Refactor session callback logic into Session_Handler abstraction

README.md

@@ -4,6 +4,7 @@
 **Requires at least:** 4.7  
 **Tested up to:** 5.2  
 **Stable tag:** 0.8.1  
+**Requires PHP:** 5.4  
 **License:** GPLv2 or later  
 **License URI:** http://www.gnu.org/licenses/gpl-2.0.html  
 

inc/class-session-handler.php

@@ -0,0 +1,121 @@
+<?php
+/**
+ * Implementation of 'SessionHandlerInterface' that writes to the database.
+ *
+ * @package WPNPS
+ */
+
+namespace Pantheon_Sessions;
+
+use Pantheon_Sessions\Session;
+
+/**
+ * Implementation of 'SessionHandlerInterface' that writes to the database.
+ *
+ * @package WPNPS
+ */
+class Session_Handler implements \SessionHandlerInterface {
+
+	/**
+	 * Closes the session.
+	 *
+	 * @param string $save_path    Path to where the session is to be stored.
+	 * @param string $session_name Name of the session.
+	 * @return boolean
+	 */
+	public function open( $save_path, $session_name ) {
+		return true;
+	}
+
+	/**
+	 * Writes a session to the database.
+	 *
+	 * @param string $session_id   Session id.
+	 * @param string $session_data Session data.
+	 * @return boolean
+	 */
+	public function write( $session_id, $session_data ) {
+		$session = Session::get_by_sid( $session_id );
+
+		if ( ! $session ) {
+			$session = Session::create_for_sid( $session_id );
+		}
+
+		if ( ! $session ) {
+			trigger_error( 'Could not write session to the database. Please check MySQL configuration.', E_USER_WARNING );
+			return false;
+		}
+
+		$session->set_data( $session_data );
+
+		return true;
+	}
+
+	/**
+	 * Reads session data from the database.
+	 *
+	 * @param string $session_id Session id.
+	 * @return string
+	 */
+	public function read( $session_id ) {
+		// Handle the case of first time visitors and clients that don't store
+		// cookies (eg. web crawlers).
+		$insecure_session_name = substr( session_name(), 1 );
+		if ( empty( $session_id )
+			|| ( ! isset( $_COOKIE[ session_name() ] ) && ! isset( $_COOKIE[ $insecure_session_name ] ) ) ) {
+			return '';
+		}
+
+		$session = Session::get_by_sid( $session_id );
+		if ( $session ) {
+			return $session->get_data();
+		} else {
+			return '';
+		}
+	}
+
+	/**
+	 * Destroys the session.
+	 *
+	 * @param string $session_id Session id.
+	 */
+	public function destroy( $session_id ) {
+		$session = Session::get_by_sid( $session_id );
+		if ( ! $session ) {
+			return;
+		}
+
+		$session->destroy();
+
+		return true;
+	}
+
+	/**
+	 * Runs the garbage collection process.
+	 *
+	 * @param integer $maxlifetime Maximum lifetime in seconds.
+	 */
+	public function gc( $maxlifetime ) {
+		global $wpdb;
+
+		$wpdb = Session::restore_wpdb_if_null( $wpdb );
+
+		// Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
+		// value. For example, if you want user sessions to stay in your database
+		// for three weeks before deleting them, you need to set gc_maxlifetime
+		// to '1814400'. At that value, only after a user doesn't log in after
+		// three weeks (1814400 seconds) will his/her session be removed.
+		$wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->pantheon_sessions WHERE `datetime` <= %s ", date( 'Y-m-d H:i:s', time() - $maxlifetime ) ) );
+		return true;
+	}
+
+	/**
+	 * Closes the session.
+	 *
+	 * @return boolean
+	 */
+	public function close() {
+		return true;
+	}
+
+}

pantheon-sessions.php

@@ -57,8 +57,8 @@ private function load() {
 		if ( PANTHEON_SESSIONS_ENABLED ) {
 
 			$this->setup_database();
-			$this->set_ini_values();
 			$this->initialize_session_override();
+			$this->set_ini_values();
 			add_action( 'set_logged_in_cookie', array( __CLASS__, 'action_set_logged_in_cookie' ), 10, 4 );
 			add_action( 'clear_auth_cookie', array( __CLASS__, 'action_clear_auth_cookie' ) );
 		}
@@ -84,8 +84,6 @@ private function require_files() {
 			require_once dirname( __FILE__ ) . '/inc/class-cli-command.php';
 		}
 
-		require_once dirname( __FILE__ ) . '/callbacks.php';
-
 		if ( is_admin() ) {
 			require_once dirname( __FILE__ ) . '/inc/class-admin.php';
 			$this->admin = Pantheon_Sessions\Admin::get_instance();
@@ -158,12 +156,14 @@ private function set_ini_values() {
 	 * Largely adopted from Drupal 7's implementation
 	 */
 	private function initialize_session_override() {
-		if ( ! headers_sent() ) {
-			session_set_save_handler( '_pantheon_session_open', '_pantheon_session_close', '_pantheon_session_read', '_pantheon_session_write', '_pantheon_session_destroy', '_pantheon_session_garbage_collection' );
+		require_once dirname( __FILE__ ) . '/inc/class-session.php';
+		require_once dirname( __FILE__ ) . '/inc/class-session-handler.php';
+		$session_handler = new Pantheon_Sessions\Session_Handler;
+		if ( PHP_SESSION_ACTIVE !== session_status() ) {
+			session_set_save_handler( $session_handler, false );
 		}
 		// Close the session before $wpdb destructs itself.
 		add_action( 'shutdown', 'session_write_close', 999, 0 );
-		require_once dirname( __FILE__ ) . '/inc/class-session.php';
 	}
 
 	/**

readme.txt

@@ -4,6 +4,7 @@ Tags: comments, sessions
 Requires at least: 4.7
 Tested up to: 5.2
 Stable tag: 0.8.1
+Requires PHP: 5.4
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 

tests/phpunit/bootstrap.php

@@ -15,9 +15,10 @@
 ini_set( 'session.cache_limiter', '' );
 ini_set( 'session.cookie_httponly', '1' );
 ini_set( 'session.cookie_lifetime', 0 );
-require_once dirname( dirname( dirname( __FILE__ ) ) ) . '/callbacks.php';
+require_once dirname( dirname( dirname( __FILE__ ) ) ) . '/inc/class-session-handler.php';
 require_once dirname( dirname( dirname( __FILE__ ) ) ) . '/inc/class-session.php';
-session_set_save_handler( '_pantheon_session_open', '_pantheon_session_close', '_pantheon_session_read', '_pantheon_session_write', '_pantheon_session_destroy', '_pantheon_session_garbage_collection' );
+$session_handler = new Pantheon_Sessions\Session_Handler;
+session_set_save_handler( $session_handler, false );
 session_start();
 
 $_tests_dir = getenv( 'WP_TESTS_DIR' );