delete expired sessions from database
authorStricted <info@stricted.de>
Thu, 12 Mar 2015 02:50:09 +0000 (03:50 +0100)
committerStricted <info@stricted.de>
Thu, 12 Mar 2015 02:50:09 +0000 (03:50 +0100)
lib/page/ApiManagementPage.class.php
lib/system/SessionHandler.class.php
templates/default/apiManagement.tpl

index 710ed3ce0ff9ab7e840f15991accca884e4e0b38..ef85e0ece15f7307d83b12d494a4ea12bf8a8870 100644 (file)
@@ -22,6 +22,6 @@ class ApiManagementPage extends AbstractPage {
                        $apiKey = $row['apiKey'];
                }
                
-               DNS::getTPL()->assign(array("apiKey" => $apiKey));
+               DNS::getTPL()->assign(array("userID" => DNS::getSession()->userID,"apiKey" => $apiKey));
        }
 }
index 1f0e46d4f24f254a38706b848894088b17410225..8404f1a97b108cc91570f1d2d872bf7c717bdb1e 100644 (file)
@@ -7,48 +7,45 @@ namespace dns\system;
  * @copyright   2013-2015 Jan Altensen (Stricted)
  */
 class SessionHandler {
+       /**
+        * session id
+        *
+        * @var integer
+        */
        private $sessionID = null;
        
+       /**
+        * session data
+        *
+        * @var array
+        */
        private $sessionData = array();
        
+       /**
+        * initial session system
+        */
        public function __construct () {
-               $this->init();
-       }
-       
-       public function init() {
                if ($this->sessionID === null) {
                        $this->sessionID = session_id();
                }
                
-               // load session data from database and check if the data is expired
-               if (!$this->exists()) {
-                       $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)";
-                       DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, ''));
-               }
+               /* delete expired sessions */
+               $sql = "DELETE FROM dns_session WHERE expire < ?";
+               DNS::getDB()->query($sql, array(time()));
                
                /* load data from database */
                $sql ="SELECT * FROM dns_session where sessionID = ?";
                $res = DNS::getDB()->query($sql, array($this->sessionID));
                $data = DNS::getDB()->fetch_array($res);
-               if (isset($data['sessionData']) && !empty($data['sessionData'])) {
-                       $this->sessionData = json_decode($data['sessionData'], true);
-               }
-       }
-       
-       private function exists() {
-               $sql = "SELECT * FROM dns_session where sessionID = ?";
-               $res = DNS::getDB()->query($sql, array($this->sessionID));
-               $data = DNS::getDB()->fetch_array($res);
                if (isset($data['sessionID']) && !empty($data['sessionID'])) {
-                       if ($data['expire'] < time()) {
-                               $this->destroy();
-                               return false;
+                       if (isset($data['sessionData']) && !empty($data['sessionData'])) {
+                               $this->sessionData = json_decode($data['sessionData'], true);
                        }
-                       
-                       return true;
                }
-               
-               return false;
+               else {
+                       $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)";
+                       DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, ''));
+               }
        }
        
        /**
@@ -61,6 +58,12 @@ class SessionHandler {
                return $this->getVar($key);
        }
        
+       /**
+        * Provides access to session data.
+        * 
+        * @param       string          $key
+        * @return      mixed
+        */
        public function getVar($key) {
                if (isset($this->sessionData[$key])) {
                        return $this->sessionData[$key];
@@ -78,16 +81,24 @@ class SessionHandler {
        public function register($key, $value) {
                $this->sessionData[$key] = $value;
                
-               
                $data = json_encode($this->sessionData);
                $sql = "UPDATE dns_session SET sessionData = ?, expire = ? WHERE sessionID = ?";
                DNS::getDB()->query($sql, array($data, time() + 3600 * 24, $this->sessionID));
        }
        
+       /**
+        * Registers a session variable.
+        * 
+        * @param       string          $key
+        * @param       string          $value
+        */
        public function __set($key, $value) {
                $this->register($key, $value);
        }
        
+       /**
+        * destroy the session
+        */
        public function destroy() {
                $this->sessionData = array();
                
@@ -95,6 +106,12 @@ class SessionHandler {
                DNS::getDB()->query($sql, array($this->sessionID));
        }
        
+       /**
+        * Registers a session variable.
+        * 
+        * @param       string          $key
+        * @param       string          $value
+        */
        public function update($key, $value) {
                $this->register($key, $value);
        }
index bbf8715db6b81a1267a79c99b739b20dd93dac38..1d3cccc656fcd312df14e95c2a73697a8cfbf2c5 100644 (file)
@@ -17,7 +17,7 @@
                                        <fieldset>
                                                <dl>
                                                        <dt>userID</dt>
-                                                       <dd>{$smarty.session.userID}</dd>
+                                                       <dd>{$userID}</dd>
                                                </dl>
                                                <dl>
                                                        <dt>API-Key</dt>