View source
<?php
namespace Symfony\Component\HttpFoundation\Session\Storage\Handler;
@trigger_error('The ' . __NAMESPACE__ . '\\LegacyPdoSessionHandler class is deprecated since version 2.6 and will be removed in 3.0. Use the Symfony\\Component\\HttpFoundation\\Session\\Storage\\Handler\\PdoSessionHandler class instead.', E_USER_DEPRECATED);
class LegacyPdoSessionHandler implements \SessionHandlerInterface {
private $pdo;
private $table;
private $idCol;
private $dataCol;
private $timeCol;
public function __construct(\PDO $pdo, array $dbOptions = array()) {
if (!array_key_exists('db_table', $dbOptions)) {
throw new \InvalidArgumentException('You must provide the "db_table" option for a PdoSessionStorage.');
}
if (\PDO::ERRMODE_EXCEPTION !== $pdo
->getAttribute(\PDO::ATTR_ERRMODE)) {
throw new \InvalidArgumentException(sprintf('"%s" requires PDO error mode attribute be set to throw Exceptions (i.e. $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION))', __CLASS__));
}
$this->pdo = $pdo;
$dbOptions = array_merge(array(
'db_id_col' => 'sess_id',
'db_data_col' => 'sess_data',
'db_time_col' => 'sess_time',
), $dbOptions);
$this->table = $dbOptions['db_table'];
$this->idCol = $dbOptions['db_id_col'];
$this->dataCol = $dbOptions['db_data_col'];
$this->timeCol = $dbOptions['db_time_col'];
}
public function open($savePath, $sessionName) {
return true;
}
public function close() {
return true;
}
public function destroy($sessionId) {
$sql = "DELETE FROM {$this->table} WHERE {$this->idCol} = :id";
try {
$stmt = $this->pdo
->prepare($sql);
$stmt
->bindParam(':id', $sessionId, \PDO::PARAM_STR);
$stmt
->execute();
} catch (\PDOException $e) {
throw new \RuntimeException(sprintf('PDOException was thrown when trying to delete a session: %s', $e
->getMessage()), 0, $e);
}
return true;
}
public function gc($maxlifetime) {
$sql = "DELETE FROM {$this->table} WHERE {$this->timeCol} < :time";
try {
$stmt = $this->pdo
->prepare($sql);
$stmt
->bindValue(':time', time() - $maxlifetime, \PDO::PARAM_INT);
$stmt
->execute();
} catch (\PDOException $e) {
throw new \RuntimeException(sprintf('PDOException was thrown when trying to delete expired sessions: %s', $e
->getMessage()), 0, $e);
}
return true;
}
public function read($sessionId) {
$sql = "SELECT {$this->dataCol} FROM {$this->table} WHERE {$this->idCol} = :id";
try {
$stmt = $this->pdo
->prepare($sql);
$stmt
->bindParam(':id', $sessionId, \PDO::PARAM_STR);
$stmt
->execute();
$sessionRows = $stmt
->fetchAll(\PDO::FETCH_NUM);
if ($sessionRows) {
return base64_decode($sessionRows[0][0]);
}
return '';
} catch (\PDOException $e) {
throw new \RuntimeException(sprintf('PDOException was thrown when trying to read the session data: %s', $e
->getMessage()), 0, $e);
}
}
public function write($sessionId, $data) {
$encoded = base64_encode($data);
try {
$mergeSql = $this
->getMergeSql();
if (null !== $mergeSql) {
$mergeStmt = $this->pdo
->prepare($mergeSql);
$mergeStmt
->bindParam(':id', $sessionId, \PDO::PARAM_STR);
$mergeStmt
->bindParam(':data', $encoded, \PDO::PARAM_STR);
$mergeStmt
->bindValue(':time', time(), \PDO::PARAM_INT);
$mergeStmt
->execute();
return true;
}
$updateStmt = $this->pdo
->prepare("UPDATE {$this->table} SET {$this->dataCol} = :data, {$this->timeCol} = :time WHERE {$this->idCol} = :id");
$updateStmt
->bindParam(':id', $sessionId, \PDO::PARAM_STR);
$updateStmt
->bindParam(':data', $encoded, \PDO::PARAM_STR);
$updateStmt
->bindValue(':time', time(), \PDO::PARAM_INT);
$updateStmt
->execute();
if (!$updateStmt
->rowCount()) {
try {
$insertStmt = $this->pdo
->prepare("INSERT INTO {$this->table} ({$this->idCol}, {$this->dataCol}, {$this->timeCol}) VALUES (:id, :data, :time)");
$insertStmt
->bindParam(':id', $sessionId, \PDO::PARAM_STR);
$insertStmt
->bindParam(':data', $encoded, \PDO::PARAM_STR);
$insertStmt
->bindValue(':time', time(), \PDO::PARAM_INT);
$insertStmt
->execute();
} catch (\PDOException $e) {
if (0 === strpos($e
->getCode(), '23')) {
$updateStmt
->execute();
}
else {
throw $e;
}
}
}
} catch (\PDOException $e) {
throw new \RuntimeException(sprintf('PDOException was thrown when trying to write the session data: %s', $e
->getMessage()), 0, $e);
}
return true;
}
private function getMergeSql() {
$driver = $this->pdo
->getAttribute(\PDO::ATTR_DRIVER_NAME);
switch ($driver) {
case 'mysql':
return "INSERT INTO {$this->table} ({$this->idCol}, {$this->dataCol}, {$this->timeCol}) VALUES (:id, :data, :time) " . "ON DUPLICATE KEY UPDATE {$this->dataCol} = VALUES({$this->dataCol}), {$this->timeCol} = VALUES({$this->timeCol})";
case 'oci':
return "MERGE INTO {$this->table} USING DUAL ON ({$this->idCol} = :id) " . "WHEN NOT MATCHED THEN INSERT ({$this->idCol}, {$this->dataCol}, {$this->timeCol}) VALUES (:id, :data, :time) " . "WHEN MATCHED THEN UPDATE SET {$this->dataCol} = :data, {$this->timeCol} = :time";
case 'sqlsrv' === $driver && version_compare($this->pdo
->getAttribute(\PDO::ATTR_SERVER_VERSION), '10', '>='):
return "MERGE INTO {$this->table} WITH (HOLDLOCK) USING (SELECT 1 AS dummy) AS src ON ({$this->idCol} = :id) " . "WHEN NOT MATCHED THEN INSERT ({$this->idCol}, {$this->dataCol}, {$this->timeCol}) VALUES (:id, :data, :time) " . "WHEN MATCHED THEN UPDATE SET {$this->dataCol} = :data, {$this->timeCol} = :time;";
case 'sqlite':
return "INSERT OR REPLACE INTO {$this->table} ({$this->idCol}, {$this->dataCol}, {$this->timeCol}) VALUES (:id, :data, :time)";
}
}
protected function getConnection() {
return $this->pdo;
}
}