoteIdentifier |
|
int |
$userId: |
(optional) user for session, defaults to anonymous |
API Tags:
bool isCorrectAuthToken(
string
$authToken
)
|
|
Checks the given authentication token and resets the internal token on failure.
Parameters:
|
string |
$authToken: |
Authentication token to be verified |
API Tags:
| Return: | true if the given |
Whether this session is a persistent session (= stored on the server) or just a session for this single request. Note that a non-persistent session can become persistent at the end of the request when we evaluate the conditions whether to create a persistent session or not.
API Tags:
| Return: | true if the session is persistent, else false |
bool isSearchEngineSession(
)
|
|
Return true if this session is identified as one coming from a search engine.
API Tags:
| Return: | true if this is a search engine session |
boolean isUsingCookies(
)
|
|
Is this transaction known to be using cookies?
void jumpNavigation(
string
$fromNavId, [string
$destNavId = '']
)
|
|
Jump back from one navigation point to one of its predecessors.
Parameters:
|
string |
$fromNavId: |
the source navigation id |
|
string |
$destNavId: |
the destination navigation id. If empty, go back to root. |
API Tags:
Information Tags:
| Todo: | will be removed in the next API branch |
void put(
string
$key, string
$value
)
|
|
Store a value in the session.
Parameters:
|
string |
$key: |
|
|
string |
$value: |
|
void putStatus(
array
$statusData
)
|
|
Store a status message.
Parameters:
Redefined in descendants as:
Regenerate the session id to prevent a session fixation attack by a hostile website.
API Tags:
void remove(
string
$key
)
|
|
Remove a value from the session.
Parameters:
mixed replaceSessionIdInData(
mixed
$subject, [string
$search = null], [string
$replace = null]
)
|
|
Replaces the session id in all string members of an object or in all elements of an array.
Applies replaceTempSessionIdIfNecessary to all strings if $search and $replace are omitted. Else it applies str_replace($search, $replace, $subject) on all strings.
Examples: $themeData = $session->replaceSessionIdInData($themeData, $sessionId, SESSION_TEMP_ID);
$themeData = $session->replaceSessionIdInData($themeData);
Parameters:
|
mixed |
$subject: |
array, object or string that should be modified |
|
string |
$search: |
(optional) string to be replaced |
|
string |
$replace: |
(optional) replacement string |
API Tags:
| Return: | converted subject |
string replaceTempSessionIdIfNecessary(
string
$html
)
|
|
If we started this request without a sessionId, then we used SESSION_TEMP_ID in all generated
URLs etc as a placeholder. If we still have no sessionId, remove g2_GALLERYSID=SESSION_TEMP_SID from all generated URLs and remove SESSION_TEMP_ID from the HTML. If a session was created (saved in the persistent store) during the request, replace the SESSION_TEMP_ID with the new/real session id.
Parameters:
API Tags:
| Return: | same HTML with replaced or removed sessionId |
Clean/remove and reinitialize a session.
API Tags:
GalleryStatus save(
[boolean
$useNonTransactionalConnection = false]
)
|
|
Save any session changes to the store. Does not save sessions that don't have a sessionId yet. Triggers the expiration of existing persistent sessions in 2% of all calls.
Parameters:
|
boolean |
$useNonTransactionalConnection: |
(optional) set to true if we should save this session outside of any existing transaction. |
API Tags:
Redefined in descendants as:
void setUserId(
int
$userId
)
|
|
Set the active user id for this session.
Parameters:
Start session by ensuring we've got a valid, unique sessionId and send cookie if necessary.
API Tags:
Acquire a new persistent session and guarantee we've got a valid, unqiue sessionId.
API Tags:
void _emptySessionData(
)
|
|
Get rid of all session data.
API Tags:
Get rid of any sessions that have not been accessed within our inactivity timeout or have exceeded the max lifetime.
API Tags:
| Return: | a status code |
| Access: | private |
Redefined in descendants as:
string _getSerializedSession(
)
|
|
Get the serialized session for comparing purposes.
API Tags:
| Return: | serialized session |
| Access: | private |
Determine if the request is using the HTTPS protocol.
API Tags:
| Return: | true if the request is using HTTPS |
| Access: | private |
boolean _isPersistentSessionAllowedForRequest(
)
|
|
Whether this controller/view request generally allows creating a session.
Don't save session in core.DownloadItem, migrate.Redirect, ... requests Reason: In these requests we don't need to save the session or create a new one because a) the session is not modified (DownloadItem, CSS) b) we return an image / css and not a HTML page (DownloadItem, CSS) c) there will be either a DownloadItem / ShowItem request anyway (migrate.Redirect) d) in migrate.Redirect requests, the cookie path we would set would most certainly be wrong, because the internal mod_rewrite redirect doesn't change all PHP SERVER variables
And if we stored the session, it would result in *a lot* unneeded sessions, eg. for migrate redirects or hotlinked images.
API Tags:
| Return: | true if a persistent session can be created in this request |
| Access: | private |
array _isPersistentSessionRequired(
)
|
|
Check whether this session should be persistent or not.
For guest users, we don't create sessions, unless their session has non-default data. Also, the session based permission cache and the navigation isn't regarded important enough to create a session.
API Tags:
| Return: | GalleryStatus a status code, boolean session is necessary |
| Access: | private |
Load the session data or generate a new session with new data. Also sets $this->_isPersistent to true if loaded from persistent store.
API Tags:
| Return: | a status code |
| Access: | private |
Send back a cookie to the browser.
Parameters:
|
boolean |
$delete: |
(optional) whether to delete the cookie |
API Tags:
| Return: | a status code |
| Access: | private |
