X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fsession%2FPHPSessionHandler.php;h=157cc52ff2362809a3d2018c92ad897dc3e3fb9c;hb=701854b3ebc3c2b06067823395a7d95e8984cfda;hp=084ac05c96070c7f9975d735a5ca5f2ca64fafe9;hpb=69ae945e8d39972a07bea89ddb64bc0189b43ac2;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/session/PHPSessionHandler.php b/includes/session/PHPSessionHandler.php index 084ac05c96..157cc52ff2 100644 --- a/includes/session/PHPSessionHandler.php +++ b/includes/session/PHPSessionHandler.php @@ -122,22 +122,28 @@ class PHPSessionHandler implements \SessionHandlerInterface { // Close any auto-started session, before we replace it session_write_close(); - // Tell PHP not to mess with cookies itself - ini_set( 'session.use_cookies', 0 ); - ini_set( 'session.use_trans_sid', 0 ); - - // T124510: Disable automatic PHP session related cache headers. - // MediaWiki adds it's own headers and the default PHP behavior may - // set headers such as 'Pragma: no-cache' that cause problems with - // some user agents. - session_cache_limiter( '' ); - - // Also set a sane serialization handler - \Wikimedia\PhpSessionSerializer::setSerializeHandler(); - - // Register this as the save handler, and register an appropriate - // shutdown function. - session_set_save_handler( self::$instance, true ); + try { + \Wikimedia\suppressWarnings(); + + // Tell PHP not to mess with cookies itself + ini_set( 'session.use_cookies', 0 ); + ini_set( 'session.use_trans_sid', 0 ); + + // T124510: Disable automatic PHP session related cache headers. + // MediaWiki adds it's own headers and the default PHP behavior may + // set headers such as 'Pragma: no-cache' that cause problems with + // some user agents. + session_cache_limiter( '' ); + + // Also set a sane serialization handler + \Wikimedia\PhpSessionSerializer::setSerializeHandler(); + + // Register this as the save handler, and register an appropriate + // shutdown function. + session_set_save_handler( self::$instance, true ); + } finally { + \Wikimedia\restoreWarnings(); + } } /** @@ -145,7 +151,7 @@ class PHPSessionHandler implements \SessionHandlerInterface { * @private Use self::install(). * @param SessionManager $manager * @param BagOStuff $store - * @param LoggerInterface $store + * @param LoggerInterface $logger */ public function setManager( SessionManager $manager, BagOStuff $store, LoggerInterface $logger @@ -162,39 +168,12 @@ class PHPSessionHandler implements \SessionHandlerInterface { } } - /** - * Workaround for PHP5 bug - * - * PHP5 has a bug in handling boolean return values for - * SessionHandlerInterface methods, it expects 0 or -1 instead of true or - * false. See . - * - * PHP7 and HHVM are not affected. - * - * @todo When we drop support for Zend PHP 5, this can be removed. - * @return bool|int - * @codeCoverageIgnore - */ - protected static function returnSuccess() { - return defined( 'HHVM_VERSION' ) || version_compare( PHP_VERSION, '7.0.0', '>=' ) ? true : 0; - } - - /** - * Workaround for PHP5 bug - * @see self::returnSuccess() - * @return bool|int - * @codeCoverageIgnore - */ - protected static function returnFailure() { - return defined( 'HHVM_VERSION' ) || version_compare( PHP_VERSION, '7.0.0', '>=' ) ? false : -1; - } - /** * Initialize the session (handler) * @private For internal use only * @param string $save_path Path used to store session files (ignored) * @param string $session_name Session name (ignored) - * @return bool|int Success (see self::returnSuccess()) + * @return true */ public function open( $save_path, $session_name ) { if ( self::$instance !== $this ) { @@ -203,20 +182,20 @@ class PHPSessionHandler implements \SessionHandlerInterface { if ( !$this->enable ) { throw new \BadMethodCallException( 'Attempt to use PHP session management' ); } - return self::returnSuccess(); + return true; } /** * Close the session (handler) * @private For internal use only - * @return bool|int Success (see self::returnSuccess()) + * @return true */ public function close() { if ( self::$instance !== $this ) { throw new \UnexpectedValueException( __METHOD__ . ': Wrong instance called!' ); } $this->sessionFieldCache = []; - return self::returnSuccess(); + return true; } /** @@ -251,7 +230,7 @@ class PHPSessionHandler implements \SessionHandlerInterface { * @param string $dataStr Session data. Not that you should ever call this * directly, but note that this has the same issues with code injection * via user-controlled data as does PHP's unserialize function. - * @return bool|int Success (see self::returnSuccess()) + * @return bool */ public function write( $id, $dataStr ) { if ( self::$instance !== $this ) { @@ -270,20 +249,20 @@ class PHPSessionHandler implements \SessionHandlerInterface { [ 'session' => $id, ] ); - return self::returnSuccess(); + return true; } // First, decode the string PHP handed us $data = \Wikimedia\PhpSessionSerializer::decode( $dataStr ); if ( $data === null ) { // @codeCoverageIgnoreStart - return self::returnFailure(); + return false; // @codeCoverageIgnoreEnd } // Now merge the data into the Session object. $changed = false; - $cache = isset( $this->sessionFieldCache[$id] ) ? $this->sessionFieldCache[$id] : []; + $cache = $this->sessionFieldCache[$id] ?? []; foreach ( $data as $key => $value ) { if ( !array_key_exists( $key, $cache ) ) { if ( $session->exists( $key ) ) { @@ -350,14 +329,14 @@ class PHPSessionHandler implements \SessionHandlerInterface { $session->persist(); - return self::returnSuccess(); + return true; } /** * Destroy a session * @private For internal use only * @param string $id Session id - * @return bool|int Success (see self::returnSuccess()) + * @return true */ public function destroy( $id ) { if ( self::$instance !== $this ) { @@ -370,14 +349,14 @@ class PHPSessionHandler implements \SessionHandlerInterface { if ( $session ) { $session->clear(); } - return self::returnSuccess(); + return true; } /** * Execute garbage collection. * @private For internal use only * @param int $maxlifetime Maximum session life time (ignored) - * @return bool|int Success (see self::returnSuccess()) + * @return true * @codeCoverageIgnore See T135576 */ public function gc( $maxlifetime ) { @@ -386,6 +365,6 @@ class PHPSessionHandler implements \SessionHandlerInterface { } $before = date( 'YmdHis', time() ); $this->store->deleteObjectsExpiringBefore( $before ); - return self::returnSuccess(); + return true; } }