MediaWiki REL1_32
MediaWiki\Session\SessionBackend Class Reference

This is the actual workhorse for Session. More...

Collaboration diagram for MediaWiki\Session\SessionBackend:

Public Member Functions

 __construct (SessionId $id, SessionInfo $info, CachedBagOStuff $store, LoggerInterface $logger, $lifetime)
 
 addData (array $newData)
 Add data to the session.
 
 canSetUser ()
 Indicate whether the session user info can be changed.
 
 delaySave ()
 Delay automatic saving while multiple updates are being made.
 
 deregisterSession ( $index)
 Deregister a Session.
 
 dirty ()
 Mark data as dirty.
 
 getAllowedUserRights ()
 Fetch the rights allowed the user when this session is active.
 
getData ()
 Fetch the session data array.
 
 getId ()
 Returns the session ID.
 
 getLoggedOutTimestamp ()
 Fetch the "logged out" timestamp.
 
 getProvider ()
 Fetch the SessionProvider for this session.
 
 getProviderMetadata ()
 Fetch provider metadata.
 
 getRequest ( $index)
 Returns the request associated with a Session.
 
 getSession (WebRequest $request)
 Return a new Session for this backend.
 
 getSessionId ()
 Fetch the SessionId object.
 
 getUser ()
 Returns the authenticated user for this session.
 
 isPersistent ()
 Indicate whether this session is persisted across requests.
 
 persist ()
 Make this session persisted across requests.
 
 renew ()
 Renew the session by resaving everything.
 
 resetId ()
 Changes the session ID.
 
 save ( $closing=false)
 Save the session.
 
 setForceHTTPS ( $force)
 Set whether HTTPS should be forced.
 
 setLoggedOutTimestamp ( $ts=null)
 Set the "logged out" timestamp.
 
 setProviderMetadata ( $metadata)
 Set provider metadata.
 
 setRememberUser ( $remember)
 Set whether the user should be remembered independently of the session ID.
 
 setUser ( $user)
 Set a new user for this session.
 
 shouldForceHTTPS ()
 Whether HTTPS should be forced.
 
 shouldRememberUser ()
 Indicate whether the user should be remembered independently of the session ID.
 
 shutdown ()
 Shut down a session.
 
 suggestLoginUsername ( $index)
 Get a suggested username for the login form.
 
 unpersist ()
 Make this session not persisted across requests.
 

Private Member Functions

 autosave ()
 Save the session, unless delayed.
 
 checkPHPSession ()
 For backwards compatibility, open the PHP session when the global session is persisted.
 

Private Attributes

 $checkPHPSessionRecursionGuard = false
 
 $curIndex = 0
 
array null $data = null
 
 $dataDirty = false
 
string $dataHash = null
 Used to detect subarray modifications.
 
 $delaySave = 0
 
 $expires = 0
 
 $forceHTTPS = false
 
 $forcePersist = false
 
SessionId $id
 
int $lifetime
 
 $loggedOut = 0
 
LoggerInterface $logger
 
 $metaDirty = false
 
 $persist = false
 
SessionProvider $provider
 provider
 
array null $providerMetadata = null
 provider-specified metadata
 
 $remember = false
 
WebRequest[] $requests = []
 Session requests.
 
 $shutdown = false
 
CachedBagOStuff $store
 
 $usePhpSessionHandling = true
 
User $user
 

Detailed Description

This is the actual workhorse for Session.

Most code does not need to use this class, you want \MediaWiki\Session\Session. The exceptions are SessionProviders and SessionMetadata hook functions, which get an instance of this class rather than Session.

The reasons for this split are:

  1. A session can be attached to multiple requests, but we want the Session object to have some features that correspond to just one of those requests.
  2. We want reasonable garbage collection behavior, but we also want the SessionManager to hold a reference to every active session so it can be saved when the request ends.
Since
1.27

Definition at line 49 of file SessionBackend.php.

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ addData()

MediaWiki\Session\SessionBackend::addData ( array  $newData)

Add data to the session.

Overwrites any existing data under the same keys.

Parameters
array$newDataKey-value pairs to add to the session

Definition at line 526 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$data, $value, as, MediaWiki\Session\SessionBackend\getData(), and wfGetAllCallers().

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ autosave()

◆ canSetUser()

MediaWiki\Session\SessionBackend::canSetUser ( )

Indicate whether the session user info can be changed.

Returns
bool

Definition at line 385 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\setUser().

◆ checkPHPSession()

MediaWiki\Session\SessionBackend::checkPHPSession ( )
private

For backwards compatibility, open the PHP session when the global session is persisted.

Definition at line 751 of file SessionBackend.php.

References MediaWiki\Session\SessionManager\getGlobalSession(), MediaWiki\Session\SessionBackend\getId(), and MediaWiki\Session\PHPSessionHandler\isEnabled().

Referenced by MediaWiki\Session\SessionBackend\save().

◆ delaySave()

MediaWiki\Session\SessionBackend::delaySave ( )

Delay automatic saving while multiple updates are being made.

Calls to save() will not be delayed.

Returns
\Wikimedia\ScopedCallback When this goes out of scope, a save will be triggered

Definition at line 591 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\delaySave(), and save.

Referenced by MediaWiki\Session\SessionBackend\autosave(), and MediaWiki\Session\SessionBackend\delaySave().

◆ deregisterSession()

MediaWiki\Session\SessionBackend::deregisterSession (   $index)

Deregister a Session.

Access:\n private For use by \MediaWiki\Session\Session::__destruct() only
Parameters
int$index

Definition at line 184 of file SessionBackend.php.

References save, and MediaWiki\Session\SessionBackend\shutdown().

◆ dirty()

MediaWiki\Session\SessionBackend::dirty ( )

Mark data as dirty.

Access:\n private For use by \MediaWiki\Session\Session only.

Definition at line 546 of file SessionBackend.php.

References wfGetAllCallers().

Referenced by MediaWiki\Session\SessionBackendTest\testSave().

◆ getAllowedUserRights()

MediaWiki\Session\SessionBackend::getAllowedUserRights ( )

Fetch the rights allowed the user when this session is active.

Returns
null|string[] Allowed user rights, or null to allow all.

Definition at line 377 of file SessionBackend.php.

◆ getData()

& MediaWiki\Session\SessionBackend::getData ( )

Fetch the session data array.

Note the caller is responsible for calling $this->dirty() if anything in the array is changed.

Access:\n private For use by \MediaWiki\Session\Session only.
Returns
array

Definition at line 515 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$data.

Referenced by MediaWiki\Session\SessionBackend\addData().

◆ getId()

◆ getLoggedOutTimestamp()

MediaWiki\Session\SessionBackend::getLoggedOutTimestamp ( )

Fetch the "logged out" timestamp.

Returns
int

Definition at line 454 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$loggedOut.

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ getProvider()

MediaWiki\Session\SessionBackend::getProvider ( )

Fetch the SessionProvider for this session.

Returns
SessionProviderInterface

Definition at line 260 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$provider.

Referenced by MediaWiki\Session\BotPasswordSessionProvider\getAllowedUserRights(), and MediaWiki\Session\SessionProvider\getAllowedUserRights().

◆ getProviderMetadata()

MediaWiki\Session\SessionBackend::getProviderMetadata ( )

Fetch provider metadata.

Access:\n protected For use by SessionProvider subclasses only
Returns
array|null

Definition at line 481 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$providerMetadata.

Referenced by MediaWiki\Session\BotPasswordSessionProvider\getAllowedUserRights().

◆ getRequest()

MediaWiki\Session\SessionBackend::getRequest (   $index)

Returns the request associated with a Session.

Parameters
int$indexSession index
Returns
WebRequest

Definition at line 358 of file SessionBackend.php.

◆ getSession()

MediaWiki\Session\SessionBackend::getSession ( WebRequest  $request)

Return a new Session for this backend.

Parameters
WebRequest$request
Returns
Session

Definition at line 172 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$curIndex, and $request.

◆ getSessionId()

MediaWiki\Session\SessionBackend::getSessionId ( )

Fetch the SessionId object.

Access:\n private For internal use by WebRequest
Returns
SessionId

Definition at line 214 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$id.

Referenced by MediaWiki\Session\SessionManager\changeBackendId(), MediaWiki\Session\SessionManager\deregisterSessionBackend(), and MediaWiki\Session\SessionBackend\save().

◆ getUser()

MediaWiki\Session\SessionBackend::getUser ( )

◆ isPersistent()

MediaWiki\Session\SessionBackend::isPersistent ( )

Indicate whether this session is persisted across requests.

For example, if cookies are set.

Returns
bool

Definition at line 271 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$persist.

Referenced by MediaWiki\Session\SessionBackendTest\testSave().

◆ persist()

MediaWiki\Session\SessionBackend::persist ( )

◆ renew()

MediaWiki\Session\SessionBackend::renew ( )

Renew the session by resaving everything.

Resets the TTL in the backend store if the session is near expiring, and re-persists the session to any active WebRequests if persistent.

Definition at line 562 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\autosave(), MediaWiki\Session\SessionBackend\persist(), and wfGetAllCallers().

Referenced by MediaWiki\Session\SessionBackend\persist().

◆ resetId()

MediaWiki\Session\SessionBackend::resetId ( )

Changes the session ID.

Returns
string New ID (might be the same as the old)

Definition at line 222 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\autosave(), MediaWiki\Session\PHPSessionHandler\isEnabled(), store, and string.

◆ save()

MediaWiki\Session\SessionBackend::save (   $closing = false)

◆ setForceHTTPS()

MediaWiki\Session\SessionBackend::setForceHTTPS (   $force)

Set whether HTTPS should be forced.

Parameters
bool$force

Definition at line 437 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\autosave().

◆ setLoggedOutTimestamp()

MediaWiki\Session\SessionBackend::setLoggedOutTimestamp (   $ts = null)

Set the "logged out" timestamp.

Parameters
int | null$ts

Definition at line 462 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\autosave().

◆ setProviderMetadata()

MediaWiki\Session\SessionBackend::setProviderMetadata (   $metadata)

Set provider metadata.

Access:\n protected For use by SessionProvider subclasses only
Parameters
array | null$metadata

Definition at line 490 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\autosave().

◆ setRememberUser()

MediaWiki\Session\SessionBackend::setRememberUser (   $remember)

Set whether the user should be remembered independently of the session ID.

Parameters
bool$remember

Definition at line 340 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$remember, and MediaWiki\Session\SessionBackend\autosave().

◆ setUser()

MediaWiki\Session\SessionBackend::setUser (   $user)

Set a new user for this session.

Note
This should only be called when the user has been authenticated via a login process
Parameters
User$userUser to set on the session. This may become a "UserValue" in the future, or User may be refactored into such.

Definition at line 396 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$user, MediaWiki\Session\SessionBackend\autosave(), MediaWiki\Session\SessionBackend\canSetUser(), and user.

◆ shouldForceHTTPS()

MediaWiki\Session\SessionBackend::shouldForceHTTPS ( )

◆ shouldRememberUser()

MediaWiki\Session\SessionBackend::shouldRememberUser ( )

Indicate whether the user should be remembered independently of the session ID.

Returns
bool

Definition at line 331 of file SessionBackend.php.

References MediaWiki\Session\SessionBackend\$remember.

Referenced by MediaWiki\Session\CookieSessionProvider\persistSession().

◆ shutdown()

MediaWiki\Session\SessionBackend::shutdown ( )

Shut down a session.

Access:\n private For use by \MediaWiki\Session\SessionManager::shutdown() only

Definition at line 196 of file SessionBackend.php.

References save, and MediaWiki\Session\SessionBackend\shutdown().

Referenced by MediaWiki\Session\SessionBackend\deregisterSession(), and MediaWiki\Session\SessionBackend\shutdown().

◆ suggestLoginUsername()

MediaWiki\Session\SessionBackend::suggestLoginUsername (   $index)

Get a suggested username for the login form.

Parameters
int$indexSession index
Returns
string|null

Definition at line 418 of file SessionBackend.php.

◆ unpersist()

MediaWiki\Session\SessionBackend::unpersist ( )

Member Data Documentation

◆ $checkPHPSessionRecursionGuard

MediaWiki\Session\SessionBackend::$checkPHPSessionRecursionGuard = false
private

Definition at line 95 of file SessionBackend.php.

◆ $curIndex

MediaWiki\Session\SessionBackend::$curIndex = 0
private

Definition at line 79 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\getSession().

◆ $data

array null MediaWiki\Session\SessionBackend::$data = null
private

◆ $dataDirty

MediaWiki\Session\SessionBackend::$dataDirty = false
private

Definition at line 62 of file SessionBackend.php.

◆ $dataHash

string MediaWiki\Session\SessionBackend::$dataHash = null
private

Used to detect subarray modifications.

Definition at line 65 of file SessionBackend.php.

◆ $delaySave

MediaWiki\Session\SessionBackend::$delaySave = 0
private

Definition at line 92 of file SessionBackend.php.

◆ $expires

MediaWiki\Session\SessionBackend::$expires = 0
private

Definition at line 90 of file SessionBackend.php.

◆ $forceHTTPS

MediaWiki\Session\SessionBackend::$forceHTTPS = false
private

◆ $forcePersist

MediaWiki\Session\SessionBackend::$forcePersist = false
private

Definition at line 60 of file SessionBackend.php.

◆ $id

◆ $lifetime

int MediaWiki\Session\SessionBackend::$lifetime
private

◆ $loggedOut

MediaWiki\Session\SessionBackend::$loggedOut = 0
private

◆ $logger

LoggerInterface MediaWiki\Session\SessionBackend::$logger
private

Definition at line 71 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\__construct().

◆ $metaDirty

MediaWiki\Session\SessionBackend::$metaDirty = false
private

Definition at line 61 of file SessionBackend.php.

◆ $persist

MediaWiki\Session\SessionBackend::$persist = false
private

◆ $provider

SessionProvider MediaWiki\Session\SessionBackend::$provider
private

provider

Definition at line 85 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\getProvider().

◆ $providerMetadata

array null MediaWiki\Session\SessionBackend::$providerMetadata = null
private

provider-specified metadata

Definition at line 88 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\getProviderMetadata().

◆ $remember

MediaWiki\Session\SessionBackend::$remember = false
private

◆ $requests

WebRequest [] MediaWiki\Session\SessionBackend::$requests = []
private

Session requests.

Definition at line 82 of file SessionBackend.php.

◆ $shutdown

MediaWiki\Session\SessionBackend::$shutdown = false
private

Definition at line 97 of file SessionBackend.php.

◆ $store

CachedBagOStuff MediaWiki\Session\SessionBackend::$store
private

Definition at line 68 of file SessionBackend.php.

Referenced by MediaWiki\Session\SessionBackend\__construct().

◆ $usePhpSessionHandling

MediaWiki\Session\SessionBackend::$usePhpSessionHandling = true
private

Definition at line 94 of file SessionBackend.php.

◆ $user

User MediaWiki\Session\SessionBackend::$user
private

The documentation for this class was generated from the following file: