[ Index ]

PHP Cross Reference of Eventum

title

Body

[close]

/include/ -> class.session.php (source)

   1  <?php
   2  /* vim: set expandtab tabstop=4 shiftwidth=4 encoding=utf-8: */
   3  // +----------------------------------------------------------------------+
   4  // | Eventum - Issue Tracking System                                      |
   5  // +----------------------------------------------------------------------+
   6  // | Copyright (c) 2003, 2004, 2005, 2006, 2007 MySQL AB                  |
   7  // |                                                                      |
   8  // | This program is free software; you can redistribute it and/or modify |
   9  // | it under the terms of the GNU General Public License as published by |
  10  // | the Free Software Foundation; either version 2 of the License, or    |
  11  // | (at your option) any later version.                                  |
  12  // |                                                                      |
  13  // | This program is distributed in the hope that it will be useful,      |
  14  // | but WITHOUT ANY WARRANTY; without even the implied warranty of       |
  15  // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        |
  16  // | GNU General Public License for more details.                         |
  17  // |                                                                      |
  18  // | You should have received a copy of the GNU General Public License    |
  19  // | along with this program; if not, write to:                           |
  20  // |                                                                      |
  21  // | Free Software Foundation, Inc.                                       |
  22  // | 59 Temple Place - Suite 330                                          |
  23  // | Boston, MA 02111-1307, USA.                                          |
  24  // +----------------------------------------------------------------------+
  25  // | Authors: Bryan Alsdorf <bryan@mysql.com>                             |
  26  // +----------------------------------------------------------------------+
  27  //
  28  // @(#) $Id: class.session.php 3246 2007-02-09 09:10:12Z glen $
  29  //
  30  
  31  require_once (APP_INC_PATH . "class.error_handler.php");
  32  require_once (APP_INC_PATH . "class.setup.php");
  33  
  34  /**
  35   * Wrapper class for sessions. This is an initial bare bones implementation.
  36   * Additional methods will be later as needed.
  37   *
  38   * @version 1.0
  39   * @author Bryan Alsdorf <bryan@mysql.com>
  40   */
  41  
  42  class Session
  43  {
  44      /**
  45       * Sets the passed variable in the session using the specified name.
  46       * 
  47       * @access  public
  48       * @param   string $name Name to store variable under.
  49       * @param   mixed $var Variable to store in session.
  50       */
  51      function set($name, $var)
  52      {
  53          GLOBAL $_SESSION;
  54          $_SESSION[$name] = $var;
  55      }
  56      
  57      
  58      /**
  59       * Returns the session variable specified by $name
  60       * 
  61       * @access  public
  62       * @param   string $name The name of variable to be returned.
  63       * @return  mixed The session variable.
  64       */
  65      function get($name)
  66      {
  67          GLOBAL $_SESSION;
  68          return @$_SESSION[$name];
  69      }
  70      
  71      
  72      /**
  73       * Returns true if the session variable $name is set, false otherwise.
  74       * 
  75       * @access  public
  76       * @param   string $name The name of the variable to check.
  77       * @return  boolean If the variable is set
  78       */
  79      function is_set($name)
  80      {
  81          GLOBAL $_SESSION;
  82          return isset($_SESSION[$name]);
  83      }
  84  
  85  
  86      /**
  87       * Initialize the session
  88       *
  89       * @access  public
  90       * @param   integer $usr_id The ID of the user
  91       */
  92      function init($usr_id)
  93      {
  94          @session_start();
  95  
  96          // clear all old session variables
  97          $_SESSION = array();
  98  
  99          // regenerate ID to prevent session fixation
 100          session_regenerate_id();
 101  
 102          // set the IP in the session so we can check it later
 103          $_SESSION['login_ip'] = $_SERVER['REMOTE_ADDR'];
 104  
 105          // store user ID in session
 106          $_SESSION['usr_id'] = $usr_id;// XXX: Should we perform checks on this usr ID before accepting it?
 107      }
 108  
 109  
 110      /**
 111       * Verify that the current request to use the session has the same IP address as the request that started it.
 112       *
 113       * @access  public
 114       * @param   integer $usr_id The ID of the user
 115       */
 116      function verify($usr_id)
 117      {
 118          @session_start();
 119  
 120          // Don't check the IP of the session, since this caused problems for users that use a proxy farm that uses
 121          // a different IP address each page load.
 122          if (!Session::is_set('usr_id')) {
 123              Session::init($usr_id);
 124          }
 125      }
 126  
 127  
 128      /**
 129       * Destroys the current session
 130       */
 131      function destroy()
 132      {
 133          @session_destroy();
 134      }
 135  }
 136  
 137  // benchmarking the included file (aka setup time)
 138  if (APP_BENCHMARK) {
 139      $GLOBALS['bench']->setMarker('Included Session Class');
 140  }


Generated: Wed Dec 19 21:21:33 2007 Cross-referenced by PHPXref 0.7