REL1_34/php/ImmutableSessionProviderWithCookie_8php_source.html

<?php

namespace MediaWiki\Session;


use WebRequest;


abstract class ImmutableSessionProviderWithCookie extends SessionProvider {


    protected $sessionCookieName = null;

    protected $sessionCookieOptions = [];


    public function __construct( $params = [] ) {

        parent::__construct();


        if ( isset( $params['sessionCookieName'] ) ) {

            if ( !is_string( $params['sessionCookieName'] ) ) {

                throw new \InvalidArgumentException( 'sessionCookieName must be a string' );

            }

            $this->sessionCookieName = $params['sessionCookieName'];

        }

        if ( isset( $params['sessionCookieOptions'] ) ) {

            if ( !is_array( $params['sessionCookieOptions'] ) ) {

                throw new \InvalidArgumentException( 'sessionCookieOptions must be an array' );

            }

            $this->sessionCookieOptions = $params['sessionCookieOptions'];

        }

    }


    protected function getSessionIdFromCookie( WebRequest $request ) {

        if ( $this->sessionCookieName === null ) {

            throw new \BadMethodCallException(

                __METHOD__ . ' may not be called when $this->sessionCookieName === null'

            );

        }


        $prefix = $this->sessionCookieOptions['prefix'] ?? $this->config->get( 'CookiePrefix' );

        $id = $request->getCookie( $this->sessionCookieName, $prefix );

        return SessionManager::validateSessionId( $id ) ? $id : null;

    }


    public function persistsSessionId() {

        return $this->sessionCookieName !== null;

    }


    public function canChangeUser() {

        return false;

    }


    public function persistSession( SessionBackend $session, WebRequest $request ) {

        if ( $this->sessionCookieName === null ) {

            return;

        }


        $response = $request->response();

        if ( $response->headersSent() ) {

            // Can't do anything now

            $this->logger->debug( __METHOD__ . ': Headers already sent' );

            return;

        }


        $options = $this->sessionCookieOptions;

        if ( $session->shouldForceHTTPS() || $session->getUser()->requiresHTTPS() ) {

            // Send a cookie unless $wgForceHTTPS is set (T256095)

            if ( !$this->config->get( 'ForceHTTPS' ) ) {

                $response->setCookie( 'forceHTTPS', 'true', null,

                    [ 'prefix' => '', 'secure' => false ] + $options );

            }

            $options['secure'] = true;

        }


        $response->setCookie( $this->sessionCookieName, $session->getId(), null, $options );

    }


    public function unpersistSession( WebRequest $request ) {

        if ( $this->sessionCookieName === null ) {

            return;

        }


        $response = $request->response();

        if ( $response->headersSent() ) {

            // Can't do anything now

            $this->logger->debug( __METHOD__ . ': Headers already sent' );

            return;

        }


        $response->clearCookie( $this->sessionCookieName, $this->sessionCookieOptions );

    }


    public function getVaryCookies() {

        if ( $this->sessionCookieName === null ) {

            return [];

        }


        $prefix = $this->sessionCookieOptions['prefix'] ?? $this->config->get( 'CookiePrefix' );

        return [ $prefix . $this->sessionCookieName ];

    }


    public function whyNoSession() {

        return wfMessage( 'sessionprovider-nocookies' );

    }


}


wfMessage
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Definition GlobalFunctions.php:1263

MediaWiki\Session\ImmutableSessionProviderWithCookie
An ImmutableSessionProviderWithCookie doesn't persist the user, but optionally can use a cookie to su...
Definition ImmutableSessionProviderWithCookie.php:40

MediaWiki\Session\ImmutableSessionProviderWithCookie\whyNoSession
whyNoSession()
Return a Message for why sessions might not be being persisted.
Definition ImmutableSessionProviderWithCookie.php:150

MediaWiki\Session\ImmutableSessionProviderWithCookie\canChangeUser
canChangeUser()
Indicate whether the user associated with the request can be changed.
Definition ImmutableSessionProviderWithCookie.php:97

MediaWiki\Session\ImmutableSessionProviderWithCookie\$sessionCookieName
string null $sessionCookieName
Definition ImmutableSessionProviderWithCookie.php:43

MediaWiki\Session\ImmutableSessionProviderWithCookie\persistsSessionId
persistsSessionId()
Indicate whether self::persistSession() can save arbitrary session IDs.
Definition ImmutableSessionProviderWithCookie.php:93

MediaWiki\Session\ImmutableSessionProviderWithCookie\unpersistSession
unpersistSession(WebRequest $request)
Remove any persisted session from a request/response.
Definition ImmutableSessionProviderWithCookie.php:126

MediaWiki\Session\ImmutableSessionProviderWithCookie\persistSession
persistSession(SessionBackend $session, WebRequest $request)
Persist a session into a request/response.
Definition ImmutableSessionProviderWithCookie.php:101

MediaWiki\Session\ImmutableSessionProviderWithCookie\$sessionCookieOptions
mixed[] $sessionCookieOptions
Definition ImmutableSessionProviderWithCookie.php:45

MediaWiki\Session\ImmutableSessionProviderWithCookie\getVaryCookies
getVaryCookies()
Return the list of cookies that need varying on.
Definition ImmutableSessionProviderWithCookie.php:141

MediaWiki\Session\ImmutableSessionProviderWithCookie\__construct
__construct( $params=[])
Definition ImmutableSessionProviderWithCookie.php:53

MediaWiki\Session\ImmutableSessionProviderWithCookie\getSessionIdFromCookie
getSessionIdFromCookie(WebRequest $request)
Get the session ID from the cookie, if any.
Definition ImmutableSessionProviderWithCookie.php:81

MediaWiki\Session\SessionBackend
This is the actual workhorse for Session.
Definition SessionBackend.php:50

MediaWiki\Session\SessionBackend\shouldForceHTTPS
shouldForceHTTPS()
Whether HTTPS should be forced.
Definition SessionBackend.php:451

MediaWiki\Session\SessionBackend\getId
getId()
Returns the session ID.
Definition SessionBackend.php:225

MediaWiki\Session\SessionBackend\getUser
getUser()
Returns the authenticated user for this session.
Definition SessionBackend.php:391

MediaWiki\Session\SessionManager\validateSessionId
static validateSessionId( $id)
Validate a session ID.
Definition SessionManager.php:365

MediaWiki\Session\SessionProvider
A SessionProvider provides SessionInfo and support for Session.
Definition SessionProvider.php:78

WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
Definition WebRequest.php:42

WebRequest\response
response()
Return a handle to WebResponse style object, for setting cookies, headers and other stuff,...
Definition WebRequest.php:1069

WebRequest\getCookie
getCookie( $key, $prefix=null, $default=null)
Get a cookie from the $_COOKIE jar.
Definition WebRequest.php:839

MediaWiki\Session
Definition BotPasswordSessionProvider.php:24

$response
$response
Definition opensearch_desc.php:38