class_session.inc 6.25 KB
Newer Older
1
2
3
4
<?php
/*
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
  Copyright (C) 2003-2010  Cajus Pollmeier
5
  Copyright (C) 2011-2016  FusionDirectory
6
7
8
9
10
11
12
13
14
15
16
17
18

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
19
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20
21
*/

22
23
24
/*!
 * \file class_session.inc
 * Source code for class session
25
 */
26
27
28

/*!
 * \brief This class contains all the function needed to manage sessions
Benoit Mortier's avatar
Benoit Mortier committed
29
 */
30
class session {
31
32
33
34
  /*!
   * \brief Check if the name of the session is set
   *
   * \param string $name The name of the session
35
   */
36
37
  public static function is_set($name)
  {
38
39
40
    $channel = "";
    if (isset($_POST['_channel_'])) {
      $channel = $_POST['_channel_'];
41
42
43
    }

    /* Global fallback if not set */
44
45
    if ($channel == "") {
      return isset($_SESSION[$name]);
46
47
48
    }

    /* Sanity check */
49
    if (!session::channel_exists($channel)) {
50
      msg_dialog::display(_("Internal error"), _("Requested channel does not exist! Please contact your Administrator."), FATAL_ERROR_DIALOG);
51
      exit;
52
53
    }

54
55
    $channel = "gch_".$channel;
    return isset($_SESSION[$channel][$name]);
56
57
  }

58
59
60
61
  /*!
   * \brief Check if a session is defined
   *
   * \param string $name Name of the session
62
   */
63
64
  public static function global_is_set($name)
  {
65
    return isset($_SESSION[$name]);
66
67
  }

68
69
70
71
72
73
74
  /*!
   * \brief Set a value in a session
   *
   * \param string $name Name of the session
   *
   * \param $value The new value
   */
75
  public static function set($name, $value)
76
  {
77
78
79
    $channel = "";
    if (isset($_POST['_channel_'])) {
      $channel = $_POST['_channel_'];
80
81
82
    }

    /* Global fallback if not set */
83
    if ($channel == "") {
84
85
86
      $_SESSION[$name] = $value;
    } else {
      /* Sanity check */
87
      if (!session::channel_exists($channel)) {
88
        msg_dialog::display(_("Internal error"), _("Requested channel does not exist! Please contact your Administrator."), FATAL_ERROR_DIALOG);
89
        exit;
90
91
92
93
94
      }
      $_SESSION[$channel][$name] = $value;
    }
  }

95
96
97
98
99
100
101
  /*!
   * \brief Set a value in a session
   *
   * \param string $name Name of the session
   *
   * \param $value The new value
   */
102
  public static function global_set($name, $value)
103
104
105
106
  {
    $_SESSION[$name] = $value;
  }

107
108
109
110
111
  /*!
   * \brief Accessor of a session
   *
   * \param string $name Name of the session
   */
112
113
  public static function &get($name)
  {
114
115
116
    $channel = "";
    if (isset($_POST['_channel_'])) {
      $channel = $_POST['_channel_'];
117
118
119
    }

    /* Global fallback if not set */
120
    if ($channel == "") {
121
      $ret = &$_SESSION[$name];
122
      return $ret;
123
124
125
    }

    /* Sanity check */
126
    if (!session::channel_exists($channel)) {
127
      msg_dialog::display(_("Internal error"), _("Requested channel does not exist! Please contact your Administrator."), FATAL_ERROR_DIALOG);
128
      exit;
129
130
    }

131
132
133
    $channel  = "gch_".$channel;
    $ret      = &$_SESSION[$channel][$name];
    return $ret;
134
  }
135

136
137
138
139
140
  /*!
   * \brief Accessor of a session
   *
   * \param string $name Name of the session
   */
141
142
143
  public static function &global_get($name)
  {
    $ret = &$_SESSION[$name];
144
    return $ret;
145
146
  }

147
148
149
150
151
  /*!
   * \brief Delete a session
   *
   * \param string $name Name of the session to delete
   */
152
153
  public static function delete($name)
  {
154
155
156
    $channel = "";
    if (isset($_POST['_channel_'])) {
      $channel = $_POST['_channel_'];
157
158
159
    }

    /* Global fallback if not set */
160
161
    if ($channel == "") {
      if (isset($_SESSION[$name])) {
162
163
164
        unset($_SESSION[$name]);
      }
    } else {
165
      if (isset($_SESSION[$channel][$name])) {
166
167
168
169
170
        unset($_SESSION[$channel][$name]);
      }
    }
  }

171
172
173
174
175
  /*!
   * \brief Delete a session
   *
   * \param string $name Name of the session to delete
   */
176
177
  public static function global_delete($name)
  {
178
    if (isset($_SESSION[$name])) {
179
180
181
      unset($_SESSION[$name]);
    }
  }
182

183
184
185
186
187
  /*!
   * \brief Unset a session
   *
   * \param string $name Name of the session to delete
   */
188
189
  public static function un_set($name)
  {
190
    return session::delete($name);
191
192
  }

193
194
195
196
197
  /*!
   * \brief Unset a session
   *
   * \param string $name Name of the session to delete
   */
198
199
  public static function global_un_set($name)
  {
200
    return session::global_delete($name);
201
202
  }

203
204
  /*!
   * \brief Start a session
205
   */
206
  public static function start($id = NULL)
207
  {
208
    session_name("FusionDirectory");
209
    /* Set cookie lifetime to one day (The parameter is in seconds ) */
210
    session_set_cookie_params(24 * 60 * 60);
211
212

    /* Set cache limter to one day (parameter is minute !!)*/
213
    session_cache_expire(60 * 24);  // default is 180
214
215
216
217

    /* Set session max lifetime, to prevent the garbage collector to delete session before timeout.
       !! The garbage collector is a cron job on debian systems, the cronjob will fetch the timeout from
       the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
218
    ini_set("session.gc_maxlifetime", 24 * 60 * 60);
219
220
221
    if ($id !== NULL) {
      session_id($id);
    }
222
223
224
    session_start();

    /* Check for changed browsers and bail out */
225
226
    if (isset($_SESSION['HTTP_USER_AGENT'])) {
      if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) {
227
        session_destroy();
228
        session_name("FusionDirectory");
229
230
231
232
233
234
235
        session_start();
      }
    } else {
      $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
    }

    /* Regenerate ID to increase security */
236
    if (!isset($_SESSION['started'])) {
237
      session_regenerate_id();
238
      $_SESSION['started'] = TRUE;
239
240
241
    }
  }

242
243
  /*!
   * \brief Destroy a session
244
   */
245
246
247
248
249
  public static function destroy()
  {
    @session_destroy();
  }

250
251
  /*!
   * \brief Get all sessions
252
   */
253
254
255
  public static function &get_all()
  {
    $ret = &$_SESSION;
256
    return $ret;
257
  }
258
259
}
?>