| Server IP : 172.67.216.182 / Your IP : 172.70.147.173 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/wwwroot/lapma.in/wp-content/plugins/everest-forms/includes/ |
Upload File : |
<?php
/**
* Handle data for the current customers session.
* Implements the EVF_Session abstract class.
*
* @package EverestForms\Classes
* @since 1.0.0
*/
defined( 'ABSPATH' ) || exit;
/**
* Session handler class.
*/
class EVF_Session_Handler extends EVF_Session {
/**
* Cookie name used for the session.
*
* @var string cookie name
*/
protected $_cookie;
/**
* Stores session expiry.
*
* @var string session due to expire timestamp
*/
protected $_session_expiring;
/**
* Stores session due to expire timestamp.
*
* @var string session expiration timestamp
*/
protected $_session_expiration;
/**
* True when the cookie exists.
*
* @var bool Based on whether a cookie exists.
*/
protected $_has_cookie = false;
/**
* Table name for session data.
*
* @var string Custom session table name
*/
protected $_table;
/**
* Constructor for the session class.
*/
public function __construct() {
$this->_cookie = apply_filters( 'everest_forms_cookie', 'wp_everest_forms_session_' . COOKIEHASH );
$this->_table = $GLOBALS['wpdb']->prefix . 'evf_sessions';
}
/**
* Init hooks and session data.
*/
public function init() {
$cookie = $this->get_session_cookie();
if ( $cookie ) {
$this->_customer_id = $cookie[0];
$this->_session_expiration = $cookie[1];
$this->_session_expiring = $cookie[2];
$this->_has_cookie = true;
// Update session if its close to expiring.
if ( time() > $this->_session_expiring ) {
$this->set_session_expiration();
$this->update_session_timestamp( $this->_customer_id, $this->_session_expiration );
}
} else {
$this->set_session_expiration();
$this->_customer_id = $this->generate_customer_id();
}
$this->_data = $this->get_session_data();
add_action( 'shutdown', array( $this, 'save_data' ), 20 );
add_action( 'wp_logout', array( $this, 'destroy_session' ) );
if ( ! is_user_logged_in() ) {
add_filter( 'nonce_user_logged_out', array( $this, 'nonce_user_logged_out' ) );
}
}
/**
* Return true if the current user has an active session, i.e. a cookie to retrieve values.
*
* @return bool
*/
public function has_session() {
return isset( $_COOKIE[ $this->_cookie ] ) || $this->_has_cookie || is_user_logged_in(); // @codingStandardsIgnoreLine.
}
/**
* Set session expiration.
*/
public function set_session_expiration() {
$this->_session_expiring = time() + intval( apply_filters( 'evf_session_expiring', 60 * 60 * 47 ) ); // 47 Hours.
$this->_session_expiration = time() + intval( apply_filters( 'evf_session_expiration', 60 * 60 * 48 ) ); // 48 Hours.
}
/**
* Generate a unique customer ID for guests, or return user ID if logged in.
*
* Uses Portable PHP password hashing framework to generate a unique cryptographically strong ID.
*
* @return string
*/
public function generate_customer_id() {
$customer_id = '';
if ( is_user_logged_in() ) {
$customer_id = get_current_user_id();
}
if ( empty( $customer_id ) ) {
require_once ABSPATH . 'wp-includes/class-phpass.php';
$hasher = new PasswordHash( 8, false );
$customer_id = md5( $hasher->get_random_bytes( 32 ) );
}
return $customer_id;
}
/**
* Get the session cookie, if set. Otherwise return false.
*
* Session cookies without a customer ID are invalid.
*
* @return bool|array
*/
public function get_session_cookie() {
$cookie_value = isset( $_COOKIE[ $this->_cookie ] ) ? wp_unslash( $_COOKIE[ $this->_cookie ] ) : false; // @codingStandardsIgnoreLine.
if ( empty( $cookie_value ) || ! is_string( $cookie_value ) ) {
return false;
}
list( $customer_id, $session_expiration, $session_expiring, $cookie_hash ) = explode( '||', $cookie_value );
if ( empty( $customer_id ) ) {
return false;
}
// Validate hash.
$to_hash = $customer_id . '|' . $session_expiration;
$hash = hash_hmac( 'md5', $to_hash, wp_hash( $to_hash ) );
if ( empty( $cookie_hash ) || ! hash_equals( $hash, $cookie_hash ) ) {
return false;
}
return array( $customer_id, $session_expiration, $session_expiring, $cookie_hash );
}
/**
* Get session data.
*
* @return array
*/
public function get_session_data() {
return $this->has_session() ? (array) $this->get_session( $this->_customer_id, array() ) : array();
}
/**
* Gets a cache prefix. This is used in session names so the entire cache can be invalidated with 1 function call.
*
* @return string
*/
private function get_cache_prefix() {
return EVF_Cache_Helper::get_cache_prefix( EVF_SESSION_CACHE_GROUP );
}
/**
* Save data.
*/
public function save_data() {
// Dirty if something changed - prevents saving nothing new.
if ( $this->_dirty && $this->has_session() ) {
global $wpdb;
$wpdb->query(
$wpdb->prepare(
"INSERT INTO {$wpdb->prefix}evf_sessions (`session_key`, `session_value`, `session_expiry`) VALUES (%s, %s, %d)
ON DUPLICATE KEY UPDATE `session_value` = VALUES(`session_value`), `session_expiry` = VALUES(`session_expiry`)",
$this->_customer_id,
maybe_serialize( $this->_data ),
$this->_session_expiration
)
);
wp_cache_set( $this->get_cache_prefix() . $this->_customer_id, $this->_data, EVF_SESSION_CACHE_GROUP, $this->_session_expiration - time() );
$this->_dirty = false;
}
}
/**
* Destroy all session data.
*/
public function destroy_session() {
evf_setcookie( $this->_cookie, '', time() - YEAR_IN_SECONDS, apply_filters( 'evf_session_use_secure_cookie', false ) );
$this->delete_session( $this->_customer_id );
$this->_data = array();
$this->_dirty = false;
$this->_customer_id = $this->generate_customer_id();
}
/**
* When a user is logged out, ensure they have a unique nonce by using the customer/session ID.
*
* @param int $uid User ID.
* @return string
*/
public function nonce_user_logged_out( $uid ) {
return $this->has_session() && $this->_customer_id ? $this->_customer_id : $uid;
}
/**
* Cleanup session data from the database and clear caches.
*/
public function cleanup_sessions() {
global $wpdb;
$wpdb->query( $wpdb->prepare( "DELETE FROM $this->_table WHERE session_expiry < %d", time() ) ); // @codingStandardsIgnoreLine.
if ( class_exists( 'EVF_Cache_Helper' ) ) {
EVF_Cache_Helper::incr_cache_prefix( EVF_SESSION_CACHE_GROUP );
}
}
/**
* Returns the session.
*
* @param string $customer_id Customer ID.
* @param mixed $default Default session value.
* @return string|array
*/
public function get_session( $customer_id, $default = false ) {
global $wpdb;
if ( defined( 'WP_SETUP_CONFIG' ) ) {
return false;
}
// Try to get it from the cache, it will return false if not present or if object cache not in use.
$value = wp_cache_get( $this->get_cache_prefix() . $customer_id, EVF_SESSION_CACHE_GROUP );
if ( false === $value ) {
$value = $wpdb->get_var( $wpdb->prepare( "SELECT session_value FROM $this->_table WHERE session_key = %s", $customer_id ) ); // @codingStandardsIgnoreLine.
if ( is_null( $value ) ) {
$value = $default;
}
wp_cache_add( $this->get_cache_prefix() . $customer_id, $value, EVF_SESSION_CACHE_GROUP, $this->_session_expiration - time() );
}
return maybe_unserialize( $value );
}
/**
* Delete the session from the cache and database.
*
* @param int $customer_id Customer ID.
*/
public function delete_session( $customer_id ) {
global $wpdb;
wp_cache_delete( $this->get_cache_prefix() . $customer_id, EVF_SESSION_CACHE_GROUP );
$wpdb->delete( // @codingStandardsIgnoreLine.
$this->_table,
array(
'session_key' => $customer_id,
)
);
}
/**
* Update the session expiry timestamp.
*
* @param string $customer_id Customer ID.
* @param int $timestamp Timestamp to expire the cookie.
*/
public function update_session_timestamp( $customer_id, $timestamp ) {
global $wpdb;
// @codingStandardsIgnoreStart.
$wpdb->update(
$this->_table,
array(
'session_expiry' => $timestamp,
),
array(
'session_key' => $customer_id,
),
array(
'%d'
)
);
// @codingStandardsIgnoreEnd.
}
}