2011-01-11 08:02:45 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
2011-01-14 19:40:12 +00:00
|
|
|
* Implementation of a simple session management.
|
|
|
|
|
*
|
|
|
|
|
* LetoDMS uses its own simple session management, storing sessions
|
|
|
|
|
* into the database. A session holds the currently logged in user,
|
|
|
|
|
* the theme and the language.
|
2011-01-11 08:02:45 +00:00
|
|
|
*
|
|
|
|
|
* @category DMS
|
|
|
|
|
* @package LetoDMS
|
|
|
|
|
* @license GPL 2
|
|
|
|
|
* @version @version@
|
|
|
|
|
* @author Uwe Steinmann <uwe@steinmann.cx>
|
|
|
|
|
* @copyright 2011 Uwe Steinmann
|
|
|
|
|
* @version Release: @package_version@
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
2011-01-14 19:40:12 +00:00
|
|
|
* Class to represent a session
|
|
|
|
|
*
|
|
|
|
|
* This class provides some very basic methods to load, save and delete
|
|
|
|
|
* sessions. It does not set or retrieve a cockie. This is up to the
|
|
|
|
|
* application. The class basically provides access to the session database
|
|
|
|
|
* table.
|
2011-01-11 08:02:45 +00:00
|
|
|
*
|
|
|
|
|
* @category DMS
|
|
|
|
|
* @package LetoDMS
|
|
|
|
|
* @author Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
|
|
|
|
|
* @copyright 2011 Uwe Steinmann
|
|
|
|
|
* @version Release: @package_version@
|
|
|
|
|
*/
|
|
|
|
|
class LetoDMS_Session {
|
|
|
|
|
/**
|
|
|
|
|
* @var object $db reference to database object. This must be an instance
|
2011-01-20 08:18:37 +00:00
|
|
|
* of {@link LetoDMS_Core_DatabaseAccess}.
|
2011-01-11 08:02:45 +00:00
|
|
|
* @access protected
|
|
|
|
|
*/
|
|
|
|
|
protected $db;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var array $data session data
|
|
|
|
|
* @access protected
|
|
|
|
|
*/
|
|
|
|
|
protected $data;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var string $id session id
|
|
|
|
|
* @access protected
|
|
|
|
|
*/
|
|
|
|
|
protected $id;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Create a new instance of the session handler
|
|
|
|
|
*
|
|
|
|
|
* @param object $db object to access the underlying database
|
|
|
|
|
* @return object instance of LetoDMS_Session
|
|
|
|
|
*/
|
|
|
|
|
function __construct($db) { /* {{{ */
|
|
|
|
|
$this->db = $db;
|
2012-08-29 20:42:33 +00:00
|
|
|
$this->id = false;
|
2011-01-11 08:02:45 +00:00
|
|
|
} /* }}} */
|
|
|
|
|
|
|
|
|
|
/**
|
2011-01-14 19:40:12 +00:00
|
|
|
* Load session by its id from database
|
2011-01-11 08:02:45 +00:00
|
|
|
*
|
|
|
|
|
* @param string $id id of session
|
|
|
|
|
* @return boolean true if successful otherwise false
|
|
|
|
|
*/
|
|
|
|
|
function load($id) { /* {{{ */
|
2011-12-01 21:37:10 +00:00
|
|
|
$queryStr = "SELECT * FROM tblSessions WHERE id = ".$this->db->qstr($id);
|
2011-01-11 08:02:45 +00:00
|
|
|
$resArr = $this->db->getResultArray($queryStr);
|
|
|
|
|
if (is_bool($resArr) && $resArr == false)
|
|
|
|
|
return false;
|
|
|
|
|
if (count($resArr) == 0)
|
|
|
|
|
return false;
|
2011-12-01 21:37:10 +00:00
|
|
|
$queryStr = "UPDATE tblSessions SET lastAccess = " . mktime() . " WHERE id = " . $this->db->qstr($id);
|
2011-01-11 08:02:45 +00:00
|
|
|
if (!$this->db->getResult($queryStr))
|
|
|
|
|
return false;
|
2012-08-29 20:42:33 +00:00
|
|
|
$this->id = $id;
|
2013-01-24 08:04:14 +00:00
|
|
|
$this->data = array('userid'=>$resArr[0]['userID'], 'theme'=>$resArr[0]['theme'], 'lang'=>$resArr[0]['language'], 'id'=>$resArr[0]['id'], 'lastaccess'=>$resArr[0]['lastAccess'], 'flashmsg'=>'');
|
2011-01-11 08:02:45 +00:00
|
|
|
return $resArr[0];
|
|
|
|
|
} /* }}} */
|
|
|
|
|
|
|
|
|
|
/**
|
2011-01-14 19:40:12 +00:00
|
|
|
* Create a new session and saving the given data into the database
|
2011-01-11 08:02:45 +00:00
|
|
|
*
|
|
|
|
|
* @param array $data data saved in session (the only fields supported
|
|
|
|
|
* are userid, theme, language)
|
|
|
|
|
* @return string/boolean id of session of false in case of an error
|
|
|
|
|
*/
|
|
|
|
|
function create($data) { /* {{{ */
|
|
|
|
|
$id = "" . rand() . mktime() . rand() . "";
|
|
|
|
|
$id = md5($id);
|
2013-01-24 08:04:14 +00:00
|
|
|
$lastaccess = mktime();
|
2011-01-11 08:02:45 +00:00
|
|
|
$queryStr = "INSERT INTO tblSessions (id, userID, lastAccess, theme, language) ".
|
2013-01-24 08:04:14 +00:00
|
|
|
"VALUES ('".$id."', ".$data['userid'].", ".$lastaccess.", '".$data['theme']."', '".$data['lang']."')";
|
2011-01-11 08:02:45 +00:00
|
|
|
if (!$this->db->getResult($queryStr)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
$this->id = $id;
|
|
|
|
|
$this->data = $data;
|
2013-01-24 08:04:14 +00:00
|
|
|
$this->data['id'] = $id;
|
|
|
|
|
$this->data['lastaccess'] = $lastaccess;
|
2011-01-11 08:02:45 +00:00
|
|
|
return $id;
|
|
|
|
|
} /* }}} */
|
|
|
|
|
|
|
|
|
|
/**
|
2011-01-14 19:40:12 +00:00
|
|
|
* Delete sessions older than a given time from the database
|
2011-01-11 08:02:45 +00:00
|
|
|
*
|
|
|
|
|
* @param integer $sec maximum number of seconds a session may live
|
|
|
|
|
* @return boolean true if successful otherwise false
|
|
|
|
|
*/
|
2011-01-14 19:40:12 +00:00
|
|
|
function deleteByTime($sec) { /* {{{ */
|
2011-01-11 08:02:45 +00:00
|
|
|
$queryStr = "DELETE FROM tblSessions WHERE " . mktime() . " - lastAccess > ".$sec;
|
|
|
|
|
if (!$this->db->getResult($queryStr)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
2011-01-14 19:40:12 +00:00
|
|
|
} /* }}} */
|
2011-01-11 08:02:45 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Delete session by its id
|
|
|
|
|
*
|
|
|
|
|
* @param string $id id of session
|
|
|
|
|
* @return boolean true if successful otherwise false
|
|
|
|
|
*/
|
|
|
|
|
function delete($id) { /* {{{ */
|
2011-12-01 21:37:10 +00:00
|
|
|
$queryStr = "DELETE FROM tblSessions WHERE id = " . $this->db->qstr($id);
|
2011-01-11 08:02:45 +00:00
|
|
|
if (!$this->db->getResult($queryStr)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2012-08-29 20:42:33 +00:00
|
|
|
$this->id = false;
|
2011-01-11 08:02:45 +00:00
|
|
|
return true;
|
|
|
|
|
} /* }}} */
|
2012-08-29 20:42:33 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get session id
|
|
|
|
|
*
|
|
|
|
|
* @return string session id
|
|
|
|
|
*/
|
|
|
|
|
function getId() { /* {{{ */
|
|
|
|
|
return $this->id;
|
|
|
|
|
} /* }}} */
|
2013-01-24 08:04:14 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set language of session
|
|
|
|
|
*
|
|
|
|
|
* @param $lang language
|
|
|
|
|
*/
|
|
|
|
|
function setLanguage($lang) { /* {{{ */
|
|
|
|
|
/* id is only set if load() was called before */
|
|
|
|
|
if($this->id) {
|
|
|
|
|
$queryStr = "UPDATE tblSessions SET language = " . $this->db->qstr($lang) . " WHERE id = " . $this->db->qstr($this->id);
|
|
|
|
|
if (!$this->db->getResult($queryStr))
|
|
|
|
|
return false;
|
|
|
|
|
$this->data['lang'] = $lang;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
} /* }}} */
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set language of session
|
|
|
|
|
*
|
|
|
|
|
* @param $lang language
|
|
|
|
|
*/
|
|
|
|
|
function getLanguage() { /* {{{ */
|
|
|
|
|
return $this->data['lang'];
|
|
|
|
|
} /* }}} */
|
2011-01-11 08:02:45 +00:00
|
|
|
}
|
|
|
|
|
?>
|
