[2.3] Handle PHP sessions started outside of Symfony

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php

@@ -318,6 +318,7 @@ private function registerSessionConfiguration(array $config, ContainerBuilder $c
         if (null == $config['handler_id']) {
             // Set the handler class to be null
             $container->getDefinition('session.storage.native')->replaceArgument(1, null);
+            $container->getDefinition('session.storage.php_bridge')->replaceArgument(1, null);
         } else {
             $container->setAlias('session.handler', $config['handler_id']);
         }
@@ -327,6 +328,7 @@ private function registerSessionConfiguration(array $config, ContainerBuilder $c
         $this->addClassesToCompile(array(
             'Symfony\\Bundle\\FrameworkBundle\\EventListener\\SessionListener',
             'Symfony\\Component\\HttpFoundation\\Session\\Storage\\NativeSessionStorage',
+            'Symfony\\Component\\HttpFoundation\\Session\\Storage\\PhpBridgeSessionStorage',
             'Symfony\\Component\\HttpFoundation\\Session\\Storage\\Handler\\NativeFileSessionHandler',
             'Symfony\\Component\\HttpFoundation\\Session\\Storage\\Proxy\\AbstractProxy',
             'Symfony\\Component\\HttpFoundation\\Session\\Storage\\Proxy\\SessionHandlerProxy',

src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml

@@ -9,6 +9,7 @@
         <parameter key="session.flashbag.class">Symfony\Component\HttpFoundation\Session\Flash\FlashBag</parameter>
         <parameter key="session.attribute_bag.class">Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag</parameter>
         <parameter key="session.storage.native.class">Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage</parameter>
+        <parameter key="session.storage.php_bridge.class">Symfony\Component\HttpFoundation\Session\Storage\PhpBridgeSessionStorage</parameter>
         <parameter key="session.storage.mock_file.class">Symfony\Component\HttpFoundation\Session\Storage\MockFileSessionStorage</parameter>
         <parameter key="session.handler.native_file.class">Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeFileSessionHandler</parameter>
         <parameter key="session_listener.class">Symfony\Bundle\FrameworkBundle\EventListener\SessionListener</parameter>
@@ -26,6 +27,10 @@
             <argument type="service" id="session.handler" />
         </service>
 
+        <service id="session.storage.php_bridge" class="%session.storage.php_bridge.class%">
+            <argument type="service" id="session.handler" />
+        </service>
+
         <service id="session.flash_bag" class="%session.flashbag.class%" public="false" />
 
         <service id="session.attribute_bag" class="%session.attribute_bag.class%" public="false" />

src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php

@@ -12,6 +12,7 @@
 namespace Symfony\Component\HttpFoundation\Session\Storage;
 
 use Symfony\Component\HttpFoundation\Session\SessionBagInterface;
+use Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeSessionHandler;
 use Symfony\Component\HttpFoundation\Session\Storage\MetadataBag;
 use Symfony\Component\HttpFoundation\Session\Storage\Proxy\NativeProxy;
 use Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy;
@@ -91,9 +92,9 @@ class NativeSessionStorage implements SessionStorageInterface
      * upload_progress.min-freq, "1"
      * url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset="
      *
-     * @param array       $options Session configuration options.
-     * @param object      $handler SessionHandlerInterface.
-     * @param MetadataBag $metaBag MetadataBag.
+     * @param array                                                            $options Session configuration options.
+     * @param AbstractProxy|NativeSessionHandler|\SessionHandlerInterface|null $handler
+     * @param MetadataBag                                                      $metaBag MetadataBag.
      */
     public function __construct(array $options = array(), $handler = null, MetadataBag $metaBag = null)
     {
@@ -130,27 +131,28 @@ public function start()
             return true;
         }
 
-        // catch condition where session was started automatically by PHP
-        if (!$this->started && !$this->closed && $this->saveHandler->isActive()
-            && $this->saveHandler->isSessionHandlerInterface()) {
-            $this->loadSession();
+        if (version_compare(phpversion(), '5.4.0', '>=') && \PHP_SESSION_ACTIVE === session_status()) {
+            throw new \RuntimeException('Failed to start the session: already started by PHP.');
+        }
 
-            return true;
+        if (version_compare(phpversion(), '5.4.0', '<') && isset($_SESSION) && session_id()) {
+            // not 100% fool-proof, but is the most reliable way to determine if a session is active in PHP 5.3
+            throw new \RuntimeException('Failed to start the session: already started by PHP ($_SESSION is set).');
         }
 
         if (ini_get('session.use_cookies') && headers_sent()) {
             throw new \RuntimeException('Failed to start the session because headers have already been sent.');
         }
 
-        // start the session
+        // ok to try and start the session
         if (!session_start()) {
             throw new \RuntimeException('Failed to start the session');
         }
 
         $this->loadSession();
-
         if (!$this->saveHandler->isWrapper() && !$this->saveHandler->isSessionHandlerInterface()) {
-            $this->saveHandler->setActive(false);
+            // This condition matches only PHP 5.3 with internal save handlers
+            $this->saveHandler->setActive(true);
         }
 
         return true;
@@ -215,7 +217,8 @@ public function save()
     {
         session_write_close();
 
-        if (!$this->saveHandler->isWrapper() && !$this->getSaveHandler()->isSessionHandlerInterface()) {
+        if (!$this->saveHandler->isWrapper() && !$this->saveHandler->isSessionHandlerInterface()) {
+            // This condition matches only PHP 5.3 with internal save handlers
             $this->saveHandler->setActive(false);
         }
 
@@ -329,29 +332,43 @@ public function setOptions(array $options)
     }
 
     /**
-     * Registers save handler as a PHP session handler.
+     * Registers session save handler as a PHP session handler.
      *
      * To use internal PHP session save handlers, override this method using ini_set with
      * session.save_handler and session.save_path e.g.
      *
      *     ini_set('session.save_handler', 'files');
      *     ini_set('session.save_path', /tmp');
      *
+     * or pass in a NativeSessionHandler instance which configures session.save_handler in the
+     * constructor, for a template see NativeFileSessionHandler or use handlers in
+     * composer package drak/native-session
+     *
      * @see http://php.net/session-set-save-handler
      * @see http://php.net/sessionhandlerinterface
      * @see http://php.net/sessionhandler
+     * @see http://github.com/drak/NativeSession
+     *
+     * @param AbstractProxy|NativeSessionHandler|\SessionHandlerInterface|null $saveHandler
      *
-     * @param object $saveHandler Default null means NativeProxy.
+     * @throws \InvalidArgumentException
      */
     public function setSaveHandler($saveHandler = null)
     {
-        // Wrap $saveHandler in proxy
+        if (!$saveHandler instanceof AbstractProxy &&
+            !$saveHandler instanceof NativeSessionHandler &&
+            !$saveHandler instanceof \SessionHandlerInterface &&
+            null !== $saveHandler) {
+            throw new \InvalidArgumentException('Must be instance of AbstractProxy or NativeSessionHandler; implement \SessionHandlerInterface; or be null.');
+        }
+
+        // Wrap $saveHandler in proxy and prevent double wrapping of proxy
         if (!$saveHandler instanceof AbstractProxy && $saveHandler instanceof \SessionHandlerInterface) {
             $saveHandler = new SessionHandlerProxy($saveHandler);
         } elseif (!$saveHandler instanceof AbstractProxy) {
-            $saveHandler = new NativeProxy();
+            $saveHandler = version_compare(phpversion(), '5.4.0', '>=') ?
+                new SessionHandlerProxy(new \SessionHandler()) : new NativeProxy();
         }
-
         $this->saveHandler = $saveHandler;
 
         if ($this->saveHandler instanceof \SessionHandlerInterface) {

src/Symfony/Component/HttpFoundation/Session/Storage/PhpBridgeSessionStorage.php

@@ -0,0 +1,69 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpFoundation\Session\Storage;
+
+use Symfony\Component\HttpFoundation\Session\Storage\MetadataBag;
+use Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy;
+use Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeSessionHandler;
+
+/**
+ * Allows session to be started by PHP and managed by Symfony2
+ *
+ * @author Drak <drak@zikula.org>
+ */
+class PhpBridgeSessionStorage extends NativeSessionStorage
+{
+    /**
+     * Constructor.
+     *
+     * @param AbstractProxy|NativeSessionHandler|\SessionHandlerInterface|null $handler
+     * @param MetadataBag                                                      $metaBag MetadataBag
+     */
+    public function __construct($handler = null, MetadataBag $metaBag = null)
+    {
+        $this->setMetadataBag($metaBag);
+        $this->setSaveHandler($handler);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function start()
+    {
+        if ($this->started && !$this->closed) {
+            return true;
+        }
+
+        $this->loadSession();
+        if (!$this->saveHandler->isWrapper() && !$this->saveHandler->isSessionHandlerInterface()) {
+            // This condition matches only PHP 5.3 + internal save handlers
+            $this->saveHandler->setActive(true);
+        }
+
+        return true;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function clear()
+    {
+        // clear out the bags and nothing else that may be set
+        // since the purpose of this driver is to share a handler
+        foreach ($this->bags as $bag) {
+            $bag->clear();
+        }
+
+        // reconnect the bags to the session
+        $this->loadSession();
+    }
+}

src/Symfony/Component/HttpFoundation/Session/Storage/Proxy/AbstractProxy.php

@@ -72,16 +72,31 @@ public function isWrapper()
      */
     public function isActive()
     {
+        if (version_compare(phpversion(), '5.4.0', '>=')) {
+            return $this->active = \PHP_SESSION_ACTIVE === session_status();
+        }
+
         return $this->active;
     }
 
     /**
      * Sets the active flag.
      *
+     * Has no effect under PHP 5.4+ as status is detected
+     * automatically in isActive()
+     *
+     * @internal
+     *
      * @param Boolean $flag
+     *
+     * @throws \LogicException
      */
     public function setActive($flag)
     {
+        if (version_compare(phpversion(), '5.4.0', '>=')) {
+            throw new \LogicException('This method is disabled in PHP 5.4.0+');
+        }
+
         $this->active = (bool) $flag;
     }