├── t ├── 00_compile.t ├── 02_trunc.t ├── 03_taint.t └── 01_session.t ├── MANIFEST.SKIP ├── MANIFEST ├── Makefile.PL ├── Changes ├── lib └── Apache │ └── Session │ ├── Serialize │ └── PHP.pm │ ├── Store │ └── PHP.pm │ └── PHP.pm └── README /t/00_compile.t: -------------------------------------------------------------------------------- 1 | use strict; 2 | use Test::More tests => 1; 3 | 4 | BEGIN { use_ok 'Apache::Session::PHP' } 5 | -------------------------------------------------------------------------------- /MANIFEST.SKIP: -------------------------------------------------------------------------------- 1 | \bRCS\b 2 | \bCVS\b 3 | ^MANIFEST\. 4 | ^Makefile$ 5 | ~$ 6 | \.old$ 7 | ^blib/ 8 | ^pm_to_blib 9 | ^MakeMaker-\d 10 | \.gz$ 11 | \.cvsignore 12 | -------------------------------------------------------------------------------- /MANIFEST: -------------------------------------------------------------------------------- 1 | Changes 2 | MANIFEST 3 | Makefile.PL 4 | README 5 | lib/Apache/Session/PHP.pm 6 | lib/Apache/Session/Serialize/PHP.pm 7 | lib/Apache/Session/Store/PHP.pm 8 | t/00_compile.t 9 | t/01_session.t 10 | t/02_trunc.t 11 | t/03_taint.t 12 | -------------------------------------------------------------------------------- /Makefile.PL: -------------------------------------------------------------------------------- 1 | use ExtUtils::MakeMaker; 2 | WriteMakefile( 3 | 'NAME' => 'Apache::Session::PHP', 4 | 'VERSION_FROM' => 'lib/Apache/Session/PHP.pm', # finds $VERSION 5 | 'PREREQ_PM' => { 6 | 'Test::More' => 0.32, 7 | 'Apache::Session' => 1.52, 8 | 'PHP::Session' => 0.06, 9 | }, 10 | ); 11 | -------------------------------------------------------------------------------- /Changes: -------------------------------------------------------------------------------- 1 | Revision history for Perl extension Apache::Session::PHP 2 | 3 | 0.04 Sat Aug 24 05:02:37 JST 2002 4 | - Added test for 0.04 fix 5 | * Now it works under tainting mode 6 | Thanks to Ed Summers 7 | 8 | 0.03 Sat Aug 24 04:34:44 JST 2002 9 | * Fixed bug that previous session is not correctly cleared 10 | Thanks to: Andy Lester 11 | Ed Summers 12 | 13 | 0.02 Wed Mar 27 03:16:44 JST 2002 14 | - CPAN upload problem 15 | 16 | 0.01 Wed Mar 27 02:00:47 2002 17 | - original version 18 | -------------------------------------------------------------------------------- /t/02_trunc.t: -------------------------------------------------------------------------------- 1 | use strict; 2 | use Test::More tests => 1; 3 | 4 | use Apache::Session::PHP; 5 | use FileHandle; 6 | 7 | my %session; 8 | tie %session, 'Apache::Session::PHP', undef, { 9 | SavePath => 't', 10 | }; 11 | 12 | $session{foo} = "bar" x 20; 13 | 14 | my $sid = $session{_session_id}; 15 | untie %session; 16 | 17 | # reload 18 | 19 | tie %session, 'Apache::Session::PHP', $sid, { 20 | SavePath => 't', 21 | }; 22 | 23 | $session{foo} = "a"; 24 | untie %session; 25 | 26 | # now correctly cleared? 27 | my $handle = FileHandle->new("t/sess_$sid"); 28 | my $content = do { local $/; <$handle> }; 29 | unlike $content, qr/bar/, "foo key correctly cleared"; 30 | 31 | 32 | tie %session, 'Apache::Session::PHP', $sid, { 33 | SavePath => 't', 34 | }; 35 | tied(%session)->delete; 36 | untie %session; 37 | -------------------------------------------------------------------------------- /t/03_taint.t: -------------------------------------------------------------------------------- 1 | # run things under taint mode 2 | 3 | use strict; 4 | use warnings; 5 | use Test::More qw( no_plan ); 6 | 7 | my $sid; 8 | use_ok( 'Apache::Session::PHP' ); 9 | 10 | CREATE: { 11 | tie my %session, 'Apache::Session::PHP', $sid, { SavePath => 't' }; 12 | $session{ foo } = 'bar'; 13 | $sid = $session{ _session_id }; 14 | ok( -f "t/sess_$sid", 'session file created' ); 15 | } 16 | 17 | RESTORE: { 18 | tie my %session, 'Apache::Session::PHP', $sid, { SavePath => 't' }; 19 | is( $session{ foo }, 'bar', 'restore' ); 20 | } 21 | 22 | DELETE: { 23 | ok( -f "t/sess_$sid", 'session file exists' ); 24 | tie my %session, 'Apache::Session::PHP', $sid, { SavePath => 't' }; 25 | tied( %session )->delete(); 26 | ok( ! -f "t/sess_$sid", 'session file gone' ); 27 | } 28 | 29 | -------------------------------------------------------------------------------- /lib/Apache/Session/Serialize/PHP.pm: -------------------------------------------------------------------------------- 1 | package Apache::Session::Serialize::PHP; 2 | 3 | use strict; 4 | use vars qw($VERSION); 5 | $VERSION = 0.03; 6 | 7 | use PHP::Session::Serializer::PHP; 8 | 9 | sub serialize { 10 | my $session = shift; 11 | my $serializer = PHP::Session::Serializer::PHP->new; 12 | $session->{serialized} = $serializer->encode($session->{data}); 13 | } 14 | 15 | sub unserialize { 16 | my $session = shift; 17 | my $serializer = PHP::Session::Serializer::PHP->new; 18 | $session->{data} = $serializer->decode($session->{serialized}); 19 | } 20 | 21 | 1; 22 | __END__ 23 | 24 | =head1 NAME 25 | 26 | Apache::Session::Serialize::PHP - uses PHP::Session to serialize session 27 | 28 | =head1 SYNOPSIS 29 | 30 | B 31 | 32 | =head1 AUTHOR 33 | 34 | Tatsuhiko Miyagawa Emiyagawa@bulknews.netE 35 | 36 | This library is free software; you can redistribute it and/or modify 37 | it under the same terms as Perl itself. 38 | 39 | =head1 SEE ALSO 40 | 41 | L, L 42 | 43 | =cut 44 | -------------------------------------------------------------------------------- /t/01_session.t: -------------------------------------------------------------------------------- 1 | use strict; 2 | use Test::More tests => 8; 3 | 4 | use Apache::Session::PHP; 5 | use PHP::Session; 6 | 7 | # init 8 | 9 | my %session; 10 | tie %session, 'Apache::Session::PHP', undef, { 11 | SavePath => 't', 12 | }; 13 | 14 | $session{foo} = "bar"; 15 | $session{bar} = { 'bar' => 1, 'baz' => 2 }; 16 | 17 | my $sid = $session{_session_id}; 18 | untie %session; 19 | 20 | # reload 21 | 22 | tie %session, 'Apache::Session::PHP', $sid, { 23 | SavePath => 't', 24 | }; 25 | 26 | is $session{foo}, 'bar'; 27 | is_deeply $session{bar}, { 'bar' => 1, 'baz' => 2 }; 28 | 29 | untie %session; 30 | 31 | # from PHP::Session 32 | 33 | ok my $php = PHP::Session->new($sid, { save_path => 't' }); 34 | is $php->get('foo'), 'bar'; 35 | is_deeply $php->get('bar'), { 'bar' => 1, 'baz' => 2 }; 36 | $php->set(xxx => 'yyy'); 37 | $php->save; 38 | 39 | # from A::S::PHP again 40 | 41 | tie %session, 'Apache::Session::PHP', $sid, { 42 | SavePath => 't', 43 | }; 44 | 45 | is $session{foo}, 'bar'; 46 | is_deeply $session{bar}, { 'bar' => 1, 'baz' => 2 }; 47 | is $session{xxx}, 'yyy'; 48 | 49 | tied(%session)->delete; 50 | 51 | untie %session; 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | NAME 2 | Apache::Session::PHP - glues Apache::Session with PHP::Session 3 | 4 | SYNOPSIS 5 | use Apache::Session::PHP; 6 | 7 | tie %session, 'Apache::Session::PHP', $sid, { 8 | SavePath => '/var/sessions', 9 | }; 10 | 11 | DESCRIPTION 12 | Apache::Session::PHP is an adapter of Apache::Session for PHP::Session. 13 | It uses following combination of straregies: 14 | 15 | Generate: MD5 16 | PHP4 session also uses 32bit session-id, generated by MD5 of random 17 | string. So MD5 (default) generation would fit. 18 | 19 | Serialize: PHP 20 | uses PHP::Session::Serializer::PHP. 21 | 22 | Lock: Null 23 | PHP4 uses exclusive flock for session locking. In Apache::Session, 24 | we use Null for locking and Store module executes flock on opening 25 | the session file. 26 | 27 | Store: PHP 28 | similarto File store, but file naming scheme is slightly different. 29 | 30 | NOTE 31 | PHP does NOT have distinction between hash and array. Thus PHP::Session 32 | restores PHP *array* as Perl *hash*. 33 | 34 | Perl => PHP => Perl 35 | array array hash 36 | 37 | Thus if you store array in sessions, what'll come back is hash. 38 | 39 | AUTHOR 40 | Tatsuhiko Miyagawa 41 | 42 | This library is free software; you can redistribute it and/or modify it 43 | under the same terms as Perl itself. 44 | 45 | SEE ALSO 46 | the Apache::Session manpage, the PHP::Session manpage 47 | 48 | -------------------------------------------------------------------------------- /lib/Apache/Session/Store/PHP.pm: -------------------------------------------------------------------------------- 1 | package Apache::Session::Store::PHP; 2 | 3 | use strict; 4 | use vars qw($VERSION); 5 | $VERSION = 0.04; 6 | 7 | use Apache::Session::File; 8 | 9 | use Fcntl qw(:flock); 10 | use IO::File; 11 | 12 | sub new { 13 | my $class = shift; 14 | bless {}, $class; 15 | } 16 | 17 | sub _file { 18 | my($self, $session) = @_; 19 | my $directory = $session->{args}->{SavePath} || '/tmp'; 20 | my $file = $directory.'/sess_'.$session->{data}->{_session_id}; 21 | ## taint safe 22 | ( $file ) = $file =~ /^(.*)$/; 23 | return( $file ); 24 | } 25 | 26 | sub insert { 27 | my($self, $session) = @_; 28 | $self->_write($session, 1); 29 | } 30 | 31 | sub update { 32 | my($self, $session) = @_; 33 | $self->_write($session, 0); 34 | } 35 | 36 | sub _write { 37 | my($self, $session, $check) = @_; 38 | 39 | if ($check && -e $self->_file($session)) { 40 | die "Object already exists in the data store"; 41 | } 42 | 43 | my $fh = IO::File->new(">".$self->_file($session)) 44 | or die "Could not open file: $!"; 45 | flock $fh, LOCK_EX; 46 | $fh->print($session->{serialized}); 47 | $fh->close; 48 | } 49 | 50 | sub materialize { 51 | my($self, $session) = @_; 52 | my $file = $self->_file($session); 53 | -e $file or die "Object does not exist in the data store"; 54 | 55 | my $fh = IO::File->new($self->_file($session), O_RDWR|O_CREAT) 56 | or die "Could not open file: $!"; 57 | flock $fh, LOCK_EX; 58 | while (<$fh>) { 59 | $session->{serialized} .= $_; 60 | } 61 | close $fh; 62 | } 63 | 64 | sub remove { 65 | my($self, $session) = @_; 66 | my $file = $self->_file($session); 67 | unlink $file if -e $file; 68 | } 69 | 70 | 1; 71 | __END__ 72 | 73 | =head1 NAME 74 | 75 | Apache::Session::Store::PHP - writes to PHP4 builtin session files 76 | 77 | =head1 SYNOPSIS 78 | 79 | B 80 | 81 | =head1 AUTHOR 82 | 83 | Tatsuhiko Miyagawa Emiyagawa@bulknews.netE 84 | 85 | This library is free software; you can redistribute it and/or modify 86 | it under the same terms as Perl itself. 87 | 88 | =head1 SEE ALSO 89 | 90 | L 91 | 92 | =cut 93 | -------------------------------------------------------------------------------- /lib/Apache/Session/PHP.pm: -------------------------------------------------------------------------------- 1 | package Apache::Session::PHP; 2 | 3 | use strict; 4 | use vars qw($VERSION); 5 | $VERSION = 0.04; 6 | 7 | use Apache::Session; 8 | use base qw(Apache::Session); 9 | 10 | use Apache::Session::Generate::MD5; 11 | use Apache::Session::Serialize::PHP; 12 | use Apache::Session::Lock::Null; 13 | use Apache::Session::Store::PHP; 14 | 15 | sub populate { 16 | my $self = shift; 17 | 18 | $self->{object_store} = Apache::Session::Store::PHP->new($self); 19 | $self->{lock_manager} = Apache::Session::Lock::Null->new($self); 20 | $self->{generate} = \&Apache::Session::Generate::MD5::generate; 21 | $self->{validate} = \&Apache::Session::Generate::MD5::validate; 22 | $self->{serialize} = \&Apache::Session::Serialize::PHP::serialize; 23 | $self->{unserialize} = \&Apache::Session::Serialize::PHP::unserialize; 24 | return $self; 25 | } 26 | 27 | 1; 28 | __END__ 29 | 30 | =head1 NAME 31 | 32 | Apache::Session::PHP - glues Apache::Session with PHP::Session 33 | 34 | =head1 SYNOPSIS 35 | 36 | use Apache::Session::PHP; 37 | 38 | tie %session, 'Apache::Session::PHP', $sid, { 39 | SavePath => '/var/sessions', 40 | }; 41 | 42 | =head1 DESCRIPTION 43 | 44 | Apache::Session::PHP is an adapter of Apache::Session for 45 | PHP::Session. It uses following combination of strategies: 46 | 47 | =over 4 48 | 49 | =item Generate: MD5 50 | 51 | PHP4 session also uses 32bit session-id, generated by MD5 of random 52 | string. So MD5 (default) generation would fit. 53 | 54 | =item Serialize: PHP 55 | 56 | uses PHP::Session::Serializer::PHP. 57 | 58 | =item Lock: Null 59 | 60 | PHP4 uses exclusive flock for session locking. In Apache::Session, we 61 | use Null for locking and Store module executes flock on opening the 62 | session file. 63 | 64 | =item Store: PHP 65 | 66 | similarto File store, but file naming scheme is slightly different. 67 | 68 | =back 69 | 70 | =head1 NOTE 71 | 72 | PHP does NOT have distinction between hash and array. Thus 73 | PHP::Session restores PHP I as Perl I. 74 | 75 | Perl => PHP => Perl 76 | array array hash 77 | 78 | Thus if you store array in sessions, what'll come back is hash. 79 | 80 | =head1 AUTHOR 81 | 82 | Tatsuhiko Miyagawa Emiyagawa@bulknews.netE 83 | 84 | This library is free software; you can redistribute it and/or modify 85 | it under the same terms as Perl itself. 86 | 87 | =head1 SEE ALSO 88 | 89 | L, L 90 | 91 | =cut 92 | --------------------------------------------------------------------------------