Changeset 38353 for trunk/src/wp-includes/class-wp-session-tokens.php
- Timestamp:
- 08/25/2016 05:43:41 PM (8 years ago)
- File:
-
- 1 copied
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/class-wp-session-tokens.php
r38350 r38353 1 1 <?php 2 /** 3 * Session API: WP_Session_Tokens class 4 * 5 * @package WordPress 6 * @subpackage Session 7 * @since 4.7.0 8 */ 9 2 10 /** 3 11 * Abstract class for managing user session tokens. … … 308 316 public static function drop_sessions() {} 309 317 } 310 311 /**312 * Meta-based user sessions token manager.313 *314 * @since 4.0.0315 */316 class WP_User_Meta_Session_Tokens extends WP_Session_Tokens {317 318 /**319 * Get all sessions of a user.320 *321 * @since 4.0.0322 * @access protected323 *324 * @return array Sessions of a user.325 */326 protected function get_sessions() {327 $sessions = get_user_meta( $this->user_id, 'session_tokens', true );328 329 if ( ! is_array( $sessions ) ) {330 return array();331 }332 333 $sessions = array_map( array( $this, 'prepare_session' ), $sessions );334 return array_filter( $sessions, array( $this, 'is_still_valid' ) );335 }336 337 /**338 * Converts an expiration to an array of session information.339 *340 * @param mixed $session Session or expiration.341 * @return array Session.342 */343 protected function prepare_session( $session ) {344 if ( is_int( $session ) ) {345 return array( 'expiration' => $session );346 }347 348 return $session;349 }350 351 /**352 * Retrieve a session by its verifier (token hash).353 *354 * @since 4.0.0355 * @access protected356 *357 * @param string $verifier Verifier of the session to retrieve.358 * @return array|null The session, or null if it does not exist359 */360 protected function get_session( $verifier ) {361 $sessions = $this->get_sessions();362 363 if ( isset( $sessions[ $verifier ] ) ) {364 return $sessions[ $verifier ];365 }366 367 return null;368 }369 370 /**371 * Update a session by its verifier.372 *373 * @since 4.0.0374 * @access protected375 *376 * @param string $verifier Verifier of the session to update.377 * @param array $session Optional. Session. Omitting this argument destroys the session.378 */379 protected function update_session( $verifier, $session = null ) {380 $sessions = $this->get_sessions();381 382 if ( $session ) {383 $sessions[ $verifier ] = $session;384 } else {385 unset( $sessions[ $verifier ] );386 }387 388 $this->update_sessions( $sessions );389 }390 391 /**392 * Update a user's sessions in the usermeta table.393 *394 * @since 4.0.0395 * @access protected396 *397 * @param array $sessions Sessions.398 */399 protected function update_sessions( $sessions ) {400 if ( $sessions ) {401 update_user_meta( $this->user_id, 'session_tokens', $sessions );402 } else {403 delete_user_meta( $this->user_id, 'session_tokens' );404 }405 }406 407 /**408 * Destroy all session tokens for a user, except a single session passed.409 *410 * @since 4.0.0411 * @access protected412 *413 * @param string $verifier Verifier of the session to keep.414 */415 protected function destroy_other_sessions( $verifier ) {416 $session = $this->get_session( $verifier );417 $this->update_sessions( array( $verifier => $session ) );418 }419 420 /**421 * Destroy all session tokens for a user.422 *423 * @since 4.0.0424 * @access protected425 */426 protected function destroy_all_sessions() {427 $this->update_sessions( array() );428 }429 430 /**431 * Destroy all session tokens for all users.432 *433 * @since 4.0.0434 * @access public435 * @static436 */437 public static function drop_sessions() {438 delete_metadata( 'user', 0, 'session_tokens', false, true );439 }440 }
Note: See TracChangeset
for help on using the changeset viewer.