<?php
namespace wcf\system\session;
use wcf\data\acp\session\ACPSessionEditor;
+use wcf\data\session\Session;
use wcf\system\event\EventHandler;
-use wcf\util\HeaderUtil;
/**
* Handles the ACP session of the active user.
*/
class ACPSessionFactory {
/**
- * suffix used to tell ACP and frontend cookies apart
- * @var string
+ * @deprecated 5.4 - This property is not read any longer.
*/
protected $cookieSuffix = 'acp_';
/**
- * session editor class name
- * @var string
+ * @deprecated 5.4 - This property is not read any longer.
*/
protected $sessionEditor = ACPSessionEditor::class;
* Loads the object of the active session.
*/
public function load() {
- // get session
- $sessionID = $this->readSessionID();
- SessionHandler::getInstance()->load($this->sessionEditor, $sessionID);
+ SessionHandler::getInstance()->loadFromCookie();
// call beforeInit event
if (!defined('NO_IMPORTS')) {
}
/**
- * Returns true if session was based upon a valid cookie.
- *
- * @return boolean
- * @since 3.0
+ * @deprecated 5.4 - Sessions are fully managed by SessionHandler.
*/
public function hasValidCookie() {
- if (isset($_COOKIE[COOKIE_PREFIX.$this->cookieSuffix.'session'])) {
- if ($_COOKIE[COOKIE_PREFIX.$this->cookieSuffix.'session'] == SessionHandler::getInstance()->sessionID) {
- return true;
- }
- }
-
- return false;
+ return SessionHandler::getInstance()->hasValidCookie();
}
/**
}
/**
- * Returns the session id from cookie. Returns an empty string,
- * if no session cookie was provided.
- *
- * @return string
+ * @deprecated 5.4 - Sessions are fully managed by SessionHandler.
*/
protected function readSessionID() {
// get sessionID from cookie
*/
protected $groupData = null;
- /**
- * true if client provided a valid session cookie
- * @var boolean
- */
- protected $hasValidCookie = false;
-
/**
* true if within ACP or WCFSetup
* @var boolean
*/
protected $legacySession = null;
- /**
- * session class name
- * @var string
- */
- protected $sessionClassName = '';
-
- /**
- * session editor class name
- * @var string
- */
- protected $sessionEditorClassName = '';
-
/**
* style id
* @var integer
public function setCookieSuffix() { }
/**
- * Sets a boolean value to determine if the client provided a valid session cookie.
- *
- * @param boolean $hasValidCookie
- * @since 3.0
+ * @deprecated 5.4 - This method is a noop. Cookie handling works automatically.
*/
- public function setHasValidCookie($hasValidCookie) {
- $this->hasValidCookie = $hasValidCookie;
- }
+ public function setHasValidCookie($hasValidCookie) { }
/**
* Returns true if client provided a valid session cookie.
* @return boolean
* @since 3.0
*/
- public function hasValidCookie() {
- return $this->hasValidCookie;
+ public function hasValidCookie(): bool {
+ $cookieName = COOKIE_PREFIX.($this->isACP ? 'acp' : 'user')."_session";
+ $sessionID = $_COOKIE[$cookieName] ?? null;
+
+ return $sessionID === $this->sessionID;
}
/**
- * Loads an existing session or creates a new one.
- *
- * @param string $sessionEditorClassName
- * @param string $sessionID
+ * @deprecated 5.4 - Sessions are managed automatically. Use loadFromCookie().
*/
public function load($sessionEditorClassName, $sessionID) {
- $this->sessionEditorClassName = $sessionEditorClassName;
- $this->sessionClassName = call_user_func([$sessionEditorClassName, 'getBaseClass']);
-
$hasSession = false;
if (!empty($sessionID)) {
$hasSession = $this->getExistingSession($sessionID);
}
}
+ /**
+ * Loads the session matching the session cookie.
+ */
+ public function loadFromCookie() {
+ $cookieName = COOKIE_PREFIX.($this->isACP ? 'acp' : 'user')."_session";
+ $sessionID = $_COOKIE[$cookieName] ?? null;
+
+ $hasSession = false;
+ if ($sessionID) {
+ $hasSession = $this->getExistingSession($sessionID);
+ }
+
+ // create new session
+ if (!$hasSession) {
+ $this->create();
+ }
+ }
+
/**
* Initializes session system.
*/
projects / GitHub / WoltLab / WCF.git / commitdiff