Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* Session API: WP_User_Meta_Session_Tokens class

[2] Fix | Delete

[3] Fix | Delete

* @package WordPress

[4] Fix | Delete

* @subpackage Session

[5] Fix | Delete

* @since 4.7.0

[6] Fix | Delete

[7] Fix | Delete

[8] Fix | Delete

/**

[9] Fix | Delete

* Meta-based user sessions token manager.

[10] Fix | Delete

[11] Fix | Delete

* @since 4.0.0

[12] Fix | Delete

[13] Fix | Delete

* @see WP_Session_Tokens

[14] Fix | Delete

[15] Fix | Delete

class WP_User_Meta_Session_Tokens extends WP_Session_Tokens {

[16] Fix | Delete

[17] Fix | Delete

/**

[18] Fix | Delete

* Retrieves all sessions of the user.

[19] Fix | Delete

[20] Fix | Delete

* @since 4.0.0

[21] Fix | Delete

[22] Fix | Delete

* @return array Sessions of the user.

[23] Fix | Delete

[24] Fix | Delete

protected function get_sessions() {

[25] Fix | Delete

$sessions = get_user_meta( $this->user_id, 'session_tokens', true );

[26] Fix | Delete

[27] Fix | Delete

if ( ! is_array( $sessions ) ) {

[28] Fix | Delete

return array();

[29] Fix | Delete

}

[30] Fix | Delete

[31] Fix | Delete

$sessions = array_map( array( $this, 'prepare_session' ), $sessions );

[32] Fix | Delete

return array_filter( $sessions, array( $this, 'is_still_valid' ) );

[33] Fix | Delete

}

[34] Fix | Delete

[35] Fix | Delete

/**

[36] Fix | Delete

* Converts an expiration to an array of session information.

[37] Fix | Delete

[38] Fix | Delete

* @param mixed $session Session or expiration.

[39] Fix | Delete

* @return array Session.

[40] Fix | Delete

[41] Fix | Delete

protected function prepare_session( $session ) {

[42] Fix | Delete

if ( is_int( $session ) ) {

[43] Fix | Delete

return array( 'expiration' => $session );

[44] Fix | Delete

}

[45] Fix | Delete

[46] Fix | Delete

return $session;

[47] Fix | Delete

}

[48] Fix | Delete

[49] Fix | Delete

/**

[50] Fix | Delete

* Retrieves a session based on its verifier (token hash).

[51] Fix | Delete

[52] Fix | Delete

* @since 4.0.0

[53] Fix | Delete

[54] Fix | Delete

* @param string $verifier Verifier for the session to retrieve.

[55] Fix | Delete

* @return array|null The session, or null if it does not exist

[56] Fix | Delete

[57] Fix | Delete

protected function get_session( $verifier ) {

[58] Fix | Delete

$sessions = $this->get_sessions();

[59] Fix | Delete

[60] Fix | Delete

if ( isset( $sessions[ $verifier ] ) ) {

[61] Fix | Delete

return $sessions[ $verifier ];

[62] Fix | Delete

}

[63] Fix | Delete

[64] Fix | Delete

return null;

[65] Fix | Delete

}

[66] Fix | Delete

[67] Fix | Delete

/**

[68] Fix | Delete

* Updates a session based on its verifier (token hash).

[69] Fix | Delete

[70] Fix | Delete

* @since 4.0.0

[71] Fix | Delete

[72] Fix | Delete

* @param string $verifier Verifier for the session to update.

[73] Fix | Delete

* @param array $session Optional. Session. Omitting this argument destroys the session.

[74] Fix | Delete

[75] Fix | Delete

protected function update_session( $verifier, $session = null ) {

[76] Fix | Delete

$sessions = $this->get_sessions();

[77] Fix | Delete

[78] Fix | Delete

if ( $session ) {

[79] Fix | Delete

$sessions[ $verifier ] = $session;

[80] Fix | Delete

} else {

[81] Fix | Delete

unset( $sessions[ $verifier ] );

[82] Fix | Delete

}

[83] Fix | Delete

[84] Fix | Delete

$this->update_sessions( $sessions );

[85] Fix | Delete

}

[86] Fix | Delete

[87] Fix | Delete

/**

[88] Fix | Delete

* Updates the user's sessions in the usermeta table.

[89] Fix | Delete

[90] Fix | Delete

* @since 4.0.0

[91] Fix | Delete

[92] Fix | Delete

* @param array $sessions Sessions.

[93] Fix | Delete

[94] Fix | Delete

protected function update_sessions( $sessions ) {

[95] Fix | Delete

if ( $sessions ) {

[96] Fix | Delete

update_user_meta( $this->user_id, 'session_tokens', $sessions );

[97] Fix | Delete

} else {

[98] Fix | Delete

delete_user_meta( $this->user_id, 'session_tokens' );

[99] Fix | Delete

}

[100] Fix | Delete

}

[101] Fix | Delete

[102] Fix | Delete

/**

[103] Fix | Delete

* Destroys all sessions for this user, except the single session with the given verifier.

[104] Fix | Delete

[105] Fix | Delete

* @since 4.0.0

[106] Fix | Delete

[107] Fix | Delete

* @param string $verifier Verifier of the session to keep.

[108] Fix | Delete

[109] Fix | Delete

protected function destroy_other_sessions( $verifier ) {

[110] Fix | Delete

$session = $this->get_session( $verifier );

[111] Fix | Delete

$this->update_sessions( array( $verifier => $session ) );

[112] Fix | Delete

}

[113] Fix | Delete

[114] Fix | Delete

/**

[115] Fix | Delete

* Destroys all session tokens for the user.

[116] Fix | Delete

[117] Fix | Delete

* @since 4.0.0

[118] Fix | Delete

[119] Fix | Delete

protected function destroy_all_sessions() {

[120] Fix | Delete

$this->update_sessions( array() );

[121] Fix | Delete

}

[122] Fix | Delete

[123] Fix | Delete

/**

[124] Fix | Delete

* Destroys all sessions for all users.

[125] Fix | Delete

[126] Fix | Delete

* @since 4.0.0

[127] Fix | Delete

[128] Fix | Delete

public static function drop_sessions() {

[129] Fix | Delete

delete_metadata( 'user', 0, 'session_tokens', false, true );

[130] Fix | Delete

}

[131] Fix | Delete

}

[132] Fix | Delete

[133] Fix | Delete