modxcms · Mark-H · Dec 7, 2021 · Feb 10, 2024
@@ -19,32 +19,29 @@
  */
 class Flush extends Processor
 {
+ /**
+ * @return array
+ */
+ public function getLanguageTopics()
+ {
+ return ['topmenu'];
+ }
+
  public function checkPermissions()
  {
  return $this->modx->hasPermission('flush_sessions');
  }
 
  public function process()
  {
- if ($this->modx->getOption('session_handler_class',null,modSessionHandler::class) === modSessionHandler::class) {
- if (!$this->flushSessions()) {
- return $this->failure($this->modx->lexicon('flush_sessions_err'));
- }
- } else {
+ $sessionHandler = $this->modx->services->get('session_handler');
+ if (!method_exists($sessionHandler, 'flushSessions')) {
  return $this->failure($this->modx->lexicon('flush_sessions_not_supported'));
  }
- return $this->success();
- }
-
- public function flushSessions()
- {
- $flushed = true;
- $sessionTable = $this->modx->getTableName(modSession::class);
- if ($this->modx->query("TRUNCATE TABLE {$sessionTable}") == false) {
- $flushed = false;
- } else {
- $this->modx->user->endSession();
+ $flushed = call_user_func_array([$sessionHandler, 'flushSessions'], [&$this->modx]);
+ if (!$flushed) {
+ return $this->failure($this->modx->lexicon('flush_sessions_err'));
  }
- return $flushed;
+ return $this->success();
  }
 }
@@ -16,7 +16,7 @@
  *
  * @package MODX\Revolution
  */
-class modSessionHandler
+class modSessionHandler implements \SessionHandlerInterface
 {
  /**
  * @var modX A reference to the modX instance controlling this session
@@ -42,7 +42,7 @@
  *
  * @param modX &$modx A reference to a {@link modX} instance.
  */
- function __construct(modX &$modx)
+ public function __construct(modX &$modx)
  {
  $this->modx = &$modx;
  $gcMaxlifetime = (integer)$this->modx->getOption('session_gc_maxlifetime');
@@ -68,7 +68,7 @@
  * @return boolean Always returns true; actual connection is managed by
  * {@link modX}.
  */
- public function open()
+ public function open($path, $name)
  {
  return true;
  }
@@ -166,6 +166,23 @@
  return $this->modx->removeCollection(modSession::class, ["{$this->modx->escape('access')} < {$maxtime}"]);
  }
 
+ /**
+ * Removes all sessions, logging out all users.
+ *
+ * @param modX $modx
+ * @return boolean
+ */
+ public static function flushSessions(modX $modx)
+ {
+ $sessionTable = $modx->getTableName(modSession::class);
+ if ($modx->query("TRUNCATE TABLE {$sessionTable}") == false) {
+ return false;
+ }
+
+ $modx->user->endSession();
+ return true;
+ }
+
  /**
  * Gets the {@link modSession} object, respecting the cache flag represented by cacheLifetime.
  *

@@ -2458,7 +2458,7 @@
 }

 $deprecation = $this->_getDeprecatedMethod($since, $deprecatedDef, $recommendation);
 $deprecation->addCaller($caller['class'] ?? '', $caller['function'] ?? '', $deprecatedMethod['file'], $deprecatedMethod['line']);
 }

 /**
@@ -2740,25 +2740,15 @@
  $contextKey= $this->context instanceof modContext ? $this->context->get('key') : null;
  if ($this->getOption('session_enabled', $options, true) || isset($_GET['preview'])) {
  if (!in_array($this->getSessionState(), [modX::SESSION_STATE_INITIALIZED, modX::SESSION_STATE_EXTERNAL, modX::SESSION_STATE_UNAVAILABLE], true)) {
- $sh = false;
- if ($sessionHandlerClass = $this->getOption('session_handler_class', $options)) {
- if ($shClass = $this->loadClass($sessionHandlerClass, '', false, true)) {
- if ($sh = new $shClass($this)) {
- session_set_save_handler(
- [& $sh, 'open'],
- [& $sh, 'close'],
- [& $sh, 'read'],
- [& $sh, 'write'],
- [& $sh, 'destroy'],
- [& $sh, 'gc']
- );
- }
+ $sessionHandlerClass = $this->getOption('session_handler_class', $options);
+ if (is_string($sessionHandlerClass) && !empty($sessionHandlerClass) && class_exists($sessionHandlerClass)) {
+ $sh = new $sessionHandlerClass($this);
+ if ($sh instanceof \SessionHandlerInterface) {
+ $this->services->add('session_handler', $sh);
+ session_set_save_handler($sh);
  }
  }
- if (
- (is_string($sessionHandlerClass) && !$sh instanceof $sessionHandlerClass) ||
- !is_string($sessionHandlerClass)
- ) {
+ if (!$this->services->has('session_handler')) {
  $sessionSavePath = $this->getOption('session_save_path', $options);
  if ($sessionSavePath && is_writable($sessionSavePath)) {
  session_save_path($sessionSavePath);