From: skodak <skodak>
Date: Wed, 14 Jan 2009 18:32:57 +0000 (+0000)
Subject: MDL-14992 towards new moodle db sessions
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=f61a032afcff7c5caec8f4fc1f746fa54e9ed97b;p=moodle.git

MDL-14992 towards new moodle db sessions
---

diff --git a/lang/en_utf8/error.php b/lang/en_utf8/error.php
index 1d9d15409c..a59b9671d9 100644
--- a/lang/en_utf8/error.php
+++ b/lang/en_utf8/error.php
@@ -403,6 +403,7 @@ $string['sessionerroruser'] = 'Your session has timed out.  Please login again.'
 $string['sessionerroruser2'] = 'A server error that affects your login session was detected. Please login again or restart your browser.';
 $string['sessionipnomatch'] = 'Sorry, but your IP number seems to have changed from when you first logged in.  This security feature prevents crackers stealing your identity while logged in to this site.  Normal users should not be seeing this message - please ask the site administrator for help.';
 $string['sessionipnomatch2'] = 'Sorry, but your IP number seems to have changed from when you first logged in.  This security feature prevents crackers stealing your identity while logged in to this site. You may see this error if you use wireless networks or if you are roaming between different networks. Please ask the site administrator for more help.<br /><br />If you want to continue please press F5 key to refresh this page.';
+$string['sessionnotwritable'] = 'Write permission problem detected in session directory.<br /><br />Please notify server administrator.';
 $string['socksnotsupported'] = 'SOCKS5 proxy is not supported in PHP4';
 $string['spellcheckernotconf'] = 'Spellchecker not configured';
 $string['sslonlyaccess'] = 'For security reasons only https connections are allowed, sorry.';
diff --git a/lib/sessionlib.php b/lib/sessionlib.php
index 7c7fa50ee3..71ddc8355d 100644
--- a/lib/sessionlib.php
+++ b/lib/sessionlib.php
@@ -8,7 +8,8 @@ function session_get_instance() {
     static $session = null;
 
     if (is_null($session)) {
-        $session = new moodle_session();
+        $session = new legacy_session();
+        // TODO: add db and custom session class support here
     }
 
     return $session;
@@ -17,7 +18,7 @@ function session_get_instance() {
 /**
  * Class handling all session and cookies related stuff.
  */
-class moodle_session {
+abstract class moodle_session {
     public function __construct() {
         global $CFG;
         $this->prepare_cookies();
@@ -204,32 +205,46 @@ class moodle_session {
     /**
      * Inits session storage.
      */
+    protected abstract function init_session_storage();
+
+}
+
+/**
+ * Legacy moodle sessions stored in files, not recommended any more.
+ */
+class legacy_session extends moodle_session {
     protected function init_session_storage() {
         global $CFG;
 
-    /// Set up session handling
-        if(empty($CFG->respectsessionsettings)) {
-            if (true) {   /// File-based sessions
-                // Some distros disable GC by setting probability to 0
-                // overriding the PHP default of 1
-                // (gc_probability is divided by gc_divisor, which defaults to 1000)
-                if (ini_get('session.gc_probability') == 0) {
-                    ini_set('session.gc_probability', 1);
-                }
-
-                if (!empty($CFG->sessiontimeout)) {
-                    ini_set('session.gc_maxlifetime', $CFG->sessiontimeout);
-                }
+        // Some distros disable GC by setting probability to 0
+        // overriding the PHP default of 1
+        // (gc_probability is divided by gc_divisor, which defaults to 1000)
+        if (ini_get('session.gc_probability') == 0) {
+            ini_set('session.gc_probability', 1);
+        }
 
-                if (!file_exists($CFG->dataroot .'/sessions')) {
-                    make_upload_directory('sessions');
-                }
-                ini_set('session.save_path', $CFG->dataroot .'/sessions');
+        if (!empty($CFG->sessiontimeout)) {
+            ini_set('session.gc_maxlifetime', $CFG->sessiontimeout);
+        }
 
-            } else {                         /// Database sessions
-                // TODO: implement proper database session storage
-            }
+        if (!file_exists($CFG->dataroot .'/sessions')) {
+            make_upload_directory('sessions');
+        }
+        if (!is_writable($CFG->dataroot .'/sessions/')) {
+            print_error('sessionnotwritable', 'error');
         }
+        ini_set('session.save_path', $CFG->dataroot .'/sessions');
+    }
+}
+
+/**
+ * Recommended moodle session storage.
+ */
+class database_session extends moodle_session {
+    protected function init_session_storage() {
+        global $CFG;
+
+        
     }
 }