Commit | Line | Data |
---|---|---|
5a33cd73 S |
1 | <?php |
2 | namespace dns\system; | |
3 | ||
4 | /** | |
5 | * @author Jan Altensen (Stricted) | |
6 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
d4779364 | 7 | * @copyright 2013-2016 Jan Altensen (Stricted) |
5a33cd73 S |
8 | */ |
9 | class SessionHandler { | |
e2ca4332 S |
10 | /** |
11 | * session id | |
12 | * | |
13 | * @var integer | |
14 | */ | |
5a33cd73 S |
15 | private $sessionID = null; |
16 | ||
e2ca4332 S |
17 | /** |
18 | * session data | |
19 | * | |
20 | * @var array | |
21 | */ | |
5a33cd73 S |
22 | private $sessionData = array(); |
23 | ||
e2ca4332 S |
24 | /** |
25 | * initial session system | |
26 | */ | |
5a33cd73 | 27 | public function __construct () { |
5a33cd73 S |
28 | if ($this->sessionID === null) { |
29 | $this->sessionID = session_id(); | |
30 | } | |
31 | ||
e2ca4332 S |
32 | /* delete expired sessions */ |
33 | $sql = "DELETE FROM dns_session WHERE expire < ?"; | |
34 | DNS::getDB()->query($sql, array(time())); | |
5a33cd73 S |
35 | |
36 | /* load data from database */ | |
37 | $sql ="SELECT * FROM dns_session where sessionID = ?"; | |
38 | $res = DNS::getDB()->query($sql, array($this->sessionID)); | |
39 | $data = DNS::getDB()->fetch_array($res); | |
5a33cd73 | 40 | if (isset($data['sessionID']) && !empty($data['sessionID'])) { |
e2ca4332 S |
41 | if (isset($data['sessionData']) && !empty($data['sessionData'])) { |
42 | $this->sessionData = json_decode($data['sessionData'], true); | |
5a33cd73 | 43 | } |
5a33cd73 | 44 | } |
e2ca4332 S |
45 | else { |
46 | $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)"; | |
47 | DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, '')); | |
48 | } | |
5a33cd73 S |
49 | } |
50 | ||
894213c7 S |
51 | /** |
52 | * Checks if the active user has the given permission | |
53 | * | |
54 | * @return boolean | |
55 | */ | |
56 | public function checkPermission($permission) { | |
894213c7 S |
57 | /* get permissionID */ |
58 | $sql = "SELECT * FROM dns_permissions where permission = ?"; | |
59 | $res = DNS::getDB()->query($sql, array($permission)); | |
60 | $data = DNS::getDB()->fetch_array($res); | |
61 | ||
62 | /* get permission from user */ | |
63 | $sql = "SELECT * FROM dns_permissions_to_user where userID = ? and permissionID = ?"; | |
64 | $res = DNS::getDB()->query($sql, array($this->userID, $data['id'])); | |
65 | $row = DNS::getDB()->fetch_array($res); | |
66 | ||
67 | if (isset($row['permission']) && $row['permission'] == $permission) { | |
68 | return true; | |
69 | } | |
70 | ||
71 | return false; | |
72 | } | |
73 | ||
5a33cd73 S |
74 | /** |
75 | * Provides access to session data. | |
76 | * | |
77 | * @param string $key | |
78 | * @return mixed | |
79 | */ | |
80 | public function __get($key) { | |
81 | return $this->getVar($key); | |
82 | } | |
83 | ||
e2ca4332 S |
84 | /** |
85 | * Provides access to session data. | |
86 | * | |
87 | * @param string $key | |
88 | * @return mixed | |
89 | */ | |
5a33cd73 S |
90 | public function getVar($key) { |
91 | if (isset($this->sessionData[$key])) { | |
92 | return $this->sessionData[$key]; | |
93 | } | |
94 | ||
95 | return null; | |
96 | } | |
97 | ||
894213c7 S |
98 | /** |
99 | * Unsets a session variable. | |
100 | * | |
101 | * @param string $key | |
102 | */ | |
103 | public function unregister($key) { | |
104 | if (isset($this->sessionData[$key])) { | |
105 | unset($this->sessionData[$key]); | |
106 | } | |
107 | } | |
108 | ||
5a33cd73 S |
109 | /** |
110 | * Registers a session variable. | |
111 | * | |
112 | * @param string $key | |
113 | * @param string $value | |
114 | */ | |
115 | public function register($key, $value) { | |
116 | $this->sessionData[$key] = $value; | |
117 | ||
5a33cd73 S |
118 | $data = json_encode($this->sessionData); |
119 | $sql = "UPDATE dns_session SET sessionData = ?, expire = ? WHERE sessionID = ?"; | |
120 | DNS::getDB()->query($sql, array($data, time() + 3600 * 24, $this->sessionID)); | |
121 | } | |
122 | ||
e2ca4332 S |
123 | /** |
124 | * Registers a session variable. | |
125 | * | |
126 | * @param string $key | |
127 | * @param string $value | |
128 | */ | |
5a33cd73 S |
129 | public function __set($key, $value) { |
130 | $this->register($key, $value); | |
131 | } | |
132 | ||
e2ca4332 S |
133 | /** |
134 | * destroy the session | |
135 | */ | |
5a33cd73 S |
136 | public function destroy() { |
137 | $this->sessionData = array(); | |
138 | ||
139 | $sql = "DELETE FROM dns_session WHERE sessionID = ?"; | |
140 | DNS::getDB()->query($sql, array($this->sessionID)); | |
141 | } | |
142 | ||
e2ca4332 S |
143 | /** |
144 | * Registers a session variable. | |
145 | * | |
146 | * @param string $key | |
147 | * @param string $value | |
148 | */ | |
5a33cd73 S |
149 | public function update($key, $value) { |
150 | $this->register($key, $value); | |
151 | } | |
152 | } |