Campustream 1.0
A social network MQP for WPI
|
00001 <?php 00002 00003 class Session { 00004 00005 private $prefix = ''; 00006 private $domain = ''; 00007 private $sess_object = ''; 00008 00009 function __construct() { 00010 00011 require($GLOBALS['APPROOT'] . 'application/config/sessions.php'); 00012 00013 if(!empty($SESSION_HANDLER) && strlen($SESSION_HANDLER) > 0) { 00014 ini_set('session.save_handler', $SESSION_HANDLER); 00015 ini_set('session.gc_maxlifetime', 86400); 00016 ini_set('session.save_path', $SESSION_SAVE_PATH); 00017 } 00018 00019 $this->prefix = $SESSION_PREFIX; 00020 $this->domain = $SESSION_DOMAIN; 00021 $this->sess_object = $SESSION_OBJECT; 00022 00023 session_set_cookie_params( time() + 86400, '/', $this->domain); 00024 session_name('hub'); // increment the session version if you want to kill old sessions 00025 session_start(); 00026 00027 if ( isset( $_COOKIE['hub_auth1'] ) && ! $this->get('authenticated') ) { 00028 $this->rebuild_session(); 00029 } 00030 } 00031 00032 public function rebuild_session() { 00033 00034 $cookie = SignedCookie::unserialize('hub_auth1'); 00035 00036 $sess_key = DatabaseManager::escape( $cookie['sess_key'] ); 00037 $class = $this->sess_object; 00038 $sess_obj = $class::get_session_object($sess_key); 00039 00040 if ( ! $sess_obj->is_loaded() ) { 00041 // someone is messing with the cookie or it's corrupted, so let's erase it. 00042 setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain ); 00043 return false; 00044 } 00045 00046 $secrets = array( 'sess_secret' => $sess_obj->get_session_secret() ); 00047 00048 if ( SignedCookie::verify($cookie, $secrets) === false ) { 00049 // someone is messing with the cookie or it's corrupted, so let's erase it. 00050 setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain ); 00051 return false; 00052 } 00053 00054 $this->set_session($user); 00055 00056 } 00057 00058 public function set_session(SessionObject $obj, $cookie=true) { 00059 00060 if(!$obj->is_loaded()) { 00061 return false; 00062 } 00063 00064 // Turn this session into an authenticated one 00065 $this->set( 'authenticated', true ); 00066 $this->set('sess_key', $obj->get_session_key()); 00067 00068 if($cookie) { 00069 $params = $obj->get_session_params(); 00070 $secrets = array( 'sess_secret' => $obj->get_session_secret() ); 00071 00072 SignedCookie::create( 'hub_auth1', $params, $secrets ); 00073 } 00074 00075 return true; 00076 00077 } 00078 00079 public function get_session_object() { 00080 $class = $this->sess_object; 00081 return $class::get_session_object($this->get('sess_key')); 00082 } 00083 00084 public function set($key, $value) { 00085 $this->_set( $this->prefix . '_' . $key ,$value ); 00086 } 00087 00088 public function get($key) { 00089 return $this->_get( $this->prefix . '_' . $key ); 00090 } 00091 00092 private function _set($key, $value) { 00093 $_SESSION[$key] = $value; 00094 } 00095 00096 private function _get($key) { 00097 return $_SESSION[$key]; 00098 } 00099 00100 public function destroy() { 00101 00102 $_SESSION = array(); 00103 00104 if(isset($_COOKIE[session_name()])) { 00105 setcookie(session_name(), '', time()-42000, '/'); 00106 } 00107 00108 setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain ); 00109 00110 session_destroy(); 00111 00112 } 00113 00114 }