$string['sessionerroruser2'] = 'A server error that affects your login session was detected. Please login again or restart your browser.';
$string['sessionipnomatch'] = 'Sorry, but your IP number seems to have changed from when you first logged in. This security feature prevents crackers stealing your identity while logged in to this site. Normal users should not be seeing this message - please ask the site administrator for help.';
$string['sessionipnomatch2'] = 'Sorry, but your IP number seems to have changed from when you first logged in. This security feature prevents crackers stealing your identity while logged in to this site. You may see this error if you use wireless networks or if you are roaming between different networks. Please ask the site administrator for more help.<br /><br />If you want to continue please press F5 key to refresh this page.';
+$string['sessionnotwritable'] = 'Write permission problem detected in session directory.<br /><br />Please notify server administrator.';
$string['socksnotsupported'] = 'SOCKS5 proxy is not supported in PHP4';
$string['spellcheckernotconf'] = 'Spellchecker not configured';
$string['sslonlyaccess'] = 'For security reasons only https connections are allowed, sorry.';
static $session = null;
if (is_null($session)) {
- $session = new moodle_session();
+ $session = new legacy_session();
+ // TODO: add db and custom session class support here
}
return $session;
/**
* Class handling all session and cookies related stuff.
*/
-class moodle_session {
+abstract class moodle_session {
public function __construct() {
global $CFG;
$this->prepare_cookies();
/**
* Inits session storage.
*/
+ protected abstract function init_session_storage();
+
+}
+
+/**
+ * Legacy moodle sessions stored in files, not recommended any more.
+ */
+class legacy_session extends moodle_session {
protected function init_session_storage() {
global $CFG;
- /// Set up session handling
- if(empty($CFG->respectsessionsettings)) {
- if (true) { /// File-based sessions
- // Some distros disable GC by setting probability to 0
- // overriding the PHP default of 1
- // (gc_probability is divided by gc_divisor, which defaults to 1000)
- if (ini_get('session.gc_probability') == 0) {
- ini_set('session.gc_probability', 1);
- }
-
- if (!empty($CFG->sessiontimeout)) {
- ini_set('session.gc_maxlifetime', $CFG->sessiontimeout);
- }
+ // Some distros disable GC by setting probability to 0
+ // overriding the PHP default of 1
+ // (gc_probability is divided by gc_divisor, which defaults to 1000)
+ if (ini_get('session.gc_probability') == 0) {
+ ini_set('session.gc_probability', 1);
+ }
- if (!file_exists($CFG->dataroot .'/sessions')) {
- make_upload_directory('sessions');
- }
- ini_set('session.save_path', $CFG->dataroot .'/sessions');
+ if (!empty($CFG->sessiontimeout)) {
+ ini_set('session.gc_maxlifetime', $CFG->sessiontimeout);
+ }
- } else { /// Database sessions
- // TODO: implement proper database session storage
- }
+ if (!file_exists($CFG->dataroot .'/sessions')) {
+ make_upload_directory('sessions');
+ }
+ if (!is_writable($CFG->dataroot .'/sessions/')) {
+ print_error('sessionnotwritable', 'error');
}
+ ini_set('session.save_path', $CFG->dataroot .'/sessions');
+ }
+}
+
+/**
+ * Recommended moodle session storage.
+ */
+class database_session extends moodle_session {
+ protected function init_session_storage() {
+ global $CFG;
+
+
}
}
projects / moodle.git / commitdiff