WC_Session_Handler::init_session_from_request
Initialize the session from the query string parameter.
If the current user is logged in, the token session will replace the current user's session. If the current user is logged out, the token session will be cloned to a new session.
Only guest sessions are restored, hence the check for the t_ prefix on the customer ID.
Method of the class: WC_Session_Handler{}
No Hooks.
Returns
true|false.
Usage
// private - for code of main (parent) class only $result = $this->init_session_from_request();
WC_Session_Handler::init_session_from_request() WC Session Handler::init session from request code WC 10.3.3
private function init_session_from_request() {
$session_token = is_string( $_GET['session'] ?? '' ) ? wc_clean( wp_unslash( $_GET['session'] ?? '' ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( empty( $session_token ) || ! CartTokenUtils::validate_cart_token( $session_token ) ) {
return false;
}
$payload = CartTokenUtils::get_cart_token_payload( $session_token );
if ( ! $this->is_customer_guest( $payload['user_id'] ) || ! $this->session_exists( $payload['user_id'] ) ) {
return false;
}
// Check to see if the current user has a session before proceeding with token handling.
$cookie = $this->get_session_cookie();
if ( $cookie ) {
// User owns this token. Return and use cookie session.
if ( $cookie[0] === $payload['user_id'] ) {
return false;
}
$cookie_session_data = (array) $this->get_session( $cookie[0], array() );
// Cookie session was originally created via this token. Return and use cookie session to prevent creating a new clone.
if ( isset( $cookie_session_data['previous_customer_id'] ) && $cookie_session_data['previous_customer_id'] === $payload['user_id'] ) {
return false;
}
}
// Generate new customer ID for the new session before cloning the data.
$this->_customer_id = $this->generate_customer_id();
$this->set_customer_session_cookie( true );
$this->clone_session_data( $payload['user_id'] );
return true;
}