Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Session handler base.
  19   *
  20   * @package    core
  21   * @copyright  2013 Petr Skoda {@link http://skodak.org}
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  namespace core\session;
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  /**
  30   * Session handler base.
  31   *
  32   * @package    core
  33   * @copyright  2013 Petr Skoda {@link http://skodak.org}
  34   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  35   */
  36  abstract class handler {
  37      /** @var boolean $requireswritelock does the session need and/or have a lock? */
  38      protected $requireswritelock = false;
  39  
  40      /**
  41       * Start the session.
  42       * @return bool success
  43       */
  44      public function start() {
  45          return session_start();
  46      }
  47  
  48      /**
  49       * Write the session and release lock. If the session was not intentionally opened
  50       * with a write lock, then we will abort the session instead if able.
  51       */
  52      public function write_close() {
  53          if ($this->requires_write_lock()) {
  54              session_write_close();
  55              $this->requireswritelock = false;
  56          } else {
  57              $this->abort();
  58          }
  59      }
  60  
  61      /**
  62       * Release lock on the session without writing it.
  63       * May not be possible in older versions of PHP. If so, session may be written anyway
  64       * so that any locks are released.
  65       */
  66      public function abort() {
  67          session_abort();
  68          $this->requireswritelock = false;
  69      }
  70  
  71      /**
  72       * This is called after init() and before start() to indicate whether the session
  73       * opened should be writable or not. This is intentionally captured even if your
  74       * handler doesn't support non-locking sessions, so that behavior (upon session close)
  75       * matches closely between handlers.
  76       * @param bool $requireswritelock true if needs to be open for writing
  77       */
  78      public function set_requires_write_lock($requireswritelock) {
  79          $this->requireswritelock = $requireswritelock;
  80      }
  81  
  82      /**
  83       * Has this session been opened with a writelock? Your handler should call this during
  84       * start() if you support read-only sessions.
  85       * @return bool true if session is intended to have a write lock.
  86       */
  87      public function requires_write_lock() {
  88          return $this->requireswritelock;
  89      }
  90  
  91      /**
  92       * Init session handler.
  93       */
  94      public abstract function init();
  95  
  96      /**
  97       * Check the backend contains data for this session id.
  98       *
  99       * Note: this is intended to be called from manager::session_exists() only.
 100       *
 101       * @param string $sid
 102       * @return bool true if session found.
 103       */
 104      public abstract function session_exists($sid);
 105  
 106      /**
 107       * Kill all active sessions, the core sessions table is
 108       * purged afterwards.
 109       */
 110      public abstract function kill_all_sessions();
 111  
 112      /**
 113       * Kill one session, the session record is removed afterwards.
 114       * @param string $sid
 115       */
 116      public abstract function kill_session($sid);
 117  }