1 /* 2 +----------------------------------------------------------------------+ 3 | Copyright (c) The PHP Group | 4 +----------------------------------------------------------------------+ 5 | This source file is subject to version 3.01 of the PHP license, | 6 | that is bundled with this package in the file LICENSE, and is | 7 | available through the world-wide-web at the following url: | 8 | https://www.php.net/license/3_01.txt | 9 | If you did not receive a copy of the PHP license and are unable to | 10 | obtain it through the world-wide-web, please send a note to | 11 | license@php.net so we can mail you a copy immediately. | 12 +----------------------------------------------------------------------+ 13 | Author: Sascha Schumann <sascha@schumann.cx> | 14 +----------------------------------------------------------------------+ 15 */ 16 17 #ifndef PHP_SESSION_H 18 #define PHP_SESSION_H 19 20 #include "ext/standard/php_var.h" 21 #include "ext/hash/php_hash.h" 22 23 #define PHP_SESSION_API 20161017 24 25 #include "php_version.h" 26 #define PHP_SESSION_VERSION PHP_VERSION 27 28 /* save handler macros */ 29 #define PS_OPEN_ARGS void **mod_data, const char *save_path, const char *session_name 30 #define PS_CLOSE_ARGS void **mod_data 31 #define PS_READ_ARGS void **mod_data, zend_string *key, zend_string **val, zend_long maxlifetime 32 #define PS_WRITE_ARGS void **mod_data, zend_string *key, zend_string *val, zend_long maxlifetime 33 #define PS_DESTROY_ARGS void **mod_data, zend_string *key 34 #define PS_GC_ARGS void **mod_data, zend_long maxlifetime, zend_long *nrdels 35 #define PS_CREATE_SID_ARGS void **mod_data 36 #define PS_VALIDATE_SID_ARGS void **mod_data, zend_string *key 37 #define PS_UPDATE_TIMESTAMP_ARGS void **mod_data, zend_string *key, zend_string *val, zend_long maxlifetime 38 39 typedef struct ps_module_struct { 40 const char *s_name; 41 zend_result (*s_open)(PS_OPEN_ARGS); 42 zend_result (*s_close)(PS_CLOSE_ARGS); 43 zend_result (*s_read)(PS_READ_ARGS); 44 zend_result (*s_write)(PS_WRITE_ARGS); 45 zend_result (*s_destroy)(PS_DESTROY_ARGS); 46 zend_long (*s_gc)(PS_GC_ARGS); 47 zend_string *(*s_create_sid)(PS_CREATE_SID_ARGS); 48 zend_result (*s_validate_sid)(PS_VALIDATE_SID_ARGS); 49 zend_result (*s_update_timestamp)(PS_UPDATE_TIMESTAMP_ARGS); 50 } ps_module; 51 52 #define PS_GET_MOD_DATA() *mod_data 53 #define PS_SET_MOD_DATA(a) *mod_data = (a) 54 55 #define PS_OPEN_FUNC(x) zend_result ps_open_##x(PS_OPEN_ARGS) 56 #define PS_CLOSE_FUNC(x) zend_result ps_close_##x(PS_CLOSE_ARGS) 57 #define PS_READ_FUNC(x) zend_result ps_read_##x(PS_READ_ARGS) 58 #define PS_WRITE_FUNC(x) zend_result ps_write_##x(PS_WRITE_ARGS) 59 #define PS_DESTROY_FUNC(x) zend_result ps_delete_##x(PS_DESTROY_ARGS) 60 #define PS_GC_FUNC(x) zend_long ps_gc_##x(PS_GC_ARGS) 61 #define PS_CREATE_SID_FUNC(x) zend_string *ps_create_sid_##x(PS_CREATE_SID_ARGS) 62 #define PS_VALIDATE_SID_FUNC(x) zend_result ps_validate_sid_##x(PS_VALIDATE_SID_ARGS) 63 #define PS_UPDATE_TIMESTAMP_FUNC(x) zend_result ps_update_timestamp_##x(PS_UPDATE_TIMESTAMP_ARGS) 64 65 /* Legacy save handler module definitions */ 66 #define PS_FUNCS(x) \ 67 PS_OPEN_FUNC(x); \ 68 PS_CLOSE_FUNC(x); \ 69 PS_READ_FUNC(x); \ 70 PS_WRITE_FUNC(x); \ 71 PS_DESTROY_FUNC(x); \ 72 PS_GC_FUNC(x); \ 73 PS_CREATE_SID_FUNC(x) 74 75 #define PS_MOD(x) \ 76 #x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \ 77 ps_delete_##x, ps_gc_##x, php_session_create_id, \ 78 php_session_validate_sid, php_session_update_timestamp 79 80 /* Legacy SID creation enabled save handler module definitions */ 81 #define PS_FUNCS_SID(x) \ 82 PS_OPEN_FUNC(x); \ 83 PS_CLOSE_FUNC(x); \ 84 PS_READ_FUNC(x); \ 85 PS_WRITE_FUNC(x); \ 86 PS_DESTROY_FUNC(x); \ 87 PS_GC_FUNC(x); \ 88 PS_CREATE_SID_FUNC(x); \ 89 PS_VALIDATE_SID_FUNC(x); \ 90 PS_UPDATE_TIMESTAMP_FUNC(x); 91 92 #define PS_MOD_SID(x) \ 93 #x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \ 94 ps_delete_##x, ps_gc_##x, ps_create_sid_##x, \ 95 php_session_validate_sid, php_session_update_timestamp 96 97 /* Update timestamp enabled save handler module definitions 98 New save handlers should use this API */ 99 #define PS_FUNCS_UPDATE_TIMESTAMP(x) \ 100 PS_OPEN_FUNC(x); \ 101 PS_CLOSE_FUNC(x); \ 102 PS_READ_FUNC(x); \ 103 PS_WRITE_FUNC(x); \ 104 PS_DESTROY_FUNC(x); \ 105 PS_GC_FUNC(x); \ 106 PS_CREATE_SID_FUNC(x); \ 107 PS_VALIDATE_SID_FUNC(x); \ 108 PS_UPDATE_TIMESTAMP_FUNC(x); 109 110 #define PS_MOD_UPDATE_TIMESTAMP(x) \ 111 #x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \ 112 ps_delete_##x, ps_gc_##x, ps_create_sid_##x, \ 113 ps_validate_sid_##x, ps_update_timestamp_##x 114 115 116 typedef enum { 117 php_session_disabled, 118 php_session_none, 119 php_session_active 120 } php_session_status; 121 122 typedef struct _php_session_rfc1867_progress { 123 size_t sname_len; 124 zval sid; 125 smart_str key; 126 127 zend_long update_step; 128 zend_long next_update; 129 double next_update_time; 130 bool cancel_upload; 131 bool apply_trans_sid; 132 size_t content_length; 133 134 zval data; /* the array exported to session data */ 135 zval *post_bytes_processed; /* data["bytes_processed"] */ 136 zval files; /* data["files"] array */ 137 zval current_file; /* array of currently uploading file */ 138 zval *current_file_bytes_processed; 139 } php_session_rfc1867_progress; 140 141 typedef struct _php_ps_globals { 142 char *save_path; 143 char *session_name; 144 zend_string *id; 145 char *extern_referer_chk; 146 char *cache_limiter; 147 zend_long cookie_lifetime; 148 char *cookie_path; 149 char *cookie_domain; 150 bool cookie_secure; 151 bool cookie_httponly; 152 char *cookie_samesite; 153 const ps_module *mod; 154 const ps_module *default_mod; 155 void *mod_data; 156 php_session_status session_status; 157 zend_string *session_started_filename; 158 uint32_t session_started_lineno; 159 zend_long gc_probability; 160 zend_long gc_divisor; 161 zend_long gc_maxlifetime; 162 int module_number; 163 zend_long cache_expire; 164 struct { 165 zval ps_open; 166 zval ps_close; 167 zval ps_read; 168 zval ps_write; 169 zval ps_destroy; 170 zval ps_gc; 171 zval ps_create_sid; 172 zval ps_validate_sid; 173 zval ps_update_timestamp; 174 } mod_user_names; 175 bool mod_user_implemented; 176 bool mod_user_is_open; 177 zend_string *mod_user_class_name; 178 const struct ps_serializer_struct *serializer; 179 zval http_session_vars; 180 bool auto_start; 181 bool use_cookies; 182 bool use_only_cookies; 183 bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ 184 185 zend_long sid_length; 186 zend_long sid_bits_per_character; 187 bool send_cookie; 188 bool define_sid; 189 190 php_session_rfc1867_progress *rfc1867_progress; 191 bool rfc1867_enabled; /* session.upload_progress.enabled */ 192 bool rfc1867_cleanup; /* session.upload_progress.cleanup */ 193 char *rfc1867_prefix; /* session.upload_progress.prefix */ 194 char *rfc1867_name; /* session.upload_progress.name */ 195 zend_long rfc1867_freq; /* session.upload_progress.freq */ 196 double rfc1867_min_freq; /* session.upload_progress.min_freq */ 197 198 bool use_strict_mode; /* whether or not PHP accepts unknown session ids */ 199 bool lazy_write; /* omit session write when it is possible */ 200 bool in_save_handler; /* state if session is in save handler or not */ 201 bool set_handler; /* state if session module i setting handler or not */ 202 zend_string *session_vars; /* serialized original session data */ 203 } php_ps_globals; 204 205 typedef php_ps_globals zend_ps_globals; 206 207 extern zend_module_entry session_module_entry; 208 #define phpext_session_ptr &session_module_entry 209 210 #ifdef ZTS 211 #define PS(v) ZEND_TSRMG(ps_globals_id, php_ps_globals *, v) 212 #ifdef COMPILE_DL_SESSION 213 ZEND_TSRMLS_CACHE_EXTERN() 214 #endif 215 #else 216 #define PS(v) (ps_globals.v) 217 #endif 218 219 #define PS_SERIALIZER_ENCODE_ARGS void 220 #define PS_SERIALIZER_DECODE_ARGS const char *val, size_t vallen 221 222 typedef struct ps_serializer_struct { 223 const char *name; 224 zend_string *(*encode)(PS_SERIALIZER_ENCODE_ARGS); 225 zend_result (*decode)(PS_SERIALIZER_DECODE_ARGS); 226 } ps_serializer; 227 228 #define PS_SERIALIZER_ENCODE_NAME(x) ps_srlzr_encode_##x 229 #define PS_SERIALIZER_DECODE_NAME(x) ps_srlzr_decode_##x 230 231 #define PS_SERIALIZER_ENCODE_FUNC(x) \ 232 zend_string *PS_SERIALIZER_ENCODE_NAME(x)(PS_SERIALIZER_ENCODE_ARGS) 233 #define PS_SERIALIZER_DECODE_FUNC(x) \ 234 zend_result PS_SERIALIZER_DECODE_NAME(x)(PS_SERIALIZER_DECODE_ARGS) 235 236 #define PS_SERIALIZER_FUNCS(x) \ 237 PS_SERIALIZER_ENCODE_FUNC(x); \ 238 PS_SERIALIZER_DECODE_FUNC(x) 239 240 #define PS_SERIALIZER_ENTRY(x) \ 241 { #x, PS_SERIALIZER_ENCODE_NAME(x), PS_SERIALIZER_DECODE_NAME(x) } 242 243 /* default create id function */ 244 PHPAPI zend_string *php_session_create_id(PS_CREATE_SID_ARGS); 245 /* Dummy PS module functions */ 246 PHPAPI zend_result php_session_validate_sid(PS_VALIDATE_SID_ARGS); 247 PHPAPI zend_result php_session_update_timestamp(PS_UPDATE_TIMESTAMP_ARGS); 248 249 PHPAPI void session_adapt_url(const char *url, size_t url_len, char **new_url, size_t *new_len); 250 251 PHPAPI zend_result php_session_destroy(void); 252 PHPAPI void php_add_session_var(zend_string *name); 253 PHPAPI zval *php_set_session_var(zend_string *name, zval *state_val, php_unserialize_data_t *var_hash); 254 PHPAPI zval *php_get_session_var(zend_string *name); 255 256 PHPAPI zend_result php_session_register_module(const ps_module *); 257 258 PHPAPI zend_result php_session_register_serializer(const char *name, 259 zend_string *(*encode)(PS_SERIALIZER_ENCODE_ARGS), 260 zend_result (*decode)(PS_SERIALIZER_DECODE_ARGS)); 261 262 PHPAPI zend_result php_session_start(void); 263 PHPAPI zend_result php_session_flush(int write); 264 265 PHPAPI const ps_module *_php_find_ps_module(const char *name); 266 PHPAPI const ps_serializer *_php_find_ps_serializer(const char *name); 267 268 PHPAPI zend_result php_session_valid_key(const char *key); 269 PHPAPI zend_result php_session_reset_id(void); 270 271 #define PS_ADD_VARL(name) do { \ 272 php_add_session_var(name); \ 273 } while (0) 274 275 #define PS_ADD_VAR(name) PS_ADD_VARL(name) 276 277 #define PS_DEL_VARL(name) do { \ 278 if (!Z_ISNULL(PS(http_session_vars))) { \ 279 zend_hash_del(Z_ARRVAL(PS(http_session_vars)), name); \ 280 } \ 281 } while (0) 282 283 284 #define PS_ENCODE_VARS \ 285 zend_string *key; \ 286 zend_ulong num_key; \ 287 zval *struc; 288 289 #define PS_ENCODE_LOOP(code) do { \ 290 HashTable *_ht = Z_ARRVAL_P(Z_REFVAL(PS(http_session_vars))); \ 291 ZEND_HASH_FOREACH_KEY(_ht, num_key, key) { \ 292 if (key == NULL) { \ 293 php_error_docref(NULL, E_WARNING, \ 294 "Skipping numeric key " ZEND_LONG_FMT, num_key);\ 295 continue; \ 296 } \ 297 if ((struc = php_get_session_var(key))) { \ 298 code; \ 299 } \ 300 } ZEND_HASH_FOREACH_END(); \ 301 } while(0) 302 303 PHPAPI ZEND_EXTERN_MODULE_GLOBALS(ps) 304 305 void php_session_auto_start(void *data); 306 307 extern PHPAPI zend_class_entry *php_session_class_entry; 308 309 extern PHPAPI zend_class_entry *php_session_iface_entry; 310 311 extern PHPAPI zend_class_entry *php_session_id_iface_entry; 312 313 extern PHPAPI zend_class_entry *php_session_update_timestamp_iface_entry; 314 315 extern PHP_METHOD(SessionHandler, open); 316 extern PHP_METHOD(SessionHandler, close); 317 extern PHP_METHOD(SessionHandler, read); 318 extern PHP_METHOD(SessionHandler, write); 319 extern PHP_METHOD(SessionHandler, destroy); 320 extern PHP_METHOD(SessionHandler, gc); 321 extern PHP_METHOD(SessionHandler, create_sid); 322 323 #endif 324