Mercurial > hg > isophonics-drupal-site
comparison vendor/symfony/http-foundation/Session/Storage/Handler/PdoSessionHandler.php @ 16:c2387f117808
Routine composer update
| author | Chris Cannam |
|---|---|
| date | Tue, 10 Jul 2018 15:07:59 +0100 |
| parents | 1fec387a4317 |
| children | 129ea1e6d783 |
comparison
equal
deleted
inserted
replaced
| 15:e200cb7efeb3 | 16:c2387f117808 |
|---|---|
| 614 } | 614 } |
| 615 | 615 |
| 616 $selectSql = $this->getSelectSql(); | 616 $selectSql = $this->getSelectSql(); |
| 617 $selectStmt = $this->pdo->prepare($selectSql); | 617 $selectStmt = $this->pdo->prepare($selectSql); |
| 618 $selectStmt->bindParam(':id', $sessionId, \PDO::PARAM_STR); | 618 $selectStmt->bindParam(':id', $sessionId, \PDO::PARAM_STR); |
| 619 $insertStmt = null; | |
| 619 | 620 |
| 620 do { | 621 do { |
| 621 $selectStmt->execute(); | 622 $selectStmt->execute(); |
| 622 $sessionRows = $selectStmt->fetchAll(\PDO::FETCH_NUM); | 623 $sessionRows = $selectStmt->fetchAll(\PDO::FETCH_NUM); |
| 623 | 624 |
| 627 | 628 |
| 628 return ''; | 629 return ''; |
| 629 } | 630 } |
| 630 | 631 |
| 631 return is_resource($sessionRows[0][0]) ? stream_get_contents($sessionRows[0][0]) : $sessionRows[0][0]; | 632 return is_resource($sessionRows[0][0]) ? stream_get_contents($sessionRows[0][0]) : $sessionRows[0][0]; |
| 633 } | |
| 634 | |
| 635 if (null !== $insertStmt) { | |
| 636 $this->rollback(); | |
| 637 throw new \RuntimeException('Failed to read session: INSERT reported a duplicate id but next SELECT did not return any data.'); | |
| 632 } | 638 } |
| 633 | 639 |
| 634 if (!ini_get('session.use_strict_mode') && self::LOCK_TRANSACTIONAL === $this->lockMode && 'sqlite' !== $this->driver) { | 640 if (!ini_get('session.use_strict_mode') && self::LOCK_TRANSACTIONAL === $this->lockMode && 'sqlite' !== $this->driver) { |
| 635 // In strict mode, session fixation is not possible: new sessions always start with a unique | 641 // In strict mode, session fixation is not possible: new sessions always start with a unique |
| 636 // random id, so that concurrency is not possible and this code path can be skipped. | 642 // random id, so that concurrency is not possible and this code path can be skipped. |
| 674 */ | 680 */ |
| 675 private function doAdvisoryLock($sessionId) | 681 private function doAdvisoryLock($sessionId) |
| 676 { | 682 { |
| 677 switch ($this->driver) { | 683 switch ($this->driver) { |
| 678 case 'mysql': | 684 case 'mysql': |
| 685 // MySQL 5.7.5 and later enforces a maximum length on lock names of 64 characters. Previously, no limit was enforced. | |
| 686 $lockId = \substr($sessionId, 0, 64); | |
| 679 // should we handle the return value? 0 on timeout, null on error | 687 // should we handle the return value? 0 on timeout, null on error |
| 680 // we use a timeout of 50 seconds which is also the default for innodb_lock_wait_timeout | 688 // we use a timeout of 50 seconds which is also the default for innodb_lock_wait_timeout |
| 681 $stmt = $this->pdo->prepare('SELECT GET_LOCK(:key, 50)'); | 689 $stmt = $this->pdo->prepare('SELECT GET_LOCK(:key, 50)'); |
| 682 $stmt->bindValue(':key', $sessionId, \PDO::PARAM_STR); | 690 $stmt->bindValue(':key', $lockId, \PDO::PARAM_STR); |
| 683 $stmt->execute(); | 691 $stmt->execute(); |
| 684 | 692 |
| 685 $releaseStmt = $this->pdo->prepare('DO RELEASE_LOCK(:key)'); | 693 $releaseStmt = $this->pdo->prepare('DO RELEASE_LOCK(:key)'); |
| 686 $releaseStmt->bindValue(':key', $sessionId, \PDO::PARAM_STR); | 694 $releaseStmt->bindValue(':key', $lockId, \PDO::PARAM_STR); |
| 687 | 695 |
| 688 return $releaseStmt; | 696 return $releaseStmt; |
| 689 case 'pgsql': | 697 case 'pgsql': |
| 690 // Obtaining an exclusive session level advisory lock requires an integer key. | 698 // Obtaining an exclusive session level advisory lock requires an integer key. |
| 691 // When session.sid_bits_per_character > 4, the session id can contain non-hex-characters. | 699 // When session.sid_bits_per_character > 4, the session id can contain non-hex-characters. |