123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205 |
- <?php
- /**
- * Implements hook_menu().
- */
- function session_test_menu() {
- $items['session-test/get'] = array(
- 'title' => 'Session value',
- 'page callback' => '_session_test_get',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/id'] = array(
- 'title' => 'Session ID',
- 'page callback' => '_session_test_id',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/id-from-cookie'] = array(
- 'title' => 'Session ID from cookie',
- 'page callback' => '_session_test_id_from_cookie',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/set/%'] = array(
- 'title' => 'Set session value',
- 'page callback' => '_session_test_set',
- 'page arguments' => array(2),
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/no-set/%'] = array(
- 'title' => 'Set session value but do not save session',
- 'page callback' => '_session_test_no_set',
- 'page arguments' => array(2),
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/set-message'] = array(
- 'title' => 'Set message',
- 'page callback' => '_session_test_set_message',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/set-message-but-dont-save'] = array(
- 'title' => 'Set message but do not save session',
- 'page callback' => '_session_test_set_message_but_dont_save',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/set-not-started'] = array(
- 'title' => 'Set message when session is not started',
- 'page callback' => '_session_test_set_not_started',
- 'access arguments' => array('access content'),
- 'type' => MENU_CALLBACK,
- );
- $items['session-test/is-logged-in'] = array(
- 'title' => 'Check if user is logged in',
- 'page callback' => '_session_test_is_logged_in',
- 'access callback' => 'user_is_logged_in',
- 'type' => MENU_CALLBACK,
- );
- return $items;
- }
- /**
- * It's very unusual to do anything outside of a function / hook, but in this
- * case we want to simulate a given session.cookie_samesite setting in php.ini
- * or via ini_set() in settings.php. This would almost never be a good idea
- * outside of a test scenario.
- */
- if (isset($_SERVER['HTTP_X_SESSION_COOKIE_INI_SET'])) {
- if (in_array($_SERVER['HTTP_X_SESSION_COOKIE_INI_SET'], array('None', 'Lax', 'Strict', '*EMPTY*'))) {
- $value = ($_SERVER['HTTP_X_SESSION_COOKIE_INI_SET'] == '*EMPTY*') ? '' : $_SERVER['HTTP_X_SESSION_COOKIE_INI_SET'];
- ini_set('session.cookie_samesite', $value);
- }
- }
- /**
- * Implements hook_boot().
- */
- function session_test_boot() {
- header('X-Session-Empty: ' . intval(empty($_SESSION)));
- }
- /**
- * Page callback, prints the stored session value to the screen.
- */
- function _session_test_get() {
- if (!empty($_SESSION['session_test_value'])) {
- return t('The current value of the stored session variable is: %val', array('%val' => $_SESSION['session_test_value']));
- }
- else {
- return "";
- }
- }
- /**
- * Page callback, stores a value in $_SESSION['session_test_value'].
- */
- function _session_test_set($value) {
- $_SESSION['session_test_value'] = $value;
- return t('The current value of the stored session variable has been set to %val', array('%val' => $value));
- }
- /**
- * Menu callback: turns off session saving and then tries to save a value
- * anyway.
- */
- function _session_test_no_set($value) {
- drupal_save_session(FALSE);
- _session_test_set($value);
- return t('session saving was disabled, and then %val was set', array('%val' => $value));
- }
- /**
- * Menu callback: print the current session ID.
- */
- function _session_test_id() {
- // Set a value in $_SESSION, so that drupal_session_commit() will start
- // a session.
- $_SESSION['test'] = 'test';
- drupal_session_commit();
- return 'session_id:' . session_id() . "\n";
- }
- /**
- * Menu callback: print the current session ID as read from the cookie.
- */
- function _session_test_id_from_cookie() {
- return 'session_id:' . $_COOKIE[session_name()] . "\n";
- }
- /**
- * Menu callback, sets a message to me displayed on the following page.
- */
- function _session_test_set_message() {
- drupal_set_message(t('This is a dummy message.'));
- print t('A message was set.');
- // Do not return anything, so the current request does not result in a themed
- // page with messages. The message will be displayed in the following request
- // instead.
- }
- /**
- * Menu callback, sets a message but call drupal_save_session(FALSE).
- */
- function _session_test_set_message_but_dont_save() {
- drupal_save_session(FALSE);
- _session_test_set_message();
- }
- /**
- * Menu callback, stores a value in $_SESSION['session_test_value'] without
- * having started the session in advance.
- */
- function _session_test_set_not_started() {
- if (!drupal_session_will_start()) {
- $_SESSION['session_test_value'] = t('Session was not started');
- }
- }
- /**
- * Implements hook_user().
- */
- function session_test_user_login($edit = array(), $user = NULL) {
- if ($user->name == 'session_test_user') {
- // Exit so we can verify that the session was regenerated
- // before hook_user() was called.
- exit;
- }
- }
- /**
- * Implements hook_form_FORM_ID_alter().
- */
- function session_test_form_user_login_alter(&$form) {
- $form['#https'] = TRUE;
- }
- /**
- * Implements hook_drupal_goto_alter().
- *
- * Force the redirection to go to a non-secure page after being on a secure
- * page through https.php.
- */
- function session_test_drupal_goto_alter(&$path, &$options, &$http_response_code) {
- global $base_insecure_url, $is_https_mock;
- // Alter the redirect to use HTTP when using a mock HTTPS request through
- // https.php because form submissions would otherwise redirect to a
- // non-existent HTTPS site.
- if (!empty($is_https_mock)) {
- $path = $base_insecure_url . '/' . $path;
- }
- }
- /**
- * Menu callback, only available if current user is logged in.
- */
- function _session_test_is_logged_in() {
- return t('User is logged in.');
- }
|