diff options
Diffstat (limited to 'inc/session.inc.php')
-rw-r--r-- | inc/session.inc.php | 62 |
1 files changed, 46 insertions, 16 deletions
diff --git a/inc/session.inc.php b/inc/session.inc.php index b9adfcb..6718006 100644 --- a/inc/session.inc.php +++ b/inc/session.inc.php @@ -4,8 +4,8 @@ class Session { private static $sid = false; - private static $uid = false; private static $data = false; + private static $needUpdate = true; private static function generateSessionId() { @@ -26,7 +26,6 @@ class Session public static function create() { self::generateSessionId(); - self::$uid = 0; self::$data = array(); } @@ -38,20 +37,19 @@ class Session if (self::readSessionData()) return true; // Loading session data failed self::delete(); + return false; } public static function getUid() { - return self::$uid; + return self::get('uid'); } public static function setUid($value) { - if (self::$uid === false) - Util::traceError('Tried to set session data with no active session'); if (!is_numeric($value) || $value < 1) Util::traceError('Invalid user id: ' . $value); - self::$uid = $value; + self::set('uid', (int)$value); } public static function get($key) @@ -61,6 +59,16 @@ class Session return false; } + public static function set($key, $value) + { + if (!is_array(self::$data)) + Util::traceError('Tried to set session data with no active session'); + if (isset(self::$data[$key]) && self::$data[$key] === $value) + return; + self::$data[$key] = $value; + self::$needUpdate = true; + } + private static function loadSessionId() { if (self::$sid !== false) @@ -73,27 +81,49 @@ class Session self::$sid = $id; return true; } - + public static function delete() { if (self::$sid === false) return; Database::exec('DELETE FROM websession WHERE sid = :sid', array('sid' => self::$sid)); @setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true); self::$sid = false; - self::$uid = false; + self::$data = false; } - + public static function save() { - if (self::$sid === false || self::$uid === false || self::$uid === 0) + if (self::$sid === false || self::$data === false || !self::$needUpdate) return; - $ret = Database::exec('INSERT INTO websession (sid, userid, dateline) ' - . ' VALUES (:sid, :uid, UNIX_TIMESTAMP()) ' - . ' ON DUPLICATE KEY UPDATE userid = VALUES(userid), dateline = VALUES(dateline)', - array('sid' => self::$sid, 'uid' => self::$uid)); - if (!$ret) Util::traceError('Storing session data in dahdähbank failed.'); + $data = json_encode(self::$data); + $ret = Database::exec('INSERT INTO websession (sid, dateline, data) ' + . ' VALUES (:sid, UNIX_TIMESTAMP(), :data) ' + . ' ON DUPLICATE KEY UPDATE dateline = VALUES(dateline), data = VALUES(data)', + array('sid' => self::$sid, 'data' => $data)); + if ($ret === false) + Util::traceError('Storing session data in Dahdähbank failed.'); $ret = @setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true); - if (!$ret) Util::traceError('Error: Could not set Cookie for Client (headers already sent)'); + if ($ret === false) + Util::traceError('Error: Could not set Cookie for Client (headers already sent)'); } + + public static function readSessionData() + { + if (self::$sid === false || self::$data !== false) + Util::traceError('Tried to readSessionData on an active session!'); + $data = Database::queryFirst('SELECT dateline, data FROM websession WHERE sid = :sid LIMIT 1', array('sid' => self::$sid)); + if ($data === false) + return false; + if ($data['dateline'] + CONFIG_SESSION_TIMEOUT < time()) { + self::delete(); + return false; + } + self::$needUpdate = ($data['dateline'] + 3600 < time()); + self::$data = @json_decode($data['data'], true); + if (!is_array(self::$data)) + self::$data = array(); + return true; + } + } |