Overview

Namespaces

  • Coast
    • App
      • Access
      • Executable
    • Controller
    • Csrf
    • Dir
    • Feed
    • File
    • Filter
      • Rule
    • Http
    • Image
    • Model
      • Exception
    • Resolver
    • Router
    • Sitemap
    • Transformer
      • Rule
    • Validator
      • Rule
    • View

Classes

  • Coast\Acl
  • Coast\App
  • Coast\App\Subpath
  • Coast\Coast
  • Coast\Collection
  • Coast\Config
  • Coast\Controller
  • Coast\Controller\Action
  • Coast\Csp
  • Coast\Csrf
  • Coast\Dir
  • Coast\Dir\Iterator
  • Coast\Feed
  • Coast\Feed\Content
  • Coast\Feed\Item
  • Coast\Feed\Person
  • Coast\File
  • Coast\File\Path
  • Coast\Filter
  • Coast\Filter\Rule
  • Coast\Filter\Rule\CamelCase
  • Coast\Filter\Rule\CamelCaseSplit
  • Coast\Filter\Rule\Custom
  • Coast\Filter\Rule\DecimalType
  • Coast\Filter\Rule\EmailAddress
  • Coast\Filter\Rule\EncodeSpecialChars
  • Coast\Filter\Rule\FloatType
  • Coast\Filter\Rule\IntegerType
  • Coast\Filter\Rule\LowerCase
  • Coast\Filter\Rule\NumberType
  • Coast\Filter\Rule\Slugify
  • Coast\Filter\Rule\StripTags
  • Coast\Filter\Rule\TitleCase
  • Coast\Filter\Rule\Trim
  • Coast\Filter\Rule\UpperCase
  • Coast\Filter\Rule\Url
  • Coast\Http
  • Coast\Http\Request
  • Coast\Http\Response
  • Coast\Image
  • Coast\Lazy
  • Coast\Model
  • Coast\Model\Metadata
  • Coast\Path
  • Coast\Request
  • Coast\Resolver
  • Coast\Response
  • Coast\Router
  • Coast\Session
  • Coast\Sitemap
  • Coast\Sitemap\Url
  • Coast\Transformer
  • Coast\Transformer\Rule
  • Coast\Transformer\Rule\BooleanType
  • Coast\Transformer\Rule\Custom
  • Coast\Transformer\Rule\DateTime
  • Coast\Transformer\Rule\IntegerType
  • Coast\Transformer\Rule\NullType
  • Coast\Transformer\Rule\Url
  • Coast\Url
  • Coast\Validator
  • Coast\Validator\Rule
  • Coast\Validator\Rule\ArrayType
  • Coast\Validator\Rule\BooleanType
  • Coast\Validator\Rule\Count
  • Coast\Validator\Rule\Custom
  • Coast\Validator\Rule\DateTime
  • Coast\Validator\Rule\DecimalType
  • Coast\Validator\Rule\EmailAddress
  • Coast\Validator\Rule\Equals
  • Coast\Validator\Rule\File
  • Coast\Validator\Rule\FloatType
  • Coast\Validator\Rule\Func
  • Coast\Validator\Rule\Hostname
  • Coast\Validator\Rule\In
  • Coast\Validator\Rule\IntegerType
  • Coast\Validator\Rule\IpAddress
  • Coast\Validator\Rule\Length
  • Coast\Validator\Rule\Max
  • Coast\Validator\Rule\Min
  • Coast\Validator\Rule\Not
  • Coast\Validator\Rule\NumberType
  • Coast\Validator\Rule\ObjectType
  • Coast\Validator\Rule\Password
  • Coast\Validator\Rule\Range
  • Coast\Validator\Rule\Recaptcha
  • Coast\Validator\Rule\Regex
  • Coast\Validator\Rule\Set
  • Coast\Validator\Rule\StringType
  • Coast\Validator\Rule\Upload
  • Coast\Validator\Rule\Url
  • Coast\View
  • Coast\View\Content
  • Coast\Xml

Interfaces

  • Coast\App\Access
  • Coast\App\Executable
  • Coast\Router\Routable

Traits

  • Coast\App\Access\Implementation
  • Coast\App\Executable\Implementation

Exceptions

  • Coast\App\Exception
  • Coast\Controller\Exception
  • Coast\Controller\Failure
  • Coast\Csrf\Exception
  • Coast\Exception
  • Coast\Http\Exception
  • Coast\Image\Exception
  • Coast\Model\Exception
  • Coast\Model\Exception\NotDefined
  • Coast\Resolver\Exception
  • Coast\Router\Exception
  • Coast\Router\Failure
  • Coast\View\Exception
  • Coast\View\Failure
  • Overview
  • Namespace
  • Class
  • Deprecated
  • Todo
  1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 
<?php
/* 
 * Copyright 2017 Jack Sleight <http://jacksleight.com/>
 * This source file is subject to the MIT license that is bundled with this package in the file LICENCE. 
 */

namespace Coast;

use Coast\App\Access;
use Coast\App\Executable;
use Coast\Request;
use Coast\Response;

class Session implements Executable, Access
{
    use Access\Implementation;
    use Executable\Implementation;

    protected $_name = 'session';

    protected $_lifetime = null;

    protected $_expires = 1200;

    protected $_host = null;
    
    protected $_path = null;

    protected $_isSecure = null;

    protected $_fingerprint;

    protected $_request;

    public function __construct(array $options = array())
    {
        foreach ($options as $name => $value) {
            if ($name[0] == '_') {
                throw new \Coast\Exception("Access to '{$name}' is prohibited");  
            }
            $this->$name($value);
        }
    }

    public function name($name = null)
    {
        if (func_num_args() > 0) {
            $this->_name = $name;
            return $this;
        }
        return $this->_name;
    }

    public function lifetime($lifetime = null)
    {
        if (func_num_args() > 0) {
            $this->_lifetime = $lifetime;
            return $this;
        }
        return $this->_lifetime;
    }

    public function expires($expires = null)
    {
        if (func_num_args() > 0) {
            $this->_expires = $expires;
            return $this;
        }
        return $this->_expires;
    }

    public function host($host = null)
    {
        if (func_num_args() > 0) {
            $this->_host = $host;
            return $this;
        }
        return $this->_host;
    }

    public function path($path = null)
    {
        if (func_num_args() > 0) {
            $this->_path = $path;
            return $this;
        }
        return $this->_path;
    }

    public function isSecure($isSecure = null)
    {
        if (func_num_args() > 0) {
            $this->_isSecure = (bool) $isSecure;
            return $this;
        }
        return $this->_isSecure;
    }

    public function fingerprint(\Closure $fingerprint = null)
    {
        if (func_num_args() > 0) {
            $this->_fingerprint = $fingerprint->bindTo($this);
            return $this;
        }
        return $this->_fingerprint;
    }

    public function request(Request $req = null)
    {
        if (func_num_args() > 0) {
            $this->_request = $req;
            return $this;
        }
        return $this->_request;
    }

    public function configure()
    {   
        ini_set('session.entropy_file', '/dev/urandom');
        ini_set('session.entropy_length', 32);
        ini_set('session.hash_function', 'sha512');
        ini_set('session.hash_bits_per_character', 6);
        ini_set('session.use_cookies', true);
        ini_set('session.use_only_cookies', true);
        ini_set('session.use_trans_sid', false);
        ini_set('session.referer_check', false);

        $params = session_get_cookie_params();
        session_name($this->_name);
        session_set_cookie_params(
            isset($this->_lifetime) ? $this->_lifetime  : $params['lifetime'],
            isset($this->_path)     ? $this->_path      : $params['path'],
            isset($this->_host)     ? $this->_host      : $params['domain'],
            isset($this->_isSecure) ? $this->_isSecure  : $params['secure'],
            true
        );

        return $this;
    }

    public function start(Request $req = null)
    {
        session_start();

        if (isset($this->_fingerprint)) {
            $fingerprint = call_user_func($this->_fingerprint, $this->_request);
            if (isset($_SESSION['__Coast\Session']['fingerprint']) && $_SESSION['__Coast\Session']['fingerprint'] !== $fingerprint) {
                $this->reset();
            } else {
                $_SESSION['__Coast\Session']['fingerprint'] = $fingerprint;
            }
        }

        if (isset($this->_expires)) {
            if (isset($_SESSION['__Coast\Session']['expires']) && $_SESSION['__Coast\Session']['expires'] < time()) {
                $this->reset();
            } else {
                $_SESSION['__Coast\Session']['expires'] = time() + $this->_expires;
            }
        }

        return $this;
    }

    public function id()
    {
        return session_id();
    }

    public function regenerate()
    {
        session_regenerate_id(true);
        return $this;
    }

    public function destroy()
    {
        $params = session_get_cookie_params();
        setcookie(
            $this->_name,
            '',
            1,
            $params['path'],
            $params['domain'],
            $params['secure'],
            true
        );
        session_unset();
        session_destroy();
        return $this;
    }

    public function reset()
    {
        return $this
            ->destroy()
            ->start()
            ->regenerate();
    }

    public function data($name, $value = null)
    {
        if (func_num_args() > 1) {
            if (isset($value)) {
                $_SESSION[$name] = (object) $value;
            } else {
                unset($_SESSION[$name]);
            }
            return $this;
        } else if (!isset($_SESSION[$name])) {
            $_SESSION[$name] = new \stdClass;
        }
        return $_SESSION[$name];
    }

    public function preExecute(Request $req, Response $res)
    {
        $this->request($req);

        if (!isset($this->_host) && strpos($host = $req->host(), '.') !== false) {
            $this->host($host);
        }
        if (!isset($this->_path)) {
            $this->path($req->base());
        }
        if (!isset($this->_isSecure)) {
            $this->isSecure($req->isSecure());
        }

        $this->configure();
        $this->start();
    }

    public function __get($name)
    {
        return $this->data($name);
    }

    public function __set($name, $value)
    {
        return $this->data($name, $value);
    }

    public function __unset($name)
    {
        return $this->data($name, null);
    }
}
Coast API Documentation API documentation generated by ApiGen