diff options
author | Nathan Gass | 2012-03-22 18:18:42 +0000 |
---|---|---|
committer | Nathan Gass | 2012-03-22 18:18:42 +0000 |
commit | d59a4921188753dbe4c0161081755a28112c3ef6 (patch) | |
tree | 81496414d988f37f1db9d92c9750d888ffa13746 /devel-utf8/it_session.class | |
parent | ca11771e8fad5fef96615df4c44e04b8fb60ac31 (diff) | |
download | itools-d59a4921188753dbe4c0161081755a28112c3ef6.tar.gz itools-d59a4921188753dbe4c0161081755a28112c3ef6.tar.bz2 itools-d59a4921188753dbe4c0161081755a28112c3ef6.zip |
Branch itools/devel-utf8 created
Diffstat (limited to 'devel-utf8/it_session.class')
-rw-r--r-- | devel-utf8/it_session.class | 247 |
1 files changed, 247 insertions, 0 deletions
diff --git a/devel-utf8/it_session.class b/devel-utf8/it_session.class new file mode 100644 index 0000000..ed99842 --- /dev/null +++ b/devel-utf8/it_session.class @@ -0,0 +1,247 @@ +<?php +/* +** $Id$ +** +** Copyright (C) 1995-2007 by the ITools Authors. +** This file is part of ITools - the Internet Tools Library +** +** ITools is free software; you can redistribute it and/or modify +** it under the terms of the GNU General Public License as published by +** the Free Software Foundation; either version 3 of the License, or +** (at your option) any later version. +** +** ITools is distributed in the hope that it will be useful, +** but WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +** GNU General Public License for more details. +** +** You should have received a copy of the GNU General Public License +** along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* Default values */ +define('_IT_SESSION_COOKIE', 'SESSION'); +define('_IT_SESSION_COOKIE_EXPIRY', 0); +define('_IT_SESSION_LIFETIME', 3600); + +class it_session +{ + /* PRIVATE */ + var $cookiename; /* Cookie to store session */ + var $cookie; /* Session identifier of this session */ + var $uid; /* Session user id */ + var $domain = ''; /* Session domain (e.g. ".relog.ch") */ + var $address = ''; /* Guessed IP address of client */ + var $ssl; /* Session using SSL? */ + var $lifetime; /* Session life-time in seconds */ + var $secret; /* Session secret to generate session ids */ + var $now; /* This session start time slot */ + var $prev; /* Previous session start time slot */ + var $hascookies; /* Do cookies work? Used by has_cookies() */ + +/* Constructor */ +function it_session() +{ + $this->cookiename = _IT_SESSION_COOKIE; + $this->lifetime = _IT_SESSION_LIFETIME; +/* + * NOTE: Does not work with dynamic IPs (dialup with low timeout, + * load balanced Proxies and maybe more weird stuff). + * $this->address = $_SERVER['REMOTE_ADDR'] . '/' . $_SERVER['HTTP_X_FORWARDED_FOR']; + */ + $this->ssl = !empty($_SERVER['HTTPS']); +} + + +function set_cookiename($cookiename) +{ + if ($cookiename) + $this->cookiename = $cookiename; +} + + +function get_uid() +{ + return $this->uid; +} + + +function set_uid($uid) +{ + $this->uid = $uid; +} + + +function set_domain($domain) +{ + $this->domain = $domain; +} + + +function set_lifetime($lifetime) +{ + $this->lifetime = $lifetime; +} + + +function set_secret($secret) +{ + $this->secret = $secret; +} + + +function init() +{ + if (empty($this->secret)) + it::fatal('it_session requires secret to be set'); + + /* Got a cookie? */ + if ($this->hascookies = isset($_COOKIE[$this->cookiename])) + $this->cookie = $_COOKIE[$this->cookiename]; + else + $this->cookie = ''; + #debug("hascookies '$this->hascookies', '$this->cookie', " . $_COOKIE[$this->cookiename]); + + $now = time(); + /* + * Valid time range is now - 1/2 lifetime to now + 1/2 lifetime + * I.e. session has to be either from start or now + */ + $this->now = $now - ($now % ($this->lifetime / 2)); + $this->prev = $this->now - ($this->lifetime / 2); + + /* Set user id from valid session */ + $this->uid = substr($this->cookie, 1, strlen($this->cookie) - 33); + + if (!$this->is_valid()) + $this->uid = ""; + + #debug("it_session::new session=$this->cookie, user=$this->uid"); +} + + +/* INTERNAL: Create session id from session data */ +function _mkcookie($uid, $timeslot) +{ + return "A" . $uid . md5("$uid,$this->domain,$this->address,$this->secret,$timeslot"); +} + + +/* Check if this session is valid */ +function is_valid() +{ + $result = true; + + if ($this->_mkcookie($this->uid, $this->now) != $this->cookie) + { + /* Check if using id from previous time slot */ + if ($this->_mkcookie($this->uid, $this->prev) == $this->cookie) + $this->set_valid(); /* Rejuvenate session */ + else + $result = false; + } + + return $result; +} + + +/* + * Validate this session + * @param $valid Should this session be validated or invalidated? + * @param $login_identifier_required Does session validation require login magic? + * @param $login_identifier Session validation magic cookie to be checked + * @return true if successful + */ +function set_valid($valid = true, $login_identifier_required = false, $login_identifier = "") +{ + $result = false; + + if ($valid && (!$login_identifier_required || ($login_identifier == $this->_mkcookie("", $this->cookie)))) + { + $this->cookie = $this->_mkcookie($this->uid, $this->now); + $result = true; + } + else + { + $this->cookie = md5(uniqid(rand())); /* random garbage */ + $result = !$valid; /* Setting to invalid succeeded or setting to valid failed */ + } + + @setcookie($this->cookiename, $this->cookie, _IT_SESSION_COOKIE_EXPIRY, "/", $this->domain, $this->ssl, true); + $_COOKIE[$this->cookiename] = $this->cookie; + + return $result; +} + + +function purge() +{ + $this->cookie = ""; + $_COOKIE[$this->cookiename] = ""; + $this->uid = ""; +} + + +/* + * Create a login identifier and set session to login identifier 'secret' value + * Returns a value to be put into the login <form> which has to be passed to + * set_valid() to create a valid session + */ +function create_login_identifier() +{ + if (!$this->cookie) + { + $this->cookie = md5(uniqid(rand())); /* random garbage */ + @setcookie($this->cookiename, $this->cookie, _IT_SESSION_COOKIE_EXPIRY, "/", $this->domain, $this->ssl, true); + } + + $login_identifier = $this->_mkcookie("", $this->cookie); + + return $login_identifier; +} + +/* + * Check if cookies are enabled. + * NOTE: Only works if you used create_login_identifier() on previous page + */ +function has_cookies() +{ + return $this->hascookies; +} + + +/* + * Sign string for current session + * @param $text Text to be signed + * @return Signature for $text + */ +function _sign($text, $timeslot) +{ + return "B" . md5("$text,$this->uid,$this->domain,$this->address,$this->secret,$timeslot"); +} + +/* + * Sign string for current session + * @param $text Text to be signed + * @return Signature for $text + */ +function create_signature($text) +{ + return $this->_sign($text, $this->now); +} + +/* + * Check signature for string for current session + * @param $text Text which was signed + * @param $signature Signature to be checked + * @return True if signature ok, false otherwise + */ +function check_signature($text, $signature) +{ + return (($this->_sign($text, $this->now) == $signature) || + ($this->_sign($text, $this->prev) == $signature)); +} + +} /* End class it_user */ + +?> |