From: Stricted Date: Thu, 12 Mar 2015 02:50:09 +0000 (+0100) Subject: delete expired sessions from database X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e2ca4332a2f9f822fb82964506b9096a7727cb3d;p=GitHub%2FStricted%2FDomain-Control-Panel.git delete expired sessions from database --- diff --git a/lib/page/ApiManagementPage.class.php b/lib/page/ApiManagementPage.class.php index 710ed3c..ef85e0e 100644 --- a/lib/page/ApiManagementPage.class.php +++ b/lib/page/ApiManagementPage.class.php @@ -22,6 +22,6 @@ class ApiManagementPage extends AbstractPage { $apiKey = $row['apiKey']; } - DNS::getTPL()->assign(array("apiKey" => $apiKey)); + DNS::getTPL()->assign(array("userID" => DNS::getSession()->userID,"apiKey" => $apiKey)); } } diff --git a/lib/system/SessionHandler.class.php b/lib/system/SessionHandler.class.php index 1f0e46d..8404f1a 100644 --- a/lib/system/SessionHandler.class.php +++ b/lib/system/SessionHandler.class.php @@ -7,48 +7,45 @@ namespace dns\system; * @copyright 2013-2015 Jan Altensen (Stricted) */ class SessionHandler { + /** + * session id + * + * @var integer + */ private $sessionID = null; + /** + * session data + * + * @var array + */ private $sessionData = array(); + /** + * initial session system + */ public function __construct () { - $this->init(); - } - - public function init() { if ($this->sessionID === null) { $this->sessionID = session_id(); } - // load session data from database and check if the data is expired - if (!$this->exists()) { - $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)"; - DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, '')); - } + /* delete expired sessions */ + $sql = "DELETE FROM dns_session WHERE expire < ?"; + DNS::getDB()->query($sql, array(time())); /* load data from database */ $sql ="SELECT * FROM dns_session where sessionID = ?"; $res = DNS::getDB()->query($sql, array($this->sessionID)); $data = DNS::getDB()->fetch_array($res); - if (isset($data['sessionData']) && !empty($data['sessionData'])) { - $this->sessionData = json_decode($data['sessionData'], true); - } - } - - private function exists() { - $sql = "SELECT * FROM dns_session where sessionID = ?"; - $res = DNS::getDB()->query($sql, array($this->sessionID)); - $data = DNS::getDB()->fetch_array($res); if (isset($data['sessionID']) && !empty($data['sessionID'])) { - if ($data['expire'] < time()) { - $this->destroy(); - return false; + if (isset($data['sessionData']) && !empty($data['sessionData'])) { + $this->sessionData = json_decode($data['sessionData'], true); } - - return true; } - - return false; + else { + $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)"; + DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, '')); + } } /** @@ -61,6 +58,12 @@ class SessionHandler { return $this->getVar($key); } + /** + * Provides access to session data. + * + * @param string $key + * @return mixed + */ public function getVar($key) { if (isset($this->sessionData[$key])) { return $this->sessionData[$key]; @@ -78,16 +81,24 @@ class SessionHandler { public function register($key, $value) { $this->sessionData[$key] = $value; - $data = json_encode($this->sessionData); $sql = "UPDATE dns_session SET sessionData = ?, expire = ? WHERE sessionID = ?"; DNS::getDB()->query($sql, array($data, time() + 3600 * 24, $this->sessionID)); } + /** + * Registers a session variable. + * + * @param string $key + * @param string $value + */ public function __set($key, $value) { $this->register($key, $value); } + /** + * destroy the session + */ public function destroy() { $this->sessionData = array(); @@ -95,6 +106,12 @@ class SessionHandler { DNS::getDB()->query($sql, array($this->sessionID)); } + /** + * Registers a session variable. + * + * @param string $key + * @param string $value + */ public function update($key, $value) { $this->register($key, $value); } diff --git a/templates/default/apiManagement.tpl b/templates/default/apiManagement.tpl index bbf8715..1d3cccc 100644 --- a/templates/default/apiManagement.tpl +++ b/templates/default/apiManagement.tpl @@ -17,7 +17,7 @@
userID
-
{$smarty.session.userID}
+
{$userID}
API-Key