lib/system/SessionHandler.class.php

   1 <?php
   2 namespace dns\system;
   3
   4 /**
   5  * @author      Jan Altensen (Stricted)
   6  * @license     GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
   7  * @copyright   2013-2016 Jan Altensen (Stricted)
   8  */
   9 class SessionHandler {
  10         /**
  11          * session id
  12          *
  13          * @var integer
  14          */
  15         private $sessionID = null;
  16
  17         /**
  18          * session data
  19          *
  20          * @var array
  21          */
  22         private $sessionData = array();
  23
  24         /**
  25          * initial session system
  26          */
  27         public function __construct () {
  28                 if ($this->sessionID === null) {
  29                         $this->sessionID = session_id();
  30                 }
  31
  32                 /* delete expired sessions */
  33                 $sql = "DELETE FROM dns_session WHERE expire < ?";
  34                 DNS::getDB()->query($sql, array(time()));
  35
  36                 /* load data from database */
  37                 $sql ="SELECT * FROM dns_session where sessionID = ?";
  38                 $res = DNS::getDB()->query($sql, array($this->sessionID));
  39                 $data = DNS::getDB()->fetch_array($res);
  40                 if (isset($data['sessionID']) && !empty($data['sessionID'])) {
  41                         if (isset($data['sessionData']) && !empty($data['sessionData'])) {
  42                                 $this->sessionData = json_decode($data['sessionData'], true);
  43                         }
  44                 }
  45                 else {
  46                         $sql = "INSERT INTO dns_session (id, sessionID, expire, sessionData) VALUES (NULL, ?, ?, ?)";
  47                         DNS::getDB()->query($sql, array($this->sessionID, time() + 3600 * 24, ''));
  48                 }
  49         }
  50
  51         /**
  52          * Checks if the active user has the given permission
  53          *
  54          * @return      boolean
  55          */
  56         public function checkPermission($permission) {
  57                 /* get permissionID */
  58                 $sql = "SELECT * FROM dns_permissions where permission = ?";
  59                 $res = DNS::getDB()->query($sql, array($permission));
  60                 $data = DNS::getDB()->fetch_array($res);
  61
  62                 /* get permission from user */
  63                 $sql = "SELECT * FROM dns_permissions_to_user where userID = ? and permissionID = ?";
  64                 $res = DNS::getDB()->query($sql, array($this->userID, $data['id']));
  65                 $row = DNS::getDB()->fetch_array($res);
  66
  67                 if (isset($row['permission']) && $row['permission'] == $permission) {
  68                         return true;
  69                 }
  70
  71                 return false;
  72         }
  73
  74         /**
  75          * Provides access to session data.
  76          *
  77          * @param       string          $key
  78          * @return      mixed
  79          */
  80         public function __get($key) {
  81                 return $this->getVar($key);
  82         }
  83
  84         /**
  85          * Provides access to session data.
  86          *
  87          * @param       string          $key
  88          * @return      mixed
  89          */
  90         public function getVar($key) {
  91                 if (isset($this->sessionData[$key])) {
  92                         return $this->sessionData[$key];
  93                 }
  94
  95                 return null;
  96         }
  97
  98         /**
  99          * Unsets a session variable.
 100          *
 101          * @param       string          $key
 102          */
 103         public function unregister($key) {
 104                 if (isset($this->sessionData[$key])) {
 105                         unset($this->sessionData[$key]);
 106                 }
 107         }
 108
 109         /**
 110          * Registers a session variable.
 111          *
 112          * @param       string          $key
 113          * @param       string          $value
 114          */
 115         public function register($key, $value) {
 116                 $this->sessionData[$key] = $value;
 117
 118                 $data = json_encode($this->sessionData);
 119                 $sql = "UPDATE dns_session SET sessionData = ?, expire = ? WHERE sessionID = ?";
 120                 DNS::getDB()->query($sql, array($data, time() + 3600 * 24, $this->sessionID));
 121         }
 122
 123         /**
 124          * Registers a session variable.
 125          *
 126          * @param       string          $key
 127          * @param       string          $value
 128          */
 129         public function __set($key, $value) {
 130                 $this->register($key, $value);
 131         }
 132
 133         /**
 134          * destroy the session
 135          */
 136         public function destroy() {
 137                 $this->sessionData = array();
 138
 139                 $sql = "DELETE FROM dns_session WHERE sessionID = ?";
 140                 DNS::getDB()->query($sql, array($this->sessionID));
 141         }
 142
 143         /**
 144          * Registers a session variable.
 145          *
 146          * @param       string          $key
 147          * @param       string          $value
 148          */
 149         public function update($key, $value) {
 150                 $this->register($key, $value);
 151         }
 152 }