Skip to content

RA session

Jump to bottom Edit New page
World Wide Web Server edited this page Jul 4, 2012 · 13 revisions

Category:Session

Category:Libraries::Session A session library from systemsos [code] class RA_Session { var $CI; var $now; var $use_native_sessions = TRUE; //Don't turn me off either - cause native sessions FTW! var $sess_encryption = TRUE; //Don't turn me off if you are using non-native sessions please. That'd be silly. var $sess_match_ip = TRUE; //I gotta come from the same IP as the associated session - OR I WON'T LIKE YOU var $sess_match_useragent = TRUE; //I gotta come from the same USERAGENT as the associated session - OR I WON'T LIKE YOU var $sess_name = 'ra_session'; //Name our session cookie. The Remember cookie with be that + 'remember' var $sess_length = 2419200; //4 Weeks to keep Cookie on client's computer, time renewed when accessed again //If the value is > 0 - the user will be "kept-logged-in". This value needs to be able to //change on a per user basis. var $userdata = array(); //The User's data to store

function RA_Session()
{
    $this->CI =& get_instance();
    
    log_message('debug', "RA Session Class Initialized");
    //Shouldn't the next three lines be in the normal session library too? Other wise I can't see a point setting a default value in the "class".
    if ($this->CI->config->item('sess_encryption') != FALSE) {
        $this->sess_encryption = $this->CI->config->item('sess_encryption');
    }
    if ($this->sess_encryption) {
        $this->CI->load->library('encrypt');
    }
    //End my little changes to the encryption bit
    $this->sess_run();
}

function sess_id() { return session_id(); }

function sess_run()
{
    //Let's work out what our expire time shall be for the cookies :-)
    if (strtolower($this->CI->config->item('time_reference')) == 'gmt') {
        $now = time();
        $this-now = mktime(gmdate("H", $now), gmdate("i", $now), gmdate("s", $now), gmdate("m", $now), gmdate("d", $now), gmdate("Y", $now));
        
        if (strlen($this->now < 10) {
            $this-now = time();
            log_message('error', 'The RA session class could not set a proper GMT timestampt. local time() used instead');
        }
    } else {
        $this->now = time();
    }
    
    $expiration = $this->CI->config->item('sess_expiration');
    
    if (is_numeric($expiration)) {
        if ($expiCItion > 0) {
            $this->sess_length = $this->CI->config->item('sess_expiration');
        } else {
            $this->sess_length = (60*60*24*365);  //default cookie length if config was incorrectly setup
        }
    }
    $this->sess_length = $this->sess_length + time();
        
    if ($this->CI->config->item('sess_name') != FALSE) {
        $this->sess_name = $this->CI->config->item['cookie_prefix'] . $this->CI->config->item['sess_name'];
    }
    
    //Now - this is where I go crazy in the code... I've abandoned all logic.
    if ($this->CI->config->item('use_native_sessions') != FALSE) {
        $this->use_native_sessions = $this->CI->config->item('use_native_sessions');
    }
    
    if ($this->use_native_sessions) {
        //We will be using PHP's native sessions and store userdata on the server
        //So lets start by naming our session!
        session_name($this->sess_name);
        ini_set('session.cookie_lifetime', $this->sess_length);
        ini_set('session.gc_maxlifetime', $this->sess_length);
        session_start();
        //And that's it for native sessions... 
    } else {
        //We're using cookies only. Here we go! AND I'M GOING TO CHEAT!
        session_name($this->sess_name);
        ini_set('session.cookie_lifetime', $this->sess_length);
        ini_set('session.gc_maxlifetime', $this->sess_length);
        ini_set('session.use_only_cookies', 1);
        session_start();
    }
    
    //Lets do our session check against IP here... I mean - what better time to check?....
    if ($this->CI->config->item('sess_match_ip') != FALSE) {
        $this->sess_match_ip = $this->CI->config->item('sess_match_ip');
    }
    if ($this->sess_match_ip == TRUE) {
        if (!isset($_SESSION['ip_address']) {
            //If the session doesn't contain the IP address, this is their first visit, lets GRAB IT!
            $this->_ra_encode($_SESSION['ip_address']) = $this->CI->input->ip_address();
        } else {
            //There is no need to check is 1=1 right? We'll stick this part in the else statement to speed things up
            if ($this->_ra_decode($_SESSION['ip_address']) != $this->CI->input->ip_address()) {
                    //Uoh - We're  matching IPs here and they don't match to your session... That's not good....
                    $this->sess_destory();
                    return FALSE;
                }
            }
        }
    }
    
    //Lets do our session check against USERAGENT here... I mean - what better time to check?....
    if ($this->CI->config->item('sess_match_useragent') != FALSE) {
        $this->sess_match_useragent = $this->CI->config->item('sess_match_useragent');
    }
    if ($this->sess_match_useragent == TRUE) {
        if (!isset($_SESSION['user_agent']) {
            //If the session doesn't contain the user_agent yet - this is their first visit, lets GRAB IT!
            $this->_ra_encode($_SESSION['user_agent']) = trim(substr($this->CI->input->user_agent(), 0, 50));
        } else {
            //There is no need to check is 1=1 right? We'll stick this part in the else statement to speed things up
            if ($this->_ra_decode($_SESSION['user_agent']) != trim(substr($this->CI->input->user_agent()), 0, 50)) {
                    //Uoh - We're  matching IPs here and they don't match to your session... That's not good....
                    $this->sess_destory();
                    return FALSE;
                }
            }
        }
    }
    //So we've made it past the validation stuff
    if ($this->encryption) {
        $this->userdata = $this->_ra_decode($_SESSION);
    } else {
        $this->userdata = $_SESSION;
    }
    return TRUE;
}

function sess_destroy ()
{
    //Kill off their cookie!
    if (isset($_COOKIE[session_name()])) {
        setcookie(session_name(), '', time()-42000, '/');
    }
    //Now the session data!
    $_SESSION = array();  //Clear the array of session data, for justin (just in case.. hehe)
    session_destroy();
}

function userdata($item)
{
    return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item];
    //Or one could just start using $_SESSION['my stuff'] - but we'll try to make it so this library can simply replace the core library,
    //without the need for users (yes, I mean you) to rewrite their code :-) HOW NICE AM I?!?!?! (And tired at this stage)
}

function all_userdata()
{
    return ( ! isset($this->userdata)) ? FALSE : $this->userdata;
    //Same as above
}

function set_userdata($newdata = array(), $newval = '')
{
    if (is_string($newdata)) {
        $newdata = array($newdata => $newval);
    }
    if (count($newdata) > 0) {
        foreach ($newdata as $key => $val) {
            $this->userdata[$key] = $val;
            $_SESSION[$key] = $this->_ra_encode($val);
        }
    }
}

function unset_userdata($newdata = array())
{
    if (is_string($newdata)) {
        $newdata = array($newdata => '');
    )
    
    if (count($newdata) > 0) {
        foreach ($newdata as $key => $val) {
            unset($this->userdata[$key]);
            unset $_SESSION[$key];
        }
    }
}

function set_remember_me ($newdata)
{
    //OUR NEW FUNCTION FOR IF THIS USER SHOULD BE REMEMBER, AND WHAT VALUE IT SHOULD HOLD!
    //Returns TRUE on successful setting, FALSE on non-successful setting
    if ($newdata == FALSE OR $newdata =='') {
        //If you try to set remember me with a FALSE or blank entry, we don't want to be remembered do we... hehehe
        $this->unset_remember_me();
        return FALSE;
    }
    $cookie_name = $this->sess_name . '_remember';
    setcookie($cookie_name, $this->_ra_encode($newdata), (time() + (60*60*24*365)));
    return TRUE;
}

function get_remember_me ()
{
    //Returns the value of the remember_me cookie (normally a username for login)
    //Returns FALSE if it's not there :-)
    $cookie_name = $this->sess_name . '_remember';
    if (isset($_COOKIE[$cookie_name])) {
        return _ra_decode($_COOKIE[$cookie_name]);
    } else {
        return FALSE;
    }
}

function unset_remember_me ()
{
    $cookie_name = $this->sess_name . '_remember';
    setcookie($cookie_name, '', time()-42000);
}

function _ra_encode ($value)
{
    if (is_array($value)) {
        $temp_array = array();
        foreach ($value as $key => $val) {
            if ($this->encryption) {
                $temp_array[$key] = $this->_ra_encode($val);
            } else {
                $temp_array[$key] = $val;
            }
        }
        return $temp_array;
    } else {
        if ($this->encryption) {
            $value = $this->CI->encrypt->encode($value);
            return $value;
        }
        return $value; //unchanged, cause we didn't need to encode it
    }
}

function _ra_decode ($value)
{
    if (is_array($value) {
        $temp_array = array();
        foreach ($value as $key => $val) {
            if ($this->encryption) {
                $temp_array[$key] = $this->_ra_decode($val);
            } else {
                $temp_array[$key] = $val;
            }
        }
        return $temp_array;
    }
    if ($this->encryption) {
        $value = $this->CI->encrypt->decode($value);
        return $value;
    }
    return $value; //unchanged, cause we didn't need to decode it
}

} [/code]

Add a custom footer
Add a custom sidebar
Clone this wiki locally