本文整理汇总了PHP中SessionUtil::_createNew方法的典型用法代码示例。如果您正苦于以下问题:PHP SessionUtil::_createNew方法的具体用法?PHP SessionUtil::_createNew怎么用?PHP SessionUtil::_createNew使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类SessionUtil
的用法示例。
在下文中一共展示了SessionUtil::_createNew方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: start
//.........这里部分代码省略.........
// Auto-start session
ini_set('session.name', SessionUtil::getCookieName());
// Name of our cookie
// Set lifetime of session cookie
$seclevel = System::getVar('seclevel');
switch ($seclevel) {
case 'High':
// Session lasts duration of browser
$lifetime = 0;
// Referer check
// ini_set('session.referer_check', $host.$path);
ini_set('session.referer_check', $host);
break;
case 'Medium':
// Session lasts set number of days
$lifetime = System::getVar('secmeddays') * 86400;
break;
case 'Low':
default:
// Session lasts unlimited number of days (well, lots, anyway)
// (Currently set to 25 years)
$lifetime = 788940000;
break;
}
ini_set('session.cookie_lifetime', $lifetime);
// domain and path settings for session cookie
// if (System::getVar('intranet') == false) {
// Cookie path
ini_set('session.cookie_path', $path);
// Garbage collection
ini_set('session.gc_probability', System::getVar('gc_probability'));
ini_set('session.gc_divisor', 10000);
ini_set('session.gc_maxlifetime', System::getVar('secinactivemins') * 60);
// Inactivity timeout for user sessions
ini_set('session.hash_function', 1);
// Set custom session handlers
ini_set('session.save_handler', 'user');
if (System::getVar('sessionstoretofile')) {
ini_set('session.save_path', System::getVar('sessionsavepath'));
}
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
// create IP finger print
$current_ipaddr = '';
$_REMOTE_ADDR = System::serverGetVar('REMOTE_ADDR');
$_HTTP_X_FORWARDED_FOR = System::serverGetVar('HTTP_X_FORWARDED_FOR');
if (System::getVar('sessionipcheck')) {
// feature for future release
}
// create the ip fingerprint
$current_ipaddr = md5($_REMOTE_ADDR . $_HTTP_X_FORWARDED_FOR);
// start session check expiry and ip fingerprint if required
if (session_start() && isset($GLOBALS['_ZSession']['obj']) && $GLOBALS['_ZSession']['obj']) {
// check if session has expired or not
$now = time();
$inactive = $now - (int) (System::getVar('secinactivemins') * 60);
$daysold = $now - (int) (System::getVar('secmeddays') * 86400);
$lastused = strtotime($GLOBALS['_ZSession']['obj']['lastused']);
$rememberme = SessionUtil::getVar('rememberme');
$uid = $GLOBALS['_ZSession']['obj']['uid'];
$ipaddr = $GLOBALS['_ZSession']['obj']['ipaddr'];
// IP check
if (System::getVar('sessionipcheck', false)) {
if ($ipaddr !== $current_ipaddr) {
session_destroy();
return false;
}
}
switch (System::getVar('seclevel')) {
case 'Low':
// Low security - users stay logged in permanently
// no special check necessary
break;
case 'Medium':
// Medium security - delete session info if session cookie has
// expired or user decided not to remember themself and inactivity timeout
// OR max number of days have elapsed without logging back in
if (!$rememberme && $lastused < $inactive || $lastused < $daysold || $uid == '0' && $lastused < $inactive) {
$this->expire();
}
break;
case 'High':
default:
// High security - delete session info if user is inactive
//if ($rememberme && ($lastused < $inactive)) { // see #427
if ($lastused < $inactive) {
$this->expire();
}
break;
}
} else {
// *must* regenerate new session otherwise the default sessid will be
// taken from any session cookie that was submitted (bad bad bad)
$this->regenerate(true);
SessionUtil::_createNew(session_id(), $current_ipaddr);
}
if (isset($_SESSION['_ZSession']['obj'])) {
unset($_SESSION['_ZSession']['obj']);
}
return true;
}