API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 16th, 2011
47
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.77 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4. * @package R4D1G1N3
  5. * @author Reactorx2
  6. * @version 0.2.0
  7. * @category Class
  8. * @name Session Manager
  9. * @description
  10. * <--(HU)--
  11. *
  12. * -->
  13. */
  14.  
  15. if(!defined("ROOT"))die;
  16.  
  17. define('SESSION_NEED_RELOAD_RIGHTS', 1);
  18. define('SESSION_IS_OK', 0);
  19. define('SESSION_INVALID_SESSIONID', -1);
  20. define('SESSION_NONEXISTENT_SESSION', -2);
  21. define('SESSION_REQUEST_TIMEOUT_EXPIRED', -3);
  22. define('SESSION_GLOBAL_TIMEOUT_EXPIRED', -4);
  23.  
  24. abstract class SESSION_MANAGER{
  25. static private function Validate(){
  26. if(!isset($_COOKIE[SESSION_NAME])) return SESSION_NONEXISTENT_SESSION; else $sid = $_COOKIE[SESSION_NAME];
  27.  
  28. $S = NEW MYSQL_SELECT();
  29. $S->execute('SELECT s_id, UNIX_TIMESTAMP(s_modified) as s_modified, s_remote_addr, s_check_remote_addr, s_http_user_agent, s_check_http_user_agent, s_rgt_modified FROM sessions WHERE s_hash = "'.STRINGS::Secure($sid).'" LIMIT 1');
  30. $r = $S->get_result_array(false);
  31. unset($S);
  32. if(count($r) == 0) return SESSION_NONEXISTENT_SESSION;
  33. else if($r[0]['s_modified'] + SESSION_GLOBAL_TIMEOUT < time()) return SESSION_GLOBAL_TIMEOUT_EXPIRED;
  34. else if($r[0]['s_modified'] + SESSION_REQUEST_TIMEOUT < time()) return SESSION_REQUEST_TIMEOUT_EXPIRED;
  35. else if( ($r[0]['s_check_http_user_agent'] == 1 && $r[0]['s_http_user_agent'] != $_SERVER['HTTP_USER_AGENT']) or
  36. ($r[0]['s_check_remote_addr'] == 1 && $r[0]['s_remote_addr'] != $_SERVER['REMOTE_ADDR'])) return SESSION_INVALID_SESSIONID;
  37. else if($r[0]['s_rgt_modified'] == 1) return SESSION_NEED_RELOAD_RIGHTS;
  38. return SESSION_IS_OK;
  39. }
  40.  
  41. static private function Delete_garbage(){
  42. $Q = NEW MYSQL_QUERY();
  43. $Q->execute('DELETE FROM sessions WHERE UNIX_TIMESTAMP(s_modified)+'.SESSION_GLOBAL_TIMEOUT.' < '.time().' LIMIT 10');
  44. unset($Q);
  45. }
  46.  
  47. static public function Auth($u_id = null){
  48. $old_sid = session_id();
  49. session_regenerate_id(true);
  50. $new_sid = session_id();
  51.  
  52. $Q = NEW MYSQL_QUERY();
  53. $Q->execute('UPDATE sessions SET s_hash = "'.$new_sid.'", s_u_id='.(is_null($u_id)?'null':'"'.$u_id.'"').' , s_rgt_modified = 1 WHERE s_hash = "'.$old_sid.'" LIMIT 1');
  54. unset($Q);
  55. }
  56.  
  57. static public function Manage(){
  58. switch(self::Validate()){
  59. case SESSION_IS_OK:
  60. self::Update();
  61. break;
  62. case SESSION_GLOBAL_TIMEOUT_EXPIRED:
  63. self::RegisterNew();
  64. break;
  65. case SESSION_REQUEST_TIMEOUT_EXPIRED:
  66.  
  67. break;
  68. case SESSION_NONEXISTENT_SESSION:
  69. self::RegisterNew();
  70. break;
  71. case SESSION_INVALID_SESSIONID:
  72. self::RegisterNew();
  73. break;
  74. case SESSION_NEED_RELOAD_RIGHTS:
  75. self::Update(true);
  76. USER_MANAGER::LoadRights();
  77. break;
  78. default:
  79. die('Error in session management');
  80. break;
  81. }
  82. }
  83.  
  84. static private function RegisterNew($chk_ua=true, $chk_ra=false){
  85. setcookie(SESSION_NAME,'',time()-3600);
  86. self::Delete_garbage();
  87. session_start();
  88. $new_sessId = session_id();
  89. $c = array(
  90. 's_hash' => $new_sessId,
  91. 's_http_user_agent' => STRINGS::Secure($_SERVER['HTTP_USER_AGENT']),
  92. 's_check_http_user_agent' => $chk_ua,
  93. 's_remote_addr' => STRINGS::Secure($_SERVER['REMOTE_ADDR']),
  94. 's_check_remote_addr' => $chk_ra,
  95. 's_added' => 'NOW()',
  96. 's_modified' => 'NOW()'
  97. );
  98.  
  99. $al = AUTOLOGIN::Check();
  100.  
  101. if(!is_null($al)){
  102. $_SESSION['USER'] = new USER($al['u_id'], $al['u_name']);
  103. $c['s_u_id'] = $al['u_id'];
  104. } else $_SESSION['USER'] = new USER();
  105.  
  106. $_SESSION['SETTINGS'] = new SETTINGS();
  107.  
  108. $rns_i = new MYSQL_INSERT();
  109. $rns_i->insert_record("sessions", $c, array('s_added'=>true, 's_modified'=>true));
  110. unset($rns_i);
  111. }
  112.  
  113. static private function Update($reset_rgts=false){
  114. session_start();
  115. $sid = session_id();
  116. $Q = NEW MYSQL_QUERY();
  117. $Q->execute('UPDATE sessions SET s_modified = NOW() '.(($reset_rgts)?', s_rgt_modified = 0 ':'').' WHERE s_hash = "'.$sid.'" LIMIT 1');
  118. unset($Q);
  119. $_SESSION['SETTINGS']->Update();
  120. }
  121.  
  122. static public function Destroy(){
  123. $sid = session_id();
  124. $Q = NEW MYSQL_QUERY();
  125. $Q->execute('DELETE FROM sessions WHERE s_hash = "'.$sid.'" LIMIT 1');
  126. session_destroy();
  127. unset($Q);
  128. }
  129.  
  130. }
  131. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!