libs

session.php

Go to the documentation of this file.
00001 <?php
00002 /* SVN FILE: $Id: session.php 8186 2009-06-03 16:22:00Z mark_story $ */
00003 /**
00004  * Session class for Cake.
00005  *
00006  * Cake abstracts the handling of sessions.
00007  * There are several convenient methods to access session information.
00008  * This class is the implementation of those methods.
00009  * They are mostly used by the Session Component.
00010  *
00011  * PHP versions 4 and 5
00012  *
00013  * CakePHP(tm) :  Rapid Development Framework (http://www.cakephp.org)
00014  * Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org)
00015  *
00016  * Licensed under The MIT License
00017  * Redistributions of files must retain the above copyright notice.
00018  *
00019  * @filesource
00020  * @copyright     Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org)
00021  * @link          http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
00022  * @package       cake
00023  * @subpackage    cake.cake.libs
00024  * @since         CakePHP(tm) v .0.10.0.1222
00025  * @version       $Revision: 8186 $
00026  * @modifiedby    $LastChangedBy: mark_story $
00027  * @lastmodified  $Date: 2009-06-03 12:22:00 -0400 (Wed, 03 Jun 2009) $
00028  * @license       http://www.opensource.org/licenses/mit-license.php The MIT License
00029  */
00030 /**
00031  * Database name for cake sessions.
00032  *
00033  */
00034 if (!class_exists('Set')) {
00035     require LIBS . 'set.php';
00036 }
00037 if (!class_exists('Security')) {
00038     require LIBS . 'security.php';
00039 }
00040 /**
00041  * Session class for Cake.
00042  *
00043  * Cake abstracts the handling of sessions. There are several convenient methods to access session information.
00044  * This class is the implementation of those methods. They are mostly used by the Session Component.
00045  *
00046  * @package       cake
00047  * @subpackage    cake.cake.libs
00048  */
00049 class CakeSession extends Object {
00050 /**
00051  * True if the Session is still valid
00052  *
00053  * @var boolean
00054  * @access public
00055  */
00056     var $valid = false;
00057 /**
00058  * Error messages for this session
00059  *
00060  * @var array
00061  * @access public
00062  */
00063     var $error = false;
00064 /**
00065  * User agent string
00066  *
00067  * @var string
00068  * @access protected
00069  */
00070     var $_userAgent = '';
00071 /**
00072  * Path to where the session is active.
00073  *
00074  * @var string
00075  * @access public
00076  */
00077     var $path = '/';
00078 /**
00079  * Error number of last occurred error
00080  *
00081  * @var integer
00082  * @access public
00083  */
00084     var $lastError = null;
00085 /**
00086  * 'Security.level' setting, "high", "medium", or "low".
00087  *
00088  * @var string
00089  * @access public
00090  */
00091     var $security = null;
00092 /**
00093  * Start time for this session.
00094  *
00095  * @var integer
00096  * @access public
00097  */
00098     var $time = false;
00099 /**
00100  * Time when this session becomes invalid.
00101  *
00102  * @var integer
00103  * @access public
00104  */
00105     var $sessionTime = false;
00106 /**
00107  * Keeps track of keys to watch for writes on
00108  *
00109  * @var array
00110  * @access public
00111  */
00112     var $watchKeys = array();
00113 /**
00114  * Current Session id
00115  *
00116  * @var string
00117  * @access public
00118  */
00119     var $id = null;
00120 /**
00121  * Constructor.
00122  *
00123  * @param string $base The base path for the Session
00124  * @param boolean $start Should session be started right now
00125  * @access public
00126  */
00127     function __construct($base = null, $start = true) {
00128         if (Configure::read('Session.save') === 'database' && !class_exists('ConnectionManager')) {
00129             App::import('Core', 'ConnectionManager');
00130         }
00131 
00132         if (Configure::read('Session.checkAgent') === true || Configure::read('Session.checkAgent') === null) {
00133             if (env('HTTP_USER_AGENT') != null) {
00134                 $this->_userAgent = md5(env('HTTP_USER_AGENT') . Configure::read('Security.salt'));
00135             }
00136         }
00137         $this->time = time();
00138 
00139         if ($start === true) {
00140             if (!empty($base)) {
00141                 $this->path = $base;
00142                 if (strpos($base, 'index.php') !== false) {
00143                    $this->path = str_replace('index.php', '', $base);
00144                 }
00145                 if (strpos($base, '?') !== false) {
00146                    $this->path = str_replace('?', '', $base);
00147                 }
00148             }
00149             $this->host = env('HTTP_HOST');
00150 
00151             if (strpos($this->host, ':') !== false) {
00152                 $this->host = substr($this->host, 0, strpos($this->host, ':'));
00153             }
00154             if (!class_exists('Security')) {
00155                 App::import('Core', 'Security');
00156             }
00157             $this->sessionTime = $this->time + (Security::inactiveMins() * Configure::read('Session.timeout'));
00158             $this->security = Configure::read('Security.level');
00159         }
00160         parent::__construct();
00161     }
00162 /**
00163  * Starts the Session.
00164  *
00165  * @param string $name Variable name to check for
00166  * @return boolean True if variable is there
00167  * @access public
00168  */
00169     function start() {
00170         if (function_exists('session_write_close')) {
00171             session_write_close();
00172         }
00173         $this->__initSession();
00174         return $this->__startSession();
00175     }
00176 /**
00177  * Determine if Session has been started.
00178  *
00179  * @access public
00180  * @return boolean True if session has been started.
00181  */
00182     function started() {
00183         if (isset($_SESSION)) {
00184             return true;
00185         }
00186         return false;
00187     }
00188 /**
00189  * Returns true if given variable is set in session.
00190  *
00191  * @param string $name Variable name to check for
00192  * @return boolean True if variable is there
00193  * @access public
00194  */
00195     function check($name) {
00196         $var = $this->__validateKeys($name);
00197         if (empty($var)) {
00198             return false;
00199         }
00200         $result = Set::extract($_SESSION, $var);
00201         return isset($result);
00202     }
00203 /**
00204  * Returns the Session id
00205  *
00206  * @param id $name string
00207  * @return string Session id
00208  * @access public
00209  */
00210     function id($id = null) {
00211         if ($id) {
00212             $this->id = $id;
00213             session_id($this->id);
00214         }
00215         if (isset($_SESSION)) {
00216             return session_id();
00217         } else {
00218             return $this->id;
00219         }
00220     }
00221 /**
00222  * Removes a variable from session.
00223  *
00224  * @param string $name Session variable to remove
00225  * @return boolean Success
00226  * @access public
00227  */
00228     function del($name) {
00229         if ($this->check($name)) {
00230             if ($var = $this->__validateKeys($name)) {
00231                 if (in_array($var, $this->watchKeys)) {
00232                     trigger_error('Deleting session key {' . $var . '}', E_USER_NOTICE);
00233                 }
00234                 $this->__overwrite($_SESSION, Set::remove($_SESSION, $var));
00235                 return ($this->check($var) == false);
00236             }
00237         }
00238         $this->__setError(2, "$name doesn't exist");
00239         return false;
00240     }
00241 /**
00242  * Used to write new data to _SESSION, since PHP doesn't like us setting the _SESSION var itself
00243  *
00244  * @param array $old Set of old variables => values
00245  * @param array $new New set of variable => value
00246  * @access private
00247  */
00248     function __overwrite(&$old, $new) {
00249         if (!empty($old)) {
00250             foreach ($old as $key => $var) {
00251                 if (!isset($new[$key])) {
00252                     unset($old[$key]);
00253                 }
00254             }
00255         }
00256         foreach ($new as $key => $var) {
00257             $old[$key] = $var;
00258         }
00259     }
00260 /**
00261  * Return error description for given error number.
00262  *
00263  * @param integer $errorNumber Error to set
00264  * @return string Error as string
00265  * @access private
00266  */
00267     function __error($errorNumber) {
00268         if (!is_array($this->error) || !array_key_exists($errorNumber, $this->error)) {
00269             return false;
00270         } else {
00271             return $this->error[$errorNumber];
00272         }
00273     }
00274 /**
00275  * Returns last occurred error as a string, if any.
00276  *
00277  * @return mixed Error description as a string, or false.
00278  * @access public
00279  */
00280     function error() {
00281         if ($this->lastError) {
00282             return $this->__error($this->lastError);
00283         } else {
00284             return false;
00285         }
00286     }
00287 /**
00288  * Returns true if session is valid.
00289  *
00290  * @return boolean Success
00291  * @access public
00292  */
00293     function valid() {
00294         if ($this->read('Config')) {
00295             if ((Configure::read('Session.checkAgent') === false || $this->_userAgent == $this->read('Config.userAgent')) && $this->time <= $this->read('Config.time')) {
00296                 if ($this->error === false) {
00297                     $this->valid = true;
00298                 }
00299             } else {
00300                 $this->valid = false;
00301                 $this->__setError(1, 'Session Highjacking Attempted !!!');
00302             }
00303         }
00304         return $this->valid;
00305     }
00306 /**
00307  * Returns given session variable, or all of them, if no parameters given.
00308  *
00309  * @param mixed $name The name of the session variable (or a path as sent to Set.extract)
00310  * @return mixed The value of the session variable
00311  * @access public
00312  */
00313     function read($name = null) {
00314         if (is_null($name)) {
00315             return $this->__returnSessionVars();
00316         }
00317         if (empty($name)) {
00318             return false;
00319         }
00320         $result = Set::extract($_SESSION, $name);
00321 
00322         if (!is_null($result)) {
00323             return $result;
00324         }
00325         $this->__setError(2, "$name doesn't exist");
00326         return null;
00327     }
00328 /**
00329  * Returns all session variables.
00330  *
00331  * @return mixed Full $_SESSION array, or false on error.
00332  * @access private
00333  */
00334     function __returnSessionVars() {
00335         if (!empty($_SESSION)) {
00336             return $_SESSION;
00337         }
00338         $this->__setError(2, "No Session vars set");
00339         return false;
00340     }
00341 /**
00342  * Tells Session to write a notification when a certain session path or subpath is written to
00343  *
00344  * @param mixed $var The variable path to watch
00345  * @return void
00346  * @access public
00347  */
00348     function watch($var) {
00349         $var = $this->__validateKeys($var);
00350         if (empty($var)) {
00351             return false;
00352         }
00353         if (!in_array($var, $this->watchKeys, true)) {
00354             $this->watchKeys[] = $var;
00355         }
00356     }
00357 /**
00358  * Tells Session to stop watching a given key path
00359  *
00360  * @param mixed $var The variable path to watch
00361  * @return void
00362  * @access public
00363  */
00364     function ignore($var) {
00365         $var = $this->__validateKeys($var);
00366         if (!in_array($var, $this->watchKeys)) {
00367             return;
00368         }
00369         foreach ($this->watchKeys as $i => $key) {
00370             if ($key == $var) {
00371                 unset($this->watchKeys[$i]);
00372                 $this->watchKeys = array_values($this->watchKeys);
00373                 return;
00374             }
00375         }
00376     }
00377 /**
00378  * Writes value to given session variable name.
00379  *
00380  * @param mixed $name Name of variable
00381  * @param string $value Value to write
00382  * @return boolean True if the write was successful, false if the write failed
00383  * @access public
00384  */
00385     function write($name, $value) {
00386         $var = $this->__validateKeys($name);
00387 
00388         if (empty($var)) {
00389             return false;
00390         }
00391         if (in_array($var, $this->watchKeys)) {
00392             trigger_error('Writing session key {' . $var . '}: ' . Debugger::exportVar($value), E_USER_NOTICE);
00393         }
00394         $this->__overwrite($_SESSION, Set::insert($_SESSION, $var, $value));
00395         return (Set::extract($_SESSION, $var) === $value);
00396     }
00397 /**
00398  * Helper method to destroy invalid sessions.
00399  *
00400  * @return void
00401  * @access public
00402  */
00403     function destroy() {
00404         $_SESSION = array();
00405         $this->__construct($this->path);
00406         $this->start();
00407         $this->renew();
00408         $this->_checkValid();
00409     }
00410 /**
00411  * Helper method to initialize a session, based on Cake core settings.
00412  *
00413  * @access private
00414  */
00415     function __initSession() {
00416         $iniSet = function_exists('ini_set');
00417 
00418         if ($iniSet && env('HTTPS')) {
00419             ini_set('session.cookie_secure', 1);
00420         }
00421 
00422         switch ($this->security) {
00423             case 'high':
00424                 $this->cookieLifeTime = 0;
00425                 if ($iniSet) {
00426                     ini_set('session.referer_check', $this->host);
00427                 }
00428             break;
00429             case 'medium':
00430                 $this->cookieLifeTime = 7 * 86400;
00431                 if ($iniSet) {
00432                     ini_set('session.referer_check', $this->host);
00433                 }
00434             break;
00435             case 'low':
00436             default:
00437                 $this->cookieLifeTime = 788940000;
00438             break;
00439         }
00440 
00441         switch (Configure::read('Session.save')) {
00442             case 'cake':
00443                 if (empty($_SESSION)) {
00444                     if ($iniSet) {
00445                         ini_set('session.use_trans_sid', 0);
00446                         ini_set('url_rewriter.tags', '');
00447                         ini_set('session.serialize_handler', 'php');
00448                         ini_set('session.use_cookies', 1);
00449                         ini_set('session.name', Configure::read('Session.cookie'));
00450                         ini_set('session.cookie_lifetime', $this->cookieLifeTime);
00451                         ini_set('session.cookie_path', $this->path);
00452                         ini_set('session.auto_start', 0);
00453                         ini_set('session.save_path', TMP . 'sessions');
00454                     }
00455                 }
00456             break;
00457             case 'database':
00458                 if (empty($_SESSION)) {
00459                     if (Configure::read('Session.table') === null) {
00460                         trigger_error(__("You must set the all Configure::write('Session.*') in core.php to use database storage"), E_USER_WARNING);
00461                         exit();
00462                     } elseif (Configure::read('Session.database') === null) {
00463                         Configure::write('Session.database', 'default');
00464                     }
00465                     if ($iniSet) {
00466                         ini_set('session.use_trans_sid', 0);
00467                         ini_set('url_rewriter.tags', '');
00468                         ini_set('session.save_handler', 'user');
00469                         ini_set('session.serialize_handler', 'php');
00470                         ini_set('session.use_cookies', 1);
00471                         ini_set('session.name', Configure::read('Session.cookie'));
00472                         ini_set('session.cookie_lifetime', $this->cookieLifeTime);
00473                         ini_set('session.cookie_path', $this->path);
00474                         ini_set('session.auto_start', 0);
00475                     }
00476                 }
00477                 session_set_save_handler(array('CakeSession','__open'),
00478                                                     array('CakeSession', '__close'),
00479                                                     array('CakeSession', '__read'),
00480                                                     array('CakeSession', '__write'),
00481                                                     array('CakeSession', '__destroy'),
00482                                                     array('CakeSession', '__gc'));
00483             break;
00484             case 'php':
00485                 if (empty($_SESSION)) {
00486                     if ($iniSet) {
00487                         ini_set('session.use_trans_sid', 0);
00488                         ini_set('session.name', Configure::read('Session.cookie'));
00489                         ini_set('session.cookie_lifetime', $this->cookieLifeTime);
00490                         ini_set('session.cookie_path', $this->path);
00491                     }
00492                 }
00493             break;
00494             case 'cache':
00495                 if (empty($_SESSION)) {
00496                     if (!class_exists('Cache')) {
00497                         uses('Cache');
00498                     }
00499                     if ($iniSet) {
00500                         ini_set('session.use_trans_sid', 0);
00501                         ini_set('url_rewriter.tags', '');
00502                         ini_set('session.save_handler', 'user');
00503                         ini_set('session.use_cookies', 1);
00504                         ini_set('session.name', Configure::read('Session.cookie'));
00505                         ini_set('session.cookie_lifetime', $this->cookieLifeTime);
00506                         ini_set('session.cookie_path', $this->path);
00507                     }
00508                 }
00509                 session_set_save_handler(array('CakeSession','__open'),
00510                                                     array('CakeSession', '__close'),
00511                                                     array('Cache', 'read'),
00512                                                     array('Cache', 'write'),
00513                                                     array('Cache', 'delete'),
00514                                                     array('Cache', 'gc'));
00515             break;
00516             default:
00517                 if (empty($_SESSION)) {
00518                     $config = CONFIGS . Configure::read('Session.save') . '.php';
00519 
00520                     if (is_file($config)) {
00521                         require_once ($config);
00522                     }
00523                 }
00524             break;
00525         }
00526     }
00527 /**
00528  * Helper method to start a session
00529  *
00530  * @access private
00531  */
00532     function __startSession() {
00533         if (headers_sent()) {
00534             if (empty($_SESSION)) {
00535                 $_SESSION = array();
00536             }
00537             return false;
00538         } elseif (!isset($_SESSION)) {
00539             session_cache_limiter ("must-revalidate");
00540             session_start();
00541             header ('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
00542             return true;
00543         } else {
00544             session_start();
00545             return true;
00546         }
00547     }
00548 /**
00549  * Helper method to create a new session.
00550  *
00551  * @return void
00552  * @access protected
00553  */
00554     function _checkValid() {
00555         if ($this->read('Config')) {
00556             if ((Configure::read('Session.checkAgent') === false || $this->_userAgent == $this->read('Config.userAgent')) && $this->time <= $this->read('Config.time')) {
00557                 $time = $this->read('Config.time');
00558                 $this->write('Config.time', $this->sessionTime);
00559 
00560                 if (Configure::read('Security.level') === 'high') {
00561                     $check = $this->read('Config.timeout');
00562                     $check = $check - 1;
00563                     $this->write('Config.timeout', $check);
00564 
00565                     if (time() > ($time - (Security::inactiveMins() * Configure::read('Session.timeout')) + 2) || $check < 1) {
00566                         $this->renew();
00567                         $this->write('Config.timeout', 10);
00568                     }
00569                 }
00570                 $this->valid = true;
00571             } else {
00572                 $this->destroy();
00573                 $this->valid = false;
00574                 $this->__setError(1, 'Session Highjacking Attempted !!!');
00575             }
00576         } else {
00577             $this->write('Config.userAgent', $this->_userAgent);
00578             $this->write('Config.time', $this->sessionTime);
00579             $this->write('Config.timeout', 10);
00580             $this->valid = true;
00581             $this->__setError(1, 'Session is valid');
00582         }
00583     }
00584 /**
00585  * Helper method to restart a session.
00586  *
00587  * @return void
00588  * @access private
00589  */
00590     function __regenerateId() {
00591         $oldSessionId = session_id();
00592         if ($oldSessionId) {
00593             $sessionpath = session_save_path();
00594             if (empty($sessionpath)) {
00595                 $sessionpath = "/tmp";
00596             }
00597             if (session_id() != "" || isset($_COOKIE[session_name()])) {
00598                 setcookie(Configure::read('Session.cookie'), '', time() - 42000, $this->path);
00599             }
00600             session_regenerate_id(true);
00601             if (PHP_VERSION < 5.1) {
00602                 $newSessid = session_id();
00603 
00604                 if (function_exists('session_write_close')) {
00605                     session_write_close();
00606                 }
00607                 $this->__initSession();
00608                 session_id($oldSessionId);
00609                 session_start();
00610                 session_destroy();
00611                 $file = $sessionpath . DS . "sess_$oldSessionId";
00612                 @unlink($file);
00613                 $this->__initSession();
00614                 session_id($newSessid);
00615                 session_start();
00616             }
00617         }
00618     }
00619 /**
00620  * Restarts this session.
00621  *
00622  * @access public
00623  */
00624     function renew() {
00625         $this->__regenerateId();
00626     }
00627 /**
00628  * Validate that the $name is in correct dot notation
00629  * example: $name = 'ControllerName.key';
00630  *
00631  * @param string $name Session key names as string.
00632  * @return mixed false is $name is not correct format, or $name if it is correct
00633  * @access private
00634  */
00635     function __validateKeys($name) {
00636         if (is_string($name) && preg_match("/^[ 0-9a-zA-Z._-]*$/", $name)) {
00637             return $name;
00638         }
00639         $this->__setError(3, "$name is not a string");
00640         return false;
00641     }
00642 /**
00643  * Helper method to set an internal error message.
00644  *
00645  * @param integer $errorNumber Number of the error
00646  * @param string $errorMessage Description of the error
00647  * @return void
00648  * @access private
00649  */
00650     function __setError($errorNumber, $errorMessage) {
00651         if ($this->error === false) {
00652             $this->error = array();
00653         }
00654         $this->error[$errorNumber] = $errorMessage;
00655         $this->lastError = $errorNumber;
00656     }
00657 /**
00658  * Method called on open of a database session.
00659  *
00660  * @return boolean Success
00661  * @access private
00662  */
00663     function __open() {
00664         return true;
00665     }
00666 /**
00667  * Method called on close of a database session.
00668  *
00669  * @return boolean Success
00670  * @access private
00671  */
00672     function __close() {
00673         $probability = mt_rand(1, 150);
00674         if ($probability <= 3) {
00675             switch (Configure::read('Session.save')) {
00676                 case 'cache':
00677                     Cache::gc();
00678                 break;
00679                 default:
00680                     CakeSession::__gc();
00681                 break;
00682             }
00683         }
00684         return true;
00685     }
00686 /**
00687  * Method used to read from a database session.
00688  *
00689  * @param mixed $key The key of the value to read
00690  * @return mixed The value of the key or false if it does not exist
00691  * @access private
00692  */
00693     function __read($key) {
00694         $db =& ConnectionManager::getDataSource(Configure::read('Session.database'));
00695         $table = $db->fullTableName(Configure::read('Session.table'), false);
00696         $row = $db->query("SELECT " . $db->name($table.'.data') . " FROM " . $db->name($table) . " WHERE " . $db->name($table.'.id') . " = " . $db->value($key), false);
00697 
00698         if ($row && !isset($row[0][$table]) && isset($row[0][0])) {
00699             $table = 0;
00700         }
00701 
00702         if ($row && $row[0][$table]['data']) {
00703             return $row[0][$table]['data'];
00704         } else {
00705             return false;
00706         }
00707     }
00708 /**
00709  * Helper function called on write for database sessions.
00710  *
00711  * @param mixed $key The name of the var
00712  * @param mixed $value The value of the var
00713  * @return boolean Success
00714  * @access private
00715  */
00716     function __write($key, $value) {
00717         $db =& ConnectionManager::getDataSource(Configure::read('Session.database'));
00718         $table = $db->fullTableName(Configure::read('Session.table'));
00719 
00720         switch (Configure::read('Security.level')) {
00721             case 'high':
00722                 $factor = 10;
00723             break;
00724             case 'medium':
00725                 $factor = 100;
00726             break;
00727             case 'low':
00728                 $factor = 300;
00729             break;
00730             default:
00731                 $factor = 10;
00732             break;
00733         }
00734         $expires = time() +  Configure::read('Session.timeout') * $factor;
00735         $row = $db->query("SELECT COUNT(id) AS count FROM " . $db->name($table) . " WHERE "
00736                                  . $db->name('id') . " = "
00737                                  . $db->value($key), false);
00738 
00739         if ($row[0][0]['count'] > 0) {
00740             $db->execute("UPDATE " . $db->name($table) . " SET " . $db->name('data') . " = "
00741                                 . $db->value($value) . ", " . $db->name('expires') . " = "
00742                                 . $db->value($expires) . " WHERE " . $db->name('id') . " = "
00743                                 . $db->value($key));
00744         } else {
00745             $db->execute("INSERT INTO " . $db->name($table) . " (" . $db->name('data') . ","
00746                                 . $db->name('expires') . "," . $db->name('id')
00747                                 . ") VALUES (" . $db->value($value) . ", " . $db->value($expires) . ", "
00748                                 . $db->value($key) . ")");
00749         }
00750         return true;
00751     }
00752 /**
00753  * Method called on the destruction of a database session.
00754  *
00755  * @param integer $key Key that uniquely identifies session in database
00756  * @return boolean Success
00757  * @access private
00758  */
00759     function __destroy($key) {
00760         $db =& ConnectionManager::getDataSource(Configure::read('Session.database'));
00761         $table = $db->fullTableName(Configure::read('Session.table'));
00762         $db->execute("DELETE FROM " . $db->name($table) . " WHERE " . $db->name($table.'.id') . " = " . $db->value($key));
00763         return true;
00764     }
00765 /**
00766  * Helper function called on gc for database sessions.
00767  *
00768  * @param integer $expires Timestamp (defaults to current time)
00769  * @return boolean Success
00770  * @access private
00771  */
00772     function __gc($expires = null) {
00773         $db =& ConnectionManager::getDataSource(Configure::read('Session.database'));
00774         $table = $db->fullTableName(Configure::read('Session.table'));
00775         $db->execute("DELETE FROM " . $db->name($table) . " WHERE " . $db->name($table.'.expires') . " < ". $db->value(time()));
00776         return true;
00777      }
00778 }
00779 ?>
Generated on Sun Nov 22 00:30:53 2009 for CakePHP 1.2.x.x (v1.2.4.8284) by doxygen 1.4.7