| [ Index ] |
|
Code source de PHPonTrax 2.6.6-svn |
1 <?php 2 /** 3 * File containing the Session class 4 * 5 * (PHP 5) 6 * 7 * @package PHPonTrax 8 * @version $Id: session.php 248 2006-08-23 06:24:54Z john $ 9 * @copyright (c) 2005 John Peterson 10 * 11 * Permission is hereby granted, free of charge, to any person obtaining 12 * a copy of this software and associated documentation files (the 13 * "Software"), to deal in the Software without restriction, including 14 * without limitation the rights to use, copy, modify, merge, publish, 15 * distribute, sublicense, and/or sell copies of the Software, and to 16 * permit persons to whom the Software is furnished to do so, subject to 17 * the following conditions: 18 * 19 * The above copyright notice and this permission notice shall be 20 * included in all copies or substantial portions of the Software. 21 * 22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 23 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 24 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 25 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 26 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 27 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 28 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 29 */ 30 31 /** 32 * Keep track of state of the client's session with the server 33 * 34 * Since there is no continuous connection between the client and the 35 * web server, there must be some way to carry information forward 36 * from one page to the next. PHP does this with a global array variable 37 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 38 * which is automatically restored from an area of the server's hard disk 39 * indicated by the contents of a cookie stored on the client's computer. 40 * This class is a static class with convenience methods for accessing the 41 * contents of $_SESSION. 42 * @tutorial PHPonTrax/Session.cls 43 */ 44 class Session { 45 46 /** 47 * Name of the session (used as cookie name). 48 */ 49 const TRAX_SESSION_NAME = "TRAXSESSID"; 50 51 /** 52 * Lifetime in seconds of cookie or, if 0, until browser is restarted. 53 */ 54 const TRAX_SESSION_LIFETIME = "0"; 55 56 /** 57 * After this number of minutes, stored data will be seen as 58 * 'garbage' and cleaned up by the garbage collection process. 59 */ 60 const TRAX_SESSION_MAXLIFETIME_MINUTES = "20"; 61 62 /** 63 * IP Address of client 64 * @var string 65 */ 66 private static $ip = null; 67 68 /** 69 * User Agent (OS, Browser, etc) of client 70 * @var string 71 */ 72 private static $user_agent = null; 73 74 /** 75 * Session started 76 * @var boolean 77 */ 78 private static $started = false; 79 80 /** 81 * Session ID 82 * @var string 83 */ 84 public static $id = null; 85 86 /** 87 * Get a session variable 88 * 89 * Fetch the contents from a specified element of 90 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 91 * @param mixed $key Key to identify one particular session variable 92 * of potentially many for this session 93 * @return mixed Content of the session variable with the specified 94 * key if the variable exists; otherwise null. 95 * @uses get_hash() 96 * @uses is_valid_host() 97 */ 98 function get($key) { 99 if(self::is_valid_host()) { 100 return $_SESSION[self::get_hash()][$key]; 101 } 102 return null; 103 } 104 105 /** 106 * Set a session variable 107 * 108 * Store a value in a specified element of 109 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 110 * @param mixed $key Key to identify one particular session variable 111 * of potentially many for this session 112 * @param string $value Value to store in the session variable 113 * identified by $key 114 * @uses get_hash() 115 * @uses is_valid_host() 116 * 117 */ 118 function set($key, $value) { 119 if(self::is_valid_host()) { 120 $_SESSION[self::get_hash()][$key] = $value; 121 } 122 } 123 124 /** 125 * Test whether the user host is as expected for this session 126 * 127 * Compare the REMOTE_ADDR and HTTP_USER_AGENT elements of 128 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.server $_SERVER} 129 * to the expected values for this session. 130 * @uses $ip 131 * @uses is_aol_host() 132 * @uses $user_agent 133 * @return boolean 134 * <ul> 135 * <li>true => User host is as expected</li> 136 * <li>false => User host NOT as expected</li> 137 * </ul> 138 */ 139 function is_valid_host() { 140 if(($_SERVER['REMOTE_ADDR'] == self::$ip || self::is_aol_host()) && 141 $_SERVER['HTTP_USER_AGENT'] == self::$user_agent) { 142 return true; 143 } 144 return false; 145 } 146 147 /** 148 * Test whether the client is an AOL user 149 * 150 * Check whether the domain name of the client's IP ends in 151 * "proxy.aol.com" or the client's user agent name includes "AOL" 152 * @return boolean 153 * <ul> 154 * <li>true => Client is on AOL</li> 155 * <li>false => Client from some other ISP</li> 156 * </ul> 157 */ 158 function is_aol_host() { 159 if(ereg("proxy\.aol\.com$", gethostbyaddr($_SERVER['REMOTE_ADDR'])) || 160 stristr($_SERVER['HTTP_USER_AGENT'], "AOL")) { 161 return true; 162 } 163 return false; 164 } 165 166 /** 167 * Get key that uniquely identifies this session 168 * 169 * Calculate a unique session key based on the session ID and 170 * user agent, plus the user's IP address if not on AOL. 171 * @uses is_aol_host() 172 * @uses md5() 173 * @uses session_id() 174 */ 175 function get_hash() { 176 $key = session_id().$_SERVER['HTTP_USER_AGENT']; 177 if(!self::is_aol_host()) { 178 $key .= $_SERVER['REMOTE_ADDR']; 179 } 180 // error_log('get_hash() returns '.md5($key)); 181 return md5($key); 182 } 183 184 /** 185 * Start or continue a session 186 * 187 * @uses ini_set() 188 * @uses $ip 189 * @uses is_valid_host() 190 * @uses session_id() 191 * @uses session_start() 192 * @uses $user_agent 193 */ 194 function start() { 195 196 if(!self::$started) { 197 $session_name = defined("TRAX_SESSION_NAME") ? TRAX_SESSION_NAME : self::TRAX_SESSION_NAME; 198 $session_lifetime = defined("TRAX_SESSION_LIFETIME") ? TRAX_SESSION_LIFETIME : self::TRAX_SESSION_LIFETIME; 199 $session_maxlifetime_minutes = defined("TRAX_SESSION_MAXLIFETIME_MINUTES") ? TRAX_SESSION_MAXLIFETIME_MINUTES : self::TRAX_SESSION_MAXLIFETIME_MINUTES; 200 201 # set the session default for this app 202 ini_set('session.name', $session_name); 203 ini_set('session.cookie_lifetime', $session_lifetime); 204 ini_set('session.gc_probability', 1); 205 ini_set('session.gc_maxlifetime', $session_maxlifetime_minutes * 60); 206 207 header('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"'); 208 209 self::$ip = $_SERVER['REMOTE_ADDR']; 210 self::$user_agent = $_SERVER['HTTP_USER_AGENT']; 211 212 if(self::is_valid_host() && array_key_exists('sess_id',$_REQUEST)) { 213 session_id($_REQUEST['sess_id']); 214 } 215 216 session_cache_limiter("must-revalidate"); 217 session_start(); 218 self::$id = session_id(); 219 self::$started = true; 220 } 221 } 222 223 /** 224 * Destroy the user's session 225 * 226 * Destroy all data registered to a session 227 * 228 * @uses session_destroy() 229 */ 230 function destory_session() { 231 session_destroy(); 232 } 233 234 /** 235 * Free all session variables currently registered 236 * 237 * @uses get_hash() 238 * @uses session_unset() 239 */ 240 function unset_session() { 241 session_unset($_SESSION[self::get_hash()]); 242 } 243 244 /** 245 * Unset a session variable 246 * 247 * Unset the variable in 248 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 249 * identified by key $key 250 * @uses get_hash() 251 * @uses is_valid_host() 252 */ 253 function unset_var($key) { 254 // error_log('Session::unset_var("'.$key.'")'); 255 if(self::is_valid_host()) { 256 // error_log('before unsetting SESSION='.var_export($_SESSION,true)); 257 unset($_SESSION[self::get_hash()][$key]); 258 // error_log('after unsetting SESSION='.var_export($_SESSION,true)); 259 } 260 } 261 262 /** 263 * Test whether a session variable is defined in $_SESSION 264 * 265 * Check the 266 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 267 * array for the existance of a variable identified by $key 268 * @param mixed $key Key to identify one particular session variable 269 * of potentially many for this session 270 * @return boolean 271 * <ul> 272 * <li>true => The specified session variable is 273 * defined.</li> 274 * <li>false => The specified session variable is 275 * not defined.</li> 276 * </ul> 277 * @uses get_hash() 278 * @uses is_valid_host() 279 */ 280 function isset_var($key) { 281 if(self::is_valid_host()) { 282 if($_SESSION[self::get_hash()][$key]) { 283 return true; 284 } 285 } 286 return false; 287 } 288 289 /** 290 * Test whether there is a flash message to be shown 291 * 292 * Check whether the 293 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 294 * array for this session contains a 295 * flash message to be shown to the user. 296 * @param mixed $key Key to identify one particular flash message 297 * of potentially many for this session 298 * @return boolean 299 * <ul> 300 * <li>true => A flash message is present</li> 301 * <li>false => No flash message is present</li> 302 * </ul> 303 * @uses get_hash() 304 * @uses is_valid_host() 305 */ 306 function isset_flash($key) { 307 if(self::is_valid_host()) { 308 if(array_key_exists(self::get_hash(), $_SESSION) 309 && array_key_exists('flash',$_SESSION[self::get_hash()]) 310 && array_key_exists($key, 311 $_SESSION[self::get_hash()]['flash'])) { 312 return true; 313 } 314 } 315 return false; 316 } 317 318 /** 319 * Get or set a flash message 320 * 321 * A flash message is a message that will appear prominently on 322 * the next screen to be sent to the user. Flash 323 * messages are intended to be shown to the user once then erased. 324 * They are stored in the 325 * {@link http://www.php.net/manual/en/reserved.variables.php#reserved.variables.session $_SESSION} 326 * array for the user's session. 327 * 328 * @param mixed $key Key to identify one particular flash message 329 * of potentially many for this session 330 * @param string $value Content of the flash message if present 331 * @return mixed Content of the flash message with the specified 332 * key if $value is null; otherwise null. 333 * @uses get_hash() 334 * @uses is_valid_host() 335 */ 336 function flash($key, $value = null) { 337 if(self::is_valid_host()) { 338 if($value) { 339 $_SESSION[self::get_hash()]['flash'][$key] = $value; 340 } else { 341 $value = $_SESSION[self::get_hash()]['flash'][$key]; 342 unset($_SESSION[self::get_hash()]['flash'][$key]); 343 return $value; 344 } 345 } 346 } 347 } 348 349 // -- set Emacs parameters -- 350 // Local variables: 351 // tab-width: 4 352 // c-basic-offset: 4 353 // c-hanging-comment-ender-p: nil 354 // indent-tabs-mode: nil 355 // End: 356 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 20:04:38 2007 | par Balluche grâce à PHPXref 0.7 |