Campustream 1.0
A social network MQP for WPI
core/lib/session.php
Go to the documentation of this file.
00001 <?php
00002 
00003 class Session {
00004         
00005         private $prefix = '';
00006         private $domain = '';
00007         private $sess_object = '';
00008         
00009         function __construct() {
00010                 
00011                 require($GLOBALS['APPROOT'] . 'application/config/sessions.php');
00012                 
00013                 if(!empty($SESSION_HANDLER) && strlen($SESSION_HANDLER) > 0) {
00014                         ini_set('session.save_handler',  $SESSION_HANDLER);
00015                         ini_set('session.gc_maxlifetime', 86400);
00016                         ini_set('session.save_path', $SESSION_SAVE_PATH);
00017                 }
00018                 
00019                 $this->prefix = $SESSION_PREFIX;
00020                 $this->domain = $SESSION_DOMAIN;
00021                 $this->sess_object = $SESSION_OBJECT;
00022                 
00023                 session_set_cookie_params( time() + 86400, '/', $this->domain);
00024                 session_name('hub'); // increment the session version if you want to kill old sessions
00025                 session_start();
00026                 
00027                 if ( isset( $_COOKIE['hub_auth1'] ) && ! $this->get('authenticated') ) {
00028                         $this->rebuild_session();
00029                 }
00030         }
00031         
00032         public function rebuild_session() {
00033                 
00034                 $cookie = SignedCookie::unserialize('hub_auth1');
00035 
00036                 $sess_key = DatabaseManager::escape( $cookie['sess_key'] );
00037                 $class = $this->sess_object;
00038                 $sess_obj = $class::get_session_object($sess_key);
00039                 
00040                 if ( ! $sess_obj->is_loaded() ) {
00041                         // someone is messing with the cookie or it's corrupted, so let's erase it.
00042                         setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain );
00043                         return false;
00044                 }
00045                 
00046                 $secrets = array( 'sess_secret' => $sess_obj->get_session_secret() );
00047                 
00048                 if ( SignedCookie::verify($cookie, $secrets) === false ) {
00049                         // someone is messing with the cookie or it's corrupted, so let's erase it.
00050                         setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain );
00051                         return false;
00052                 }
00053                 
00054                 $this->set_session($user);
00055                 
00056         }
00057         
00058         public function set_session(SessionObject $obj, $cookie=true) {
00059                 
00060                 if(!$obj->is_loaded()) {
00061                         return false;
00062                 }
00063 
00064                 // Turn this session into an authenticated one
00065                 $this->set( 'authenticated', true );
00066                 $this->set('sess_key', $obj->get_session_key());
00067                 
00068                 if($cookie) {
00069                         $params  = $obj->get_session_params();
00070                         $secrets = array( 'sess_secret' => $obj->get_session_secret() );
00071                         
00072                         SignedCookie::create( 'hub_auth1', $params, $secrets );
00073                 }
00074                 
00075                 return true;
00076                 
00077         }
00078         
00079         public function get_session_object() {
00080                 $class = $this->sess_object;
00081                 return $class::get_session_object($this->get('sess_key'));
00082         }
00083         
00084         public function set($key, $value) {
00085                 $this->_set( $this->prefix . '_' . $key ,$value );
00086         }
00087         
00088         public function get($key) {
00089                 return $this->_get( $this->prefix . '_' . $key );
00090         }
00091         
00092         private function _set($key, $value) {
00093                 $_SESSION[$key] = $value;
00094         }
00095         
00096         private function _get($key) {
00097                 return $_SESSION[$key];
00098         }
00099                         
00100         public function destroy() {
00101 
00102                 $_SESSION = array();
00103 
00104                 if(isset($_COOKIE[session_name()])) {
00105                         setcookie(session_name(), '', time()-42000, '/');
00106                 }
00107                 
00108                 setcookie( 'hub_auth1', false, time()-42000, '/', $this->domain );
00109 
00110                 session_destroy();
00111 
00112         }
00113         
00114 }