Laclic
/
Souke
Vērot 5
Pievienot zvaigznīti 0
Atdalīts 1
Kods Problēmas 1 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
51 Revīzija
6 Atzari
Koks: b26a5271d1
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'b26a5271d1'
${ noResults }
Souke/vendor/yiisoft/yii2/web/Session.php

873 rindas
30KB
Neapstrādāts Vainot Vēsture 

  1. <?php

  2. /**

  3.  * @link http://www.yiiframework.com/

  4.  * @copyright Copyright (c) 2008 Yii Software LLC

  5.  * @license http://www.yiiframework.com/license/

  6.  */

  7. 

  8. namespace yii\web;

  9. 

  10. use Yii;

  11. use yii\base\Component;

  12. use yii\base\InvalidConfigException;

  13. use yii\base\InvalidParamException;

  14. 

  15. /**

  16.  * Session provides session data management and the related configurations.

  17.  *

  18.  * Session is a Web application component that can be accessed via `Yii::$app->session`.

  19.  *

  20.  * To start the session, call [[open()]]; To complete and send out session data, call [[close()]];

  21.  * To destroy the session, call [[destroy()]].

  22.  *

  23.  * Session can be used like an array to set and get session data. For example,

  24.  *

  25.  * ```php

  26.  * $session = new Session;

  27.  * $session->open();

  28.  * $value1 = $session['name1'];  // get session variable 'name1'

  29.  * $value2 = $session['name2'];  // get session variable 'name2'

  30.  * foreach ($session as $name => $value) // traverse all session variables

  31.  * $session['name3'] = $value3;  // set session variable 'name3'

  32.  * ```

  33.  *

  34.  * Session can be extended to support customized session storage.

  35.  * To do so, override [[useCustomStorage]] so that it returns true, and

  36.  * override these methods with the actual logic about using custom storage:

  37.  * [[openSession()]], [[closeSession()]], [[readSession()]], [[writeSession()]],

  38.  * [[destroySession()]] and [[gcSession()]].

  39.  *

  40.  * Session also supports a special type of session data, called *flash messages*.

  41.  * A flash message is available only in the current request and the next request.

  42.  * After that, it will be deleted automatically. Flash messages are particularly

  43.  * useful for displaying confirmation messages. To use flash messages, simply

  44.  * call methods such as [[setFlash()]], [[getFlash()]].

  45.  *

  46.  * @property array $allFlashes Flash messages (key => message or key => [message1, message2]). This property

  47.  * is read-only.

  48.  * @property array $cookieParams The session cookie parameters. This property is read-only.

  49.  * @property integer $count The number of session variables. This property is read-only.

  50.  * @property string $flash The key identifying the flash message. Note that flash messages and normal session

  51.  * variables share the same name space. If you have a normal session variable using the same name, its value will

  52.  * be overwritten by this method. This property is write-only.

  53.  * @property float $gCProbability The probability (percentage) that the GC (garbage collection) process is

  54.  * started on every session initialization, defaults to 1 meaning 1% chance.

  55.  * @property boolean $hasSessionId Whether the current request has sent the session ID.

  56.  * @property string $id The current session ID.

  57.  * @property boolean $isActive Whether the session has started. This property is read-only.

  58.  * @property SessionIterator $iterator An iterator for traversing the session variables. This property is

  59.  * read-only.

  60.  * @property string $name The current session name.

  61.  * @property string $savePath The current session save path, defaults to '/tmp'.

  62.  * @property integer $timeout The number of seconds after which data will be seen as 'garbage' and cleaned up.

  63.  * The default value is 1440 seconds (or the value of "session.gc_maxlifetime" set in php.ini).

  64.  * @property boolean|null $useCookies The value indicating whether cookies should be used to store session

  65.  * IDs.

  66.  * @property boolean $useCustomStorage Whether to use custom storage. This property is read-only.

  67.  * @property boolean $useTransparentSessionID Whether transparent sid support is enabled or not, defaults to

  68.  * false.

  69.  *

  70.  * @author Qiang Xue <qiang.xue@gmail.com>

  71.  * @since 2.0

  72.  */

  73. class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Countable

  74. {

  75.     /**

  76.      * @var string the name of the session variable that stores the flash message data.

  77.      */

  78.     public $flashParam = '__flash';

  79.     /**

  80.      * @var \SessionHandlerInterface|array an object implementing the SessionHandlerInterface or a configuration array. If set, will be used to provide persistency instead of build-in methods.

  81.      */

  82.     public $handler;

  83. 

  84.     /**

  85.      * @var array parameter-value pairs to override default session cookie parameters that are used for session_set_cookie_params() function

  86.      * Array may have the following possible keys: 'lifetime', 'path', 'domain', 'secure', 'httponly'

  87.      * @see http://www.php.net/manual/en/function.session-set-cookie-params.php

  88.      */

  89.     private $_cookieParams = ['httponly' => true];

  90. 

  91. 

  92.     /**

  93.      * Initializes the application component.

  94.      * This method is required by IApplicationComponent and is invoked by application.

  95.      */

  96.     public function init()

  97.     {

  98.         parent::init();

  99.         register_shutdown_function([$this, 'close']);

  100.         if ($this->getIsActive()) {

  101.             Yii::warning("Session is already started", __METHOD__);

  102.             $this->updateFlashCounters();

  103.         }

  104.     }

  105. 

  106.     /**

  107.      * Returns a value indicating whether to use custom session storage.

  108.      * This method should be overridden to return true by child classes that implement custom session storage.

  109.      * To implement custom session storage, override these methods: [[openSession()]], [[closeSession()]],

  110.      * [[readSession()]], [[writeSession()]], [[destroySession()]] and [[gcSession()]].

  111.      * @return boolean whether to use custom storage.

  112.      */

  113.     public function getUseCustomStorage()

  114.     {

  115.         return false;

  116.     }

  117. 

  118.     /**

  119.      * Starts the session.

  120.      */

  121.     public function open()

  122.     {

  123.         if ($this->getIsActive()) {

  124.             return;

  125.         }

  126. 

  127.         $this->registerSessionHandler();

  128. 

  129.         $this->setCookieParamsInternal();

  130. 

  131.         @session_start();

  132. 

  133.         if ($this->getIsActive()) {

  134.             Yii::info('Session started', __METHOD__);

  135.             $this->updateFlashCounters();

  136.         } else {

  137.             $error = error_get_last();

  138.             $message = isset($error['message']) ? $error['message'] : 'Failed to start session.';

  139.             Yii::error($message, __METHOD__);

  140.         }

  141.     }

  142. 

  143.     /**

  144.      * Registers session handler.

  145.      * @throws \yii\base\InvalidConfigException

  146.      */

  147.     protected function registerSessionHandler()

  148.     {

  149.         if ($this->handler !== null) {

  150.             if (!is_object($this->handler)) {

  151.                 $this->handler = Yii::createObject($this->handler);

  152.             }

  153.             if (!$this->handler instanceof \SessionHandlerInterface) {

  154.                 throw new InvalidConfigException('"' . get_class($this) . '::handler" must implement the SessionHandlerInterface.');

  155.             }

  156.             @session_set_save_handler($this->handler, false);

  157.         } elseif ($this->getUseCustomStorage()) {

  158.             @session_set_save_handler(

  159.                 [$this, 'openSession'],

  160.                 [$this, 'closeSession'],

  161.                 [$this, 'readSession'],

  162.                 [$this, 'writeSession'],

  163.                 [$this, 'destroySession'],

  164.                 [$this, 'gcSession']

  165.             );

  166.         }

  167.     }

  168. 

  169.     /**

  170.      * Ends the current session and store session data.

  171.      */

  172.     public function close()

  173.     {

  174.         if ($this->getIsActive()) {

  175.             @session_write_close();

  176.         }

  177.     }

  178. 

  179.     /**

  180.      * Frees all session variables and destroys all data registered to a session.

  181.      */

  182.     public function destroy()

  183.     {

  184.         if ($this->getIsActive()) {

  185.             @session_unset();

  186.             $sessionId = session_id();

  187.             @session_destroy();

  188.             @session_id($sessionId);

  189.         }

  190.     }

  191. 

  192.     /**

  193.      * @return boolean whether the session has started

  194.      */

  195.     public function getIsActive()

  196.     {

  197.         return session_status() == PHP_SESSION_ACTIVE;

  198.     }

  199. 

  200.     private $_hasSessionId;

  201. 

  202.     /**

  203.      * Returns a value indicating whether the current request has sent the session ID.

  204.      * The default implementation will check cookie and $_GET using the session name.

  205.      * If you send session ID via other ways, you may need to override this method

  206.      * or call [[setHasSessionId()]] to explicitly set whether the session ID is sent.

  207.      * @return boolean whether the current request has sent the session ID.

  208.      */

  209.     public function getHasSessionId()

  210.     {

  211.         if ($this->_hasSessionId === null) {

  212.             $name = $this->getName();

  213.             $request = Yii::$app->getRequest();

  214.             if (!empty($_COOKIE[$name]) && ini_get('session.use_cookies')) {

  215.                 $this->_hasSessionId = true;

  216.             } elseif (!ini_get('session.use_only_cookies') && ini_get('session.use_trans_sid')) {

  217.                 $this->_hasSessionId = $request->get($name) != '';

  218.             } else {

  219.                 $this->_hasSessionId = false;

  220.             }

  221.         }

  222. 

  223.         return $this->_hasSessionId;

  224.     }

  225. 

  226.     /**

  227.      * Sets the value indicating whether the current request has sent the session ID.

  228.      * This method is provided so that you can override the default way of determining

  229.      * whether the session ID is sent.

  230.      * @param boolean $value whether the current request has sent the session ID.

  231.      */

  232.     public function setHasSessionId($value)

  233.     {

  234.         $this->_hasSessionId = $value;

  235.     }

  236. 

  237.     /**

  238.      * Gets the session ID.

  239.      * This is a wrapper for [PHP session_id()](http://php.net/manual/en/function.session-id.php).

  240.      * @return string the current session ID

  241.      */

  242.     public function getId()

  243.     {

  244.         return session_id();

  245.     }

  246. 

  247.     /**

  248.      * Sets the session ID.

  249.      * This is a wrapper for [PHP session_id()](http://php.net/manual/en/function.session-id.php).

  250.      * @param string $value the session ID for the current session

  251.      */

  252.     public function setId($value)

  253.     {

  254.         session_id($value);

  255.     }

  256. 

  257.     /**

  258.      * Updates the current session ID with a newly generated one .

  259.      * Please refer to <http://php.net/session_regenerate_id> for more details.

  260.      * @param boolean $deleteOldSession Whether to delete the old associated session file or not.

  261.      */

  262.     public function regenerateID($deleteOldSession = false)

  263.     {

  264.         // add @ to inhibit possible warning due to race condition

  265.         // https://github.com/yiisoft/yii2/pull/1812

  266.         @session_regenerate_id($deleteOldSession);

  267.     }

  268. 

  269.     /**

  270.      * Gets the name of the current session.

  271.      * This is a wrapper for [PHP session_name()](http://php.net/manual/en/function.session-name.php).

  272.      * @return string the current session name

  273.      */

  274.     public function getName()

  275.     {

  276.         return session_name();

  277.     }

  278. 

  279.     /**

  280.      * Sets the name for the current session.

  281.      * This is a wrapper for [PHP session_name()](http://php.net/manual/en/function.session-name.php).

  282.      * @param string $value the session name for the current session, must be an alphanumeric string.

  283.      * It defaults to "PHPSESSID".

  284.      */

  285.     public function setName($value)

  286.     {

  287.         session_name($value);

  288.     }

  289. 

  290.     /**

  291.      * Gets the current session save path.

  292.      * This is a wrapper for [PHP session_save_path()](http://php.net/manual/en/function.session-save-path.php).

  293.      * @return string the current session save path, defaults to '/tmp'.

  294.      */

  295.     public function getSavePath()

  296.     {

  297.         return session_save_path();

  298.     }

  299. 

  300.     /**

  301.      * Sets the current session save path.

  302.      * This is a wrapper for [PHP session_save_path()](http://php.net/manual/en/function.session-save-path.php).

  303.      * @param string $value the current session save path. This can be either a directory name or a path alias.

  304.      * @throws InvalidParamException if the path is not a valid directory

  305.      */

  306.     public function setSavePath($value)

  307.     {

  308.         $path = Yii::getAlias($value);

  309.         if (is_dir($path)) {

  310.             session_save_path($path);

  311.         } else {

  312.             throw new InvalidParamException("Session save path is not a valid directory: $value");

  313.         }

  314.     }

  315. 

  316.     /**

  317.      * @return array the session cookie parameters.

  318.      * @see http://php.net/manual/en/function.session-get-cookie-params.php

  319.      */

  320.     public function getCookieParams()

  321.     {

  322.         return array_merge(session_get_cookie_params(), array_change_key_case($this->_cookieParams));

  323.     }

  324. 

  325.     /**

  326.      * Sets the session cookie parameters.

  327.      * The cookie parameters passed to this method will be merged with the result

  328.      * of `session_get_cookie_params()`.

  329.      * @param array $value cookie parameters, valid keys include: `lifetime`, `path`, `domain`, `secure` and `httponly`.

  330.      * @throws InvalidParamException if the parameters are incomplete.

  331.      * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php

  332.      */

  333.     public function setCookieParams(array $value)

  334.     {

  335.         $this->_cookieParams = $value;

  336.     }

  337. 

  338.     /**

  339.      * Sets the session cookie parameters.

  340.      * This method is called by [[open()]] when it is about to open the session.

  341.      * @throws InvalidParamException if the parameters are incomplete.

  342.      * @see http://us2.php.net/manual/en/function.session-set-cookie-params.php

  343.      */

  344.     private function setCookieParamsInternal()

  345.     {

  346.         $data = $this->getCookieParams();

  347.         extract($data);

  348.         if (isset($lifetime, $path, $domain, $secure, $httponly)) {

  349.             session_set_cookie_params($lifetime, $path, $domain, $secure, $httponly);

  350.         } else {

  351.             throw new InvalidParamException('Please make sure cookieParams contains these elements: lifetime, path, domain, secure and httponly.');

  352.         }

  353.     }

  354. 

  355.     /**

  356.      * Returns the value indicating whether cookies should be used to store session IDs.

  357.      * @return boolean|null the value indicating whether cookies should be used to store session IDs.

  358.      * @see setUseCookies()

  359.      */

  360.     public function getUseCookies()

  361.     {

  362.         if (ini_get('session.use_cookies') === '0') {

  363.             return false;

  364.         } elseif (ini_get('session.use_only_cookies') === '1') {

  365.             return true;

  366.         } else {

  367.             return null;

  368.         }

  369.     }

  370. 

  371.     /**

  372.      * Sets the value indicating whether cookies should be used to store session IDs.

  373.      * Three states are possible:

  374.      *

  375.      * - true: cookies and only cookies will be used to store session IDs.

  376.      * - false: cookies will not be used to store session IDs.

  377.      * - null: if possible, cookies will be used to store session IDs; if not, other mechanisms will be used (e.g. GET parameter)

  378.      *

  379.      * @param boolean|null $value the value indicating whether cookies should be used to store session IDs.

  380.      */

  381.     public function setUseCookies($value)

  382.     {

  383.         if ($value === false) {

  384.             ini_set('session.use_cookies', '0');

  385.             ini_set('session.use_only_cookies', '0');

  386.         } elseif ($value === true) {

  387.             ini_set('session.use_cookies', '1');

  388.             ini_set('session.use_only_cookies', '1');

  389.         } else {

  390.             ini_set('session.use_cookies', '1');

  391.             ini_set('session.use_only_cookies', '0');

  392.         }

  393.     }

  394. 

  395.     /**

  396.      * @return float the probability (percentage) that the GC (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance.

  397.      */

  398.     public function getGCProbability()

  399.     {

  400.         return (float) (ini_get('session.gc_probability') / ini_get('session.gc_divisor') * 100);

  401.     }

  402. 

  403.     /**

  404.      * @param float $value the probability (percentage) that the GC (garbage collection) process is started on every session initialization.

  405.      * @throws InvalidParamException if the value is not between 0 and 100.

  406.      */

  407.     public function setGCProbability($value)

  408.     {

  409.         if ($value >= 0 && $value <= 100) {

  410.             // percent * 21474837 / 2147483647 ≈ percent * 0.01

  411.             ini_set('session.gc_probability', floor($value * 21474836.47));

  412.             ini_set('session.gc_divisor', 2147483647);

  413.         } else {

  414.             throw new InvalidParamException('GCProbability must be a value between 0 and 100.');

  415.         }

  416.     }

  417. 

  418.     /**

  419.      * @return boolean whether transparent sid support is enabled or not, defaults to false.

  420.      */

  421.     public function getUseTransparentSessionID()

  422.     {

  423.         return ini_get('session.use_trans_sid') == 1;

  424.     }

  425. 

  426.     /**

  427.      * @param boolean $value whether transparent sid support is enabled or not.

  428.      */

  429.     public function setUseTransparentSessionID($value)

  430.     {

  431.         ini_set('session.use_trans_sid', $value ? '1' : '0');

  432.     }

  433. 

  434.     /**

  435.      * @return integer the number of seconds after which data will be seen as 'garbage' and cleaned up.

  436.      * The default value is 1440 seconds (or the value of "session.gc_maxlifetime" set in php.ini).

  437.      */

  438.     public function getTimeout()

  439.     {

  440.         return (int) ini_get('session.gc_maxlifetime');

  441.     }

  442. 

  443.     /**

  444.      * @param integer $value the number of seconds after which data will be seen as 'garbage' and cleaned up

  445.      */

  446.     public function setTimeout($value)

  447.     {

  448.         ini_set('session.gc_maxlifetime', $value);

  449.     }

  450. 

  451.     /**

  452.      * Session open handler.

  453.      * This method should be overridden if [[useCustomStorage]] returns true.

  454.      * Do not call this method directly.

  455.      * @param string $savePath session save path

  456.      * @param string $sessionName session name

  457.      * @return boolean whether session is opened successfully

  458.      */

  459.     public function openSession($savePath, $sessionName)

  460.     {

  461.         return true;

  462.     }

  463. 

  464.     /**

  465.      * Session close handler.

  466.      * This method should be overridden if [[useCustomStorage]] returns true.

  467.      * Do not call this method directly.

  468.      * @return boolean whether session is closed successfully

  469.      */

  470.     public function closeSession()

  471.     {

  472.         return true;

  473.     }

  474. 

  475.     /**

  476.      * Session read handler.

  477.      * This method should be overridden if [[useCustomStorage]] returns true.

  478.      * Do not call this method directly.

  479.      * @param string $id session ID

  480.      * @return string the session data

  481.      */

  482.     public function readSession($id)

  483.     {

  484.         return '';

  485.     }

  486. 

  487.     /**

  488.      * Session write handler.

  489.      * This method should be overridden if [[useCustomStorage]] returns true.

  490.      * Do not call this method directly.

  491.      * @param string $id session ID

  492.      * @param string $data session data

  493.      * @return boolean whether session write is successful

  494.      */

  495.     public function writeSession($id, $data)

  496.     {

  497.         return true;

  498.     }

  499. 

  500.     /**

  501.      * Session destroy handler.

  502.      * This method should be overridden if [[useCustomStorage]] returns true.

  503.      * Do not call this method directly.

  504.      * @param string $id session ID

  505.      * @return boolean whether session is destroyed successfully

  506.      */

  507.     public function destroySession($id)

  508.     {

  509.         return true;

  510.     }

  511. 

  512.     /**

  513.      * Session GC (garbage collection) handler.

  514.      * This method should be overridden if [[useCustomStorage]] returns true.

  515.      * Do not call this method directly.

  516.      * @param integer $maxLifetime the number of seconds after which data will be seen as 'garbage' and cleaned up.

  517.      * @return boolean whether session is GCed successfully

  518.      */

  519.     public function gcSession($maxLifetime)

  520.     {

  521.         return true;

  522.     }

  523. 

  524.     /**

  525.      * Returns an iterator for traversing the session variables.

  526.      * This method is required by the interface [[\IteratorAggregate]].

  527.      * @return SessionIterator an iterator for traversing the session variables.

  528.      */

  529.     public function getIterator()

  530.     {

  531.         $this->open();

  532.         return new SessionIterator;

  533.     }

  534. 

  535.     /**

  536.      * Returns the number of items in the session.

  537.      * @return integer the number of session variables

  538.      */

  539.     public function getCount()

  540.     {

  541.         $this->open();

  542.         return count($_SESSION);

  543.     }

  544. 

  545.     /**

  546.      * Returns the number of items in the session.

  547.      * This method is required by [[\Countable]] interface.

  548.      * @return integer number of items in the session.

  549.      */

  550.     public function count()

  551.     {

  552.         return $this->getCount();

  553.     }

  554. 

  555.     /**

  556.      * Returns the session variable value with the session variable name.

  557.      * If the session variable does not exist, the `$defaultValue` will be returned.

  558.      * @param string $key the session variable name

  559.      * @param mixed $defaultValue the default value to be returned when the session variable does not exist.

  560.      * @return mixed the session variable value, or $defaultValue if the session variable does not exist.

  561.      */

  562.     public function get($key, $defaultValue = null)

  563.     {

  564.         $this->open();

  565.         return isset($_SESSION[$key]) ? $_SESSION[$key] : $defaultValue;

  566.     }

  567. 

  568.     /**

  569.      * Adds a session variable.

  570.      * If the specified name already exists, the old value will be overwritten.

  571.      * @param string $key session variable name

  572.      * @param mixed $value session variable value

  573.      */

  574.     public function set($key, $value)

  575.     {

  576.         $this->open();

  577.         $_SESSION[$key] = $value;

  578.     }

  579. 

  580.     /**

  581.      * Removes a session variable.

  582.      * @param string $key the name of the session variable to be removed

  583.      * @return mixed the removed value, null if no such session variable.

  584.      */

  585.     public function remove($key)

  586.     {

  587.         $this->open();

  588.         if (isset($_SESSION[$key])) {

  589.             $value = $_SESSION[$key];

  590.             unset($_SESSION[$key]);

  591. 

  592.             return $value;

  593.         } else {

  594.             return null;

  595.         }

  596.     }

  597. 

  598.     /**

  599.      * Removes all session variables

  600.      */

  601.     public function removeAll()

  602.     {

  603.         $this->open();

  604.         foreach (array_keys($_SESSION) as $key) {

  605.             unset($_SESSION[$key]);

  606.         }

  607.     }

  608. 

  609.     /**

  610.      * @param mixed $key session variable name

  611.      * @return boolean whether there is the named session variable

  612.      */

  613.     public function has($key)

  614.     {

  615.         $this->open();

  616.         return isset($_SESSION[$key]);

  617.     }

  618. 

  619.     /**

  620.      * Updates the counters for flash messages and removes outdated flash messages.

  621.      * This method should only be called once in [[init()]].

  622.      */

  623.     protected function updateFlashCounters()

  624.     {

  625.         $counters = $this->get($this->flashParam, []);

  626.         if (is_array($counters)) {

  627.             foreach ($counters as $key => $count) {

  628.                 if ($count > 0) {

  629.                     unset($counters[$key], $_SESSION[$key]);

  630.                 } elseif ($count == 0) {

  631.                     $counters[$key]++;

  632.                 }

  633.             }

  634.             $_SESSION[$this->flashParam] = $counters;

  635.         } else {

  636.             // fix the unexpected problem that flashParam doesn't return an array

  637.             unset($_SESSION[$this->flashParam]);

  638.         }

  639.     }

  640. 

  641.     /**

  642.      * Returns a flash message.

  643.      * @param string $key the key identifying the flash message

  644.      * @param mixed $defaultValue value to be returned if the flash message does not exist.

  645.      * @param boolean $delete whether to delete this flash message right after this method is called.

  646.      * If false, the flash message will be automatically deleted in the next request.

  647.      * @return mixed the flash message or an array of messages if addFlash was used

  648.      * @see setFlash()

  649.      * @see addFlash()

  650.      * @see hasFlash()

  651.      * @see getAllFlashes()

  652.      * @see removeFlash()

  653.      */

  654.     public function getFlash($key, $defaultValue = null, $delete = false)

  655.     {

  656.         $counters = $this->get($this->flashParam, []);

  657.         if (isset($counters[$key])) {

  658.             $value = $this->get($key, $defaultValue);

  659.             if ($delete) {

  660.                 $this->removeFlash($key);

  661.             } elseif ($counters[$key] < 0) {

  662.                 // mark for deletion in the next request

  663.                 $counters[$key] = 1;

  664.                 $_SESSION[$this->flashParam] = $counters;

  665.             }

  666. 

  667.             return $value;

  668.         } else {

  669.             return $defaultValue;

  670.         }

  671.     }

  672. 

  673.     /**

  674.      * Returns all flash messages.

  675.      *

  676.      * You may use this method to display all the flash messages in a view file:

  677.      *

  678.      * ```php

  679.      * <?php

  680.      * foreach (Yii::$app->session->getAllFlashes() as $key => $message) {

  681.      *     echo '<div class="alert alert-' . $key . '">' . $message . '</div>';

  682.      * } ?>

  683.      * ```

  684.      *

  685.      * With the above code you can use the [bootstrap alert][] classes such as `success`, `info`, `danger`

  686.      * as the flash message key to influence the color of the div.

  687.      *

  688.      * Note that if you use [[addFlash()]], `$message` will be an array, and you will have to adjust the above code.

  689.      *

  690.      * [bootstrap alert]: http://getbootstrap.com/components/#alerts

  691.      *

  692.      * @param boolean $delete whether to delete the flash messages right after this method is called.

  693.      * If false, the flash messages will be automatically deleted in the next request.

  694.      * @return array flash messages (key => message or key => [message1, message2]).

  695.      * @see setFlash()

  696.      * @see addFlash()

  697.      * @see getFlash()

  698.      * @see hasFlash()

  699.      * @see removeFlash()

  700.      */

  701.     public function getAllFlashes($delete = false)

  702.     {

  703.         $counters = $this->get($this->flashParam, []);

  704.         $flashes = [];

  705.         foreach (array_keys($counters) as $key) {

  706.             if (array_key_exists($key, $_SESSION)) {

  707.                 $flashes[$key] = $_SESSION[$key];

  708.                 if ($delete) {

  709.                     unset($counters[$key], $_SESSION[$key]);

  710.                 } elseif ($counters[$key] < 0) {

  711.                     // mark for deletion in the next request

  712.                     $counters[$key] = 1;

  713.                 }

  714.             } else {

  715.                 unset($counters[$key]);

  716.             }

  717.         }

  718. 

  719.         $_SESSION[$this->flashParam] = $counters;

  720. 

  721.         return $flashes;

  722.     }

  723. 

  724.     /**

  725.      * Sets a flash message.

  726.      * A flash message will be automatically deleted after it is accessed in a request and the deletion will happen

  727.      * in the next request.

  728.      * If there is already an existing flash message with the same key, it will be overwritten by the new one.

  729.      * @param string $key the key identifying the flash message. Note that flash messages

  730.      * and normal session variables share the same name space. If you have a normal

  731.      * session variable using the same name, its value will be overwritten by this method.

  732.      * @param mixed $value flash message

  733.      * @param boolean $removeAfterAccess whether the flash message should be automatically removed only if

  734.      * it is accessed. If false, the flash message will be automatically removed after the next request,

  735.      * regardless if it is accessed or not. If true (default value), the flash message will remain until after

  736.      * it is accessed.

  737.      * @see getFlash()

  738.      * @see addFlash()

  739.      * @see removeFlash()

  740.      */

  741.     public function setFlash($key, $value = true, $removeAfterAccess = true)

  742.     {

  743.         $counters = $this->get($this->flashParam, []);

  744.         $counters[$key] = $removeAfterAccess ? -1 : 0;

  745.         $_SESSION[$key] = $value;

  746.         $_SESSION[$this->flashParam] = $counters;

  747.     }

  748. 

  749.     /**

  750.      * Adds a flash message.

  751.      * If there are existing flash messages with the same key, the new one will be appended to the existing message array.

  752.      * @param string $key the key identifying the flash message.

  753.      * @param mixed $value flash message

  754.      * @param boolean $removeAfterAccess whether the flash message should be automatically removed only if

  755.      * it is accessed. If false, the flash message will be automatically removed after the next request,

  756.      * regardless if it is accessed or not. If true (default value), the flash message will remain until after

  757.      * it is accessed.

  758.      * @see getFlash()

  759.      * @see setFlash()

  760.      * @see removeFlash()

  761.      */

  762.     public function addFlash($key, $value = true, $removeAfterAccess = true)

  763.     {

  764.         $counters = $this->get($this->flashParam, []);

  765.         $counters[$key] = $removeAfterAccess ? -1 : 0;

  766.         $_SESSION[$this->flashParam] = $counters;

  767.         if (empty($_SESSION[$key])) {

  768.             $_SESSION[$key] = [$value];

  769.         } else {

  770.             if (is_array($_SESSION[$key])) {

  771.                 $_SESSION[$key][] = $value;

  772.             } else {

  773.                 $_SESSION[$key] = [$_SESSION[$key], $value];

  774.             }

  775.         }

  776.     }

  777. 

  778.     /**

  779.      * Removes a flash message.

  780.      * @param string $key the key identifying the flash message. Note that flash messages

  781.      * and normal session variables share the same name space.  If you have a normal

  782.      * session variable using the same name, it will be removed by this method.

  783.      * @return mixed the removed flash message. Null if the flash message does not exist.

  784.      * @see getFlash()

  785.      * @see setFlash()

  786.      * @see addFlash()

  787.      * @see removeAllFlashes()

  788.      */

  789.     public function removeFlash($key)

  790.     {

  791.         $counters = $this->get($this->flashParam, []);

  792.         $value = isset($_SESSION[$key], $counters[$key]) ? $_SESSION[$key] : null;

  793.         unset($counters[$key], $_SESSION[$key]);

  794.         $_SESSION[$this->flashParam] = $counters;

  795. 

  796.         return $value;

  797.     }

  798. 

  799.     /**

  800.      * Removes all flash messages.

  801.      * Note that flash messages and normal session variables share the same name space.

  802.      * If you have a normal session variable using the same name, it will be removed

  803.      * by this method.

  804.      * @see getFlash()

  805.      * @see setFlash()

  806.      * @see addFlash()

  807.      * @see removeFlash()

  808.      */

  809.     public function removeAllFlashes()

  810.     {

  811.         $counters = $this->get($this->flashParam, []);

  812.         foreach (array_keys($counters) as $key) {

  813.             unset($_SESSION[$key]);

  814.         }

  815.         unset($_SESSION[$this->flashParam]);

  816.     }

  817. 

  818.     /**

  819.      * Returns a value indicating whether there are flash messages associated with the specified key.

  820.      * @param string $key key identifying the flash message type

  821.      * @return boolean whether any flash messages exist under specified key

  822.      */

  823.     public function hasFlash($key)

  824.     {

  825.         return $this->getFlash($key) !== null;

  826.     }

  827. 

  828.     /**

  829.      * This method is required by the interface [[\ArrayAccess]].

  830.      * @param mixed $offset the offset to check on

  831.      * @return boolean

  832.      */

  833.     public function offsetExists($offset)

  834.     {

  835.         $this->open();

  836. 

  837.         return isset($_SESSION[$offset]);

  838.     }

  839. 

  840.     /**

  841.      * This method is required by the interface [[\ArrayAccess]].

  842.      * @param integer $offset the offset to retrieve element.

  843.      * @return mixed the element at the offset, null if no element is found at the offset

  844.      */

  845.     public function offsetGet($offset)

  846.     {

  847.         $this->open();

  848. 

  849.         return isset($_SESSION[$offset]) ? $_SESSION[$offset] : null;

  850.     }

  851. 

  852.     /**

  853.      * This method is required by the interface [[\ArrayAccess]].

  854.      * @param integer $offset the offset to set element

  855.      * @param mixed $item the element value

  856.      */

  857.     public function offsetSet($offset, $item)

  858.     {

  859.         $this->open();

  860.         $_SESSION[$offset] = $item;

  861.     }

  862. 

  863.     /**

  864.      * This method is required by the interface [[\ArrayAccess]].

  865.      * @param mixed $offset the offset to unset element

  866.      */

  867.     public function offsetUnset($offset)

  868.     {

  869.         $this->open();

  870.         unset($_SESSION[$offset]);

  871.     }

  872. }