Context Navigation

← Previous Changeset
Next Changeset →

Changeset 2007451

Timestamp:

01/07/2019 05:21:14 AM (7 years ago)

Author:

ericmann

Message:

Tagging v4.1.0

Location:

wp-session-manager

Files:

: 8 edited
: 1 copied

tags/4.1.0 (copied) (copied from wp-session-manager/trunk)
tags/4.1.0/composer.json (modified) (1 diff)
tags/4.1.0/includes/DatabaseHandler.php (modified) (2 diffs)
tags/4.1.0/readme.txt (modified) (3 diffs)
tags/4.1.0/wp-session-manager.php (modified) (3 diffs)
trunk/composer.json (modified) (1 diff)
trunk/includes/DatabaseHandler.php (modified) (2 diffs)
trunk/readme.txt (modified) (3 diffs)
trunk/wp-session-manager.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

wp-session-manager/tags/4.1.0/composer.json

r2004699	r2007451
2	2	"name" : "ericmann/wp-session-manager",
3	3	"description" : "Prototype session management for WordPress.",
4		"version" : "4.0.0",
	4	"version" : "4.1.0",
5	5	"type" : "wordpress-plugin",
6	6	"keywords" : ["session"],

wp-session-manager/tags/4.1.0/includes/DatabaseHandler.php

-                      r2004699
+                      r2007451
      * @param callable $next Next clean operation in the stack.
+     *
-     * @global \wpdb $wpdb
+     *
      * @return mixed
      */
     public function clean($maxlifetime, $next)
+    {
+        self::directClean();
+        return $next($maxlifetime);
+    }
+    /**
+     * Update the database by removing any sessions that are no longer valid
+     *
+     * @global \wpdb $wpdb
+     */
+    public static function directClean()
+    {
         global $wpdb;
 …
             );
+        }
-        return $next($maxlifetime);
+    }
+}

wp-session-manager/tags/4.1.0/readme.txt

-                      r2004699
+                      r2007451
 Tested up to:      5.0.2
 Requires PHP:      7.1
 Stable tag:        4.0.0
+Stable tag:        4.1.0
 License:           GPLv2 or later
 License URI:       http://www.gnu.org/licenses/gpl-2.0.html
 …
+`
+= I get an error saying my PHP version is out of date. Why? =
+PHP 5.6 was designated end-of-life and stopped receiving security patches in December 2018. PHP 7.0 was _also_ marked end-of-life in December 2018. The minimum version of PHP supported by WP Session Manager is now PHP 7.1.
+If your server is running an older version of PHP, the session system _will not work!_ To avoid triggering a PHP error, the plugin will instead output this notice to upgrade and disable itself silently. You won't see a PHP error, but you also won't get session support.
+Reach out to your hosting provider or system administrator to upgrade your server.
+= I get an error saying another plugin is setting up a session. What can I do? =
+WP Session Manager overrides PHP's default session implementation with its own custom handler. Unfortunately, we can't swap in a new handler if a session is already active. This plugin hooks into the `plugins_loaded` hook to set things up as early as possible, but if you have code in _another_ plugin (or your theme) that attempts to invoke `session_start()` before WP Session Manager loads, then the custom handler won't work at all.
+Inspect your other plugins and try to find the one that's interfering. Then, reach out to the developer to explain the conflict and see if they have a fix.
 == Screenshots ==
 …
 == Changelog ==
+= 4.1.0 =
+* Fix: Add some defense to ensure end users are running the correct version of PHP before loading the system.
+* Fix: Eliminate a race condition where another plugin or the theme created the session first.
+* Fix: Schedule a cron to auto-delete expired sessions.
 = 4.0.0 =

wp-session-manager/tags/4.1.0/wp-session-manager.php

-                      r2004699
+                      r2007451
  * Plugin URI:  https://paypal.me/eam
  * Description: Session management for WordPress.
  * Version:     4.0.0
+ * Version:     4.1.0
  * Author:      Eric Mann
  * Author URI:  https://eamann.com
 …
  */
+$wp_session_autoload = __DIR__ . '/vendor/autoload.php';
+if (file_exists($wp_session_autoload)) {
+    require_once $wp_session_autoload;
+if (!defined('WP_SESSION_MINIMUM_PHP_VERSION')) {
+    define('WP_SESSION_MINIMUM_PHP_VERSION', '7.1.0');
+}
+if (!class_exists('EAMann\Sessionz\Manager')) {
+    exit('WP Session Manager requires Composer autoloading, which is not configured');
+$wp_session_messages = [
+    'bad_php_version' => sprintf(
+        __(
+            'WP Session Manager requires PHP %s or newer. Please contact your system administrator to upgrade!',
+            'wp-session-manager'
+        ),
+        WP_SESSION_MINIMUM_PHP_VERSION,
+        PHP_VERSION
+    ),
+    'multiple_sessions' => __(
+        'Another plugin is attempting to start a session with WordPress. WP Session Manager will not work!',
+        'wp-session-manager'
+    )
+];
+/**
+ * Initialize the plugin, bootstrap autoloading, and register default hooks
+ */
+function wp_session_manager_initialize()
+{
+    $wp_session_autoload = __DIR__ . '/vendor/autoload.php';
+    if (file_exists($wp_session_autoload)) {
+        require_once $wp_session_autoload;
+    }
+    if (!class_exists('EAMann\Sessionz\Manager')) {
+        exit('WP Session Manager requires Composer autoloading, which is not configured');
+    }
+    if (!isset($_SESSION)) {
+        // Queue up the session stack.
+        $wp_session_handler = EAMann\Sessionz\Manager::initialize();
+        // Fall back to database storage where needed.
+        if (defined('WP_SESSION_USE_OPTIONS') && WP_SESSION_USE_OPTIONS) {
+            $wp_session_handler->addHandler(new \EAMann\WPSession\OptionsHandler());
+        } else {
+            $wp_session_handler->addHandler(new \EAMann\WPSession\DatabaseHandler());
+            /**
+             * The database handler can automatically clean up sessions as it goes. By default,
+             * we'll run the cleanup routine every hour to catch any stale sessions that PHP's
+             * garbage collector happens to miss. This timeout can be filtered to increase or
+             * decrease the frequency of the manual purge.
+             *
+             * @param string $timeout Interval with which to purge stale sessions
+             */
+            $timeout = apply_filters('wp_session_gc_interval', 'hourly');
+            if (!wp_next_scheduled('wp_session_database_gc')) {
+                wp_schedule_event(time(), $timeout, 'wp_session_database_gc');
+            }
+            add_action('wp_session_database_gc', ['EAMann\WPSession\DatabaseHandler', 'directClean']);
+        }
+        // If we have an external object cache, let's use it!
+        if (wp_using_ext_object_cache()) {
+            $wp_session_handler->addHandler(new EAMann\WPSession\CacheHandler());
+        }
+        // Decrypt the data surfacing from external storage.
+        if (defined('WP_SESSION_ENC_KEY') && WP_SESSION_ENC_KEY) {
+            $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\EncryptionHandler(WP_SESSION_ENC_KEY));
+        }
+        // Use an in-memory cache for the instance if we can. This will only help in rare cases.
+        $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\MemoryHandler());
+        $_SESSION['wp_session_manager'] = 'active';
+    }
+    if (! isset($_SESSION['wp_session_manager']) || $_SESSION['wp_session_manager'] !== 'active') {
+        add_action('admin_notices', 'wp_session_manager_multiple_sessions_notice');
+        return;
+    }
+    // Create the required table.
+    \EAMann\WPSession\DatabaseHandler::createTable();
+    register_deactivation_hook(__FILE__, function () {
+        wp_clear_scheduled_hook('wp_session_database_gc');
+    });
+}
+// Queue up the session stack.
+$wp_session_handler = EAMann\Sessionz\Manager::initialize();
+// Fall back to database storage where needed.
+if (defined('WP_SESSION_USE_OPTIONS') && WP_SESSION_USE_OPTIONS) {
+    $wp_session_handler->addHandler(new \EAMann\WPSession\OptionsHandler());
+} else {
+    $wp_session_handler->addHandler(new \EAMann\WPSession\DatabaseHandler());
+/**
+ * Print an admin notice if too many plugins are manipulating sessions.
+ *
+ * @global array $wp_session_messages
+ */
+function wp_session_manager_multiple_sessions_notice()
+{
+    global $wp_session_messages;
+    ?>
+    <div class="notice notice-error">
+        <p><?php echo esc_html($wp_session_messages['multiple_sessions']); ?></p>
+    </div>
+    <?php
+}
+// If we have an external object cache, let's use it!
+if (wp_using_ext_object_cache()) {
+    $wp_session_handler->addHandler(new EAMann\WPSession\CacheHandler());
+/**
+ * Print an admin notice if we're on a bad version of PHP.
+ *
+ * @global array $wp_session_messages
+ */
+function wp_session_manager_deactivated_notice()
+{
+    global $wp_session_messages;
+    ?>
+    <div class="notice notice-error">
+        <p><?php echo esc_html($wp_session_messages['bad_php_version']); ?></p>
+    </div>
+    <?php
+}
-// Decrypt the data surfacing from external storage.
-if (defined('WP_SESSION_ENC_KEY') && WP_SESSION_ENC_KEY) {
-    $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\EncryptionHandler(WP_SESSION_ENC_KEY));
+}
-// Use an in-memory cache for the instance if we can. This will only help in rare cases.
-$wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\MemoryHandler());
-// Create the required table.
-add_action('admin_init', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-add_action('wp_session_init', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-add_action('wp_install', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-register_activation_hook(__FILE__, ['EAMann\WPSession\DatabaseHandler', 'createTable']);
 /**
 …
 function wp_session_manager_start_session()
+{
+    $bootstrap = \EAMann\WPSession\DatabaseHandler::createTable();
+    if (! is_wp_error($bootstrap) && session_status() !== PHP_SESSION_ACTIVE) {
+    if (session_status() !== PHP_SESSION_ACTIVE) {
         session_start();
+    }
+}
+// Start up session management, if we're not in the CLI.
+if (!defined('WP_CLI') || false === WP_CLI) {
+    add_action('plugins_loaded', 'wp_session_manager_start_session', 10, 0);
+// WordPress won't enforce the minimum version of PHP for us, so we need to check.
+if (version_compare(PHP_VERSION, WP_SESSION_MINIMUM_PHP_VERSION, '<')) {
+    add_action('admin_notices', 'wp_session_manager_deactivated_notice');
+} else {
+    add_action('plugins_loaded', 'wp_session_manager_initialize', 1, 0);
+    // Start up session management, if we're not in the CLI.
+    if (!defined('WP_CLI') || false === WP_CLI) {
+        add_action('plugins_loaded', 'wp_session_manager_start_session', 10, 0);
+    }
+}

wp-session-manager/trunk/composer.json

r2004699	r2007451
2	2	"name" : "ericmann/wp-session-manager",
3	3	"description" : "Prototype session management for WordPress.",
4		"version" : "4.0.0",
	4	"version" : "4.1.0",
5	5	"type" : "wordpress-plugin",
6	6	"keywords" : ["session"],

wp-session-manager/trunk/includes/DatabaseHandler.php

-                      r2004699
+                      r2007451
      * @param callable $next Next clean operation in the stack.
+     *
-     * @global \wpdb $wpdb
+     *
      * @return mixed
      */
     public function clean($maxlifetime, $next)
+    {
+        self::directClean();
+        return $next($maxlifetime);
+    }
+    /**
+     * Update the database by removing any sessions that are no longer valid
+     *
+     * @global \wpdb $wpdb
+     */
+    public static function directClean()
+    {
         global $wpdb;
 …
             );
+        }
-        return $next($maxlifetime);
+    }
+}

wp-session-manager/trunk/readme.txt

-                      r2004699
+                      r2007451
 Tested up to:      5.0.2
 Requires PHP:      7.1
 Stable tag:        4.0.0
+Stable tag:        4.1.0
 License:           GPLv2 or later
 License URI:       http://www.gnu.org/licenses/gpl-2.0.html
 …
+`
+= I get an error saying my PHP version is out of date. Why? =
+PHP 5.6 was designated end-of-life and stopped receiving security patches in December 2018. PHP 7.0 was _also_ marked end-of-life in December 2018. The minimum version of PHP supported by WP Session Manager is now PHP 7.1.
+If your server is running an older version of PHP, the session system _will not work!_ To avoid triggering a PHP error, the plugin will instead output this notice to upgrade and disable itself silently. You won't see a PHP error, but you also won't get session support.
+Reach out to your hosting provider or system administrator to upgrade your server.
+= I get an error saying another plugin is setting up a session. What can I do? =
+WP Session Manager overrides PHP's default session implementation with its own custom handler. Unfortunately, we can't swap in a new handler if a session is already active. This plugin hooks into the `plugins_loaded` hook to set things up as early as possible, but if you have code in _another_ plugin (or your theme) that attempts to invoke `session_start()` before WP Session Manager loads, then the custom handler won't work at all.
+Inspect your other plugins and try to find the one that's interfering. Then, reach out to the developer to explain the conflict and see if they have a fix.
 == Screenshots ==
 …
 == Changelog ==
+= 4.1.0 =
+* Fix: Add some defense to ensure end users are running the correct version of PHP before loading the system.
+* Fix: Eliminate a race condition where another plugin or the theme created the session first.
+* Fix: Schedule a cron to auto-delete expired sessions.
 = 4.0.0 =

wp-session-manager/trunk/wp-session-manager.php

-                      r2004699
+                      r2007451
  * Plugin URI:  https://paypal.me/eam
  * Description: Session management for WordPress.
  * Version:     4.0.0
+ * Version:     4.1.0
  * Author:      Eric Mann
  * Author URI:  https://eamann.com
 …
  */
+$wp_session_autoload = __DIR__ . '/vendor/autoload.php';
+if (file_exists($wp_session_autoload)) {
+    require_once $wp_session_autoload;
+if (!defined('WP_SESSION_MINIMUM_PHP_VERSION')) {
+    define('WP_SESSION_MINIMUM_PHP_VERSION', '7.1.0');
+}
+if (!class_exists('EAMann\Sessionz\Manager')) {
+    exit('WP Session Manager requires Composer autoloading, which is not configured');
+$wp_session_messages = [
+    'bad_php_version' => sprintf(
+        __(
+            'WP Session Manager requires PHP %s or newer. Please contact your system administrator to upgrade!',
+            'wp-session-manager'
+        ),
+        WP_SESSION_MINIMUM_PHP_VERSION,
+        PHP_VERSION
+    ),
+    'multiple_sessions' => __(
+        'Another plugin is attempting to start a session with WordPress. WP Session Manager will not work!',
+        'wp-session-manager'
+    )
+];
+/**
+ * Initialize the plugin, bootstrap autoloading, and register default hooks
+ */
+function wp_session_manager_initialize()
+{
+    $wp_session_autoload = __DIR__ . '/vendor/autoload.php';
+    if (file_exists($wp_session_autoload)) {
+        require_once $wp_session_autoload;
+    }
+    if (!class_exists('EAMann\Sessionz\Manager')) {
+        exit('WP Session Manager requires Composer autoloading, which is not configured');
+    }
+    if (!isset($_SESSION)) {
+        // Queue up the session stack.
+        $wp_session_handler = EAMann\Sessionz\Manager::initialize();
+        // Fall back to database storage where needed.
+        if (defined('WP_SESSION_USE_OPTIONS') && WP_SESSION_USE_OPTIONS) {
+            $wp_session_handler->addHandler(new \EAMann\WPSession\OptionsHandler());
+        } else {
+            $wp_session_handler->addHandler(new \EAMann\WPSession\DatabaseHandler());
+            /**
+             * The database handler can automatically clean up sessions as it goes. By default,
+             * we'll run the cleanup routine every hour to catch any stale sessions that PHP's
+             * garbage collector happens to miss. This timeout can be filtered to increase or
+             * decrease the frequency of the manual purge.
+             *
+             * @param string $timeout Interval with which to purge stale sessions
+             */
+            $timeout = apply_filters('wp_session_gc_interval', 'hourly');
+            if (!wp_next_scheduled('wp_session_database_gc')) {
+                wp_schedule_event(time(), $timeout, 'wp_session_database_gc');
+            }
+            add_action('wp_session_database_gc', ['EAMann\WPSession\DatabaseHandler', 'directClean']);
+        }
+        // If we have an external object cache, let's use it!
+        if (wp_using_ext_object_cache()) {
+            $wp_session_handler->addHandler(new EAMann\WPSession\CacheHandler());
+        }
+        // Decrypt the data surfacing from external storage.
+        if (defined('WP_SESSION_ENC_KEY') && WP_SESSION_ENC_KEY) {
+            $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\EncryptionHandler(WP_SESSION_ENC_KEY));
+        }
+        // Use an in-memory cache for the instance if we can. This will only help in rare cases.
+        $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\MemoryHandler());
+        $_SESSION['wp_session_manager'] = 'active';
+    }
+    if (! isset($_SESSION['wp_session_manager']) || $_SESSION['wp_session_manager'] !== 'active') {
+        add_action('admin_notices', 'wp_session_manager_multiple_sessions_notice');
+        return;
+    }
+    // Create the required table.
+    \EAMann\WPSession\DatabaseHandler::createTable();
+    register_deactivation_hook(__FILE__, function () {
+        wp_clear_scheduled_hook('wp_session_database_gc');
+    });
+}
+// Queue up the session stack.
+$wp_session_handler = EAMann\Sessionz\Manager::initialize();
+// Fall back to database storage where needed.
+if (defined('WP_SESSION_USE_OPTIONS') && WP_SESSION_USE_OPTIONS) {
+    $wp_session_handler->addHandler(new \EAMann\WPSession\OptionsHandler());
+} else {
+    $wp_session_handler->addHandler(new \EAMann\WPSession\DatabaseHandler());
+/**
+ * Print an admin notice if too many plugins are manipulating sessions.
+ *
+ * @global array $wp_session_messages
+ */
+function wp_session_manager_multiple_sessions_notice()
+{
+    global $wp_session_messages;
+    ?>
+    <div class="notice notice-error">
+        <p><?php echo esc_html($wp_session_messages['multiple_sessions']); ?></p>
+    </div>
+    <?php
+}
+// If we have an external object cache, let's use it!
+if (wp_using_ext_object_cache()) {
+    $wp_session_handler->addHandler(new EAMann\WPSession\CacheHandler());
+/**
+ * Print an admin notice if we're on a bad version of PHP.
+ *
+ * @global array $wp_session_messages
+ */
+function wp_session_manager_deactivated_notice()
+{
+    global $wp_session_messages;
+    ?>
+    <div class="notice notice-error">
+        <p><?php echo esc_html($wp_session_messages['bad_php_version']); ?></p>
+    </div>
+    <?php
+}
-// Decrypt the data surfacing from external storage.
-if (defined('WP_SESSION_ENC_KEY') && WP_SESSION_ENC_KEY) {
-    $wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\EncryptionHandler(WP_SESSION_ENC_KEY));
+}
-// Use an in-memory cache for the instance if we can. This will only help in rare cases.
-$wp_session_handler->addHandler(new \EAMann\Sessionz\Handlers\MemoryHandler());
-// Create the required table.
-add_action('admin_init', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-add_action('wp_session_init', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-add_action('wp_install', ['EAMann\WPSession\DatabaseHandler', 'createTable']);
-register_activation_hook(__FILE__, ['EAMann\WPSession\DatabaseHandler', 'createTable']);
 /**
 …
 function wp_session_manager_start_session()
+{
+    $bootstrap = \EAMann\WPSession\DatabaseHandler::createTable();
+    if (! is_wp_error($bootstrap) && session_status() !== PHP_SESSION_ACTIVE) {
+    if (session_status() !== PHP_SESSION_ACTIVE) {
         session_start();
+    }
+}
+// Start up session management, if we're not in the CLI.
+if (!defined('WP_CLI') || false === WP_CLI) {
+    add_action('plugins_loaded', 'wp_session_manager_start_session', 10, 0);
+// WordPress won't enforce the minimum version of PHP for us, so we need to check.
+if (version_compare(PHP_VERSION, WP_SESSION_MINIMUM_PHP_VERSION, '<')) {
+    add_action('admin_notices', 'wp_session_manager_deactivated_notice');
+} else {
+    add_action('plugins_loaded', 'wp_session_manager_initialize', 1, 0);
+    // Start up session management, if we're not in the CLI.
+    if (!defined('WP_CLI') || false === WP_CLI) {
+        add_action('plugins_loaded', 'wp_session_manager_start_session', 10, 0);
+    }
+}

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: