Viewing File core/SessionManager.php of 0.00.0a
|
1: <?php 2: /* ------------------------------------------------------------- 3: This file is part of FreeDESK 4: 5: FreeDESK is (C) Copyright 2012 David Cutting 6: 7: FreeDESK is free software: you can redistribute it and/or modify 8: it under the terms of the GNU General Public License as published by 9: the Free Software Foundation, either version 3 of the License, or 10: (at your option) any later version. 11: 12: FreeDESK is distributed in the hope that it will be useful, 13: but WITHOUT ANY WARRANTY; without even the implied warranty of 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15: GNU General Public License for more details. 16: 17: You should have received a copy of the GNU General Public License 18: along with FreeDESK. If not, see www.gnu.org/licenses 19: 20: For more information see www.purplepixie.org/freedesk/ 21: -------------------------------------------------------------- */ 22: 23: /** 24: * Session Class - contains information about interactive user session 25: **/ 26: class Session 27: { 28: /** 29: * Type of session 30: **/ 31: var $type = ContextType::None; 32: /** 33: * Session ID 34: **/ 35: var $sid = ""; 36: /** 37: * Username 38: **/ 39: var $username = ""; 40: /** 41: * Real name 42: **/ 43: var $realname = ""; 44: /** 45: * Create a SID - sets $this->sid and returns SID 46: * @return string SID 47: **/ 48: function CreateSID() 49: { 50: $allow = "abcdefghijklmnopqrstuvwxyz0123456789XYZ"; 51: $len = 128; 52: $allowlen = strlen($allow); 53: $this->sid=""; 54: mt_srand(microtime()*1000000); 55: for ($i=0; $i<$len; ++$i) 56: { 57: $this->sid.=$allow[mt_rand(0,$allowlen-1)]; 58: } 59: return $this->sid; 60: } 61: /** 62: * Return XML Description of the Session 63: * @param bool $header Return XML header (optional, default false) 64: * @return string XML Data 65: **/ 66: function XML($header=false) 67: { 68: $xml = new xmlCreate(); 69: $xml->startElement("session"); 70: $xml->charElement("type",$this->type); 71: $xml->charElement("sid",$this->sid); 72: $xml->charElement("username",$this->username); 73: $xml->endElement("session"); 74: return $xml->getXML($header); 75: } 76: /** 77: * Get a 'nice' name 78: * @return string Nice name for current user 79: **/ 80: function NiceName() 81: { 82: $name = ""; 83: if ($this->type == ContextType::Customer) 84: $name.="CUSTOMER: "; 85: if ($this->realname != "") 86: $name.=$this->realname; 87: else 88: $name.=$this->username; 89: return $name; 90: } 91: } 92: 93: /** 94: * Session Manager class - handles creation, check and update of sessions 95: **/ 96: class SessionManager 97: { 98: /** 99: * FreeDESK Instance 100: **/ 101: private $DESK = null; 102: 103: /** 104: * Constructor 105: * @param mixed $freeDESK FreeDESK instance 106: **/ 107: function SessionManager(&$freeDESK) 108: { 109: $this->DESK = &$freeDESK; 110: $this->DESK->PluginManager->Register(new Plugin( 111: "Session Manager", "0.01", "Core" )); 112: } 113: 114: /** 115: * Create a Session 116: * @param mixed $type Type of session of form ContextType) 117: * @param string $username Username 118: * @param string $password Password 119: * @return mixed Session class on success or bool false on failure 120: **/ 121: function Create($type, $username, $password) 122: { // TODO: Customer 123: $expiry = $this->DESK->Configuration->Get("session.expire","15"); 124: // Fetch user auth type 125: $q="SELECT ".$this->DESK->Database->Field("authtype").",".$this->DESK->Database->Field("realname")." FROM ".$this->DESK->Database->Table("user")." "; 126: $q.="WHERE ".$this->DESK->Database->Field("username")."=\"".$this->DESK->Database->Safe($username)."\" LIMIT 0,1"; 127: $r=$this->DESK->Database->Query($q); 128: $user=$this->DESK->Database->FetchAssoc($r); 129: $this->DESK->Database->Free($r); 130: if ($user) 131: { 132: $authtype=$user['authtype']; 133: if ($authtype=="") 134: $authtype=$this->DESK->Configuration->Get("auth.default","standard"); 135: $authmethod=AuthenticationFactory::Create($this->DESK, $authtype); 136: if (!$authmethod) 137: return false; 138: if ($authmethod->Authenticate($type, $username, $password)) 139: { 140: // Successful Login 141: $session = new Session(); 142: $session->type = $type; 143: $session->username = $username; 144: $session->realname = $user['realname']; 145: $session->CreateSID(); 146: 147: // Create the session in the DB 148: $q="INSERT INTO ".$this->DESK->Database->Table("session")."(".$this->DESK->Database->Field("username").","; 149: $q.=$this->DESK->Database->Field("session_id").",".$this->DESK->Database->Field("sessiontype").","; 150: $q.=$this->DESK->Database->Field("created_dt").",".$this->DESK->Database->Field("updated_dt").","; 151: $q.=$this->DESK->Database->Field("expires_dt").",".$this->DESK->Database->Field("realname").") VALUES("; 152: $q.="\"".$this->DESK->Database->Safe($username)."\","; 153: $q.="\"".$this->DESK->Database->Safe($session->sid)."\","; 154: $q.=$this->DESK->Database->Safe($type).","; 155: $q.="NOW(),NOW(),DATE_ADD(NOW(), INTERVAL ".$this->DESK->Database->Safe($expiry)." MINUTE),"; 156: $q.=$this->DESK->Database->SafeQuote($user['realname']).")"; 157: 158: $this->DESK->Database->Query($q); 159: 160: return $session; 161: } 162: } 163: return false; // default failure 164: } 165: 166: /** 167: * Check a Session 168: * @param mixed $sid Session ID 169: * @return mixed Sesson class on success or bool false on failure 170: **/ 171: function Check($sid) 172: { 173: $expiry = $this->DESK->Configuration->Get("session.expire","15"); 174: 175: // Select session from DB 176: $q="SELECT * FROM ".$this->DESK->Database->Table("session")." WHERE ".$this->DESK->Database->Field("session_id")."="; 177: $q.="\"".$this->DESK->Database->Safe($sid)."\" AND ".$this->DESK->Database->Field("expires_dt").">NOW() LIMIT 0,1"; 178: 179: $r=$this->DESK->Database->Query($q); 180: $sess=$this->DESK->Database->FetchAssoc($r); 181: $this->DESK->Database->Free($r); 182: if ($sess) // If session found 183: { 184: // Load session data 185: $session = new Session(); 186: $session->sid = $sid; 187: $session->type = $sess['sessiontype']; 188: $session->username = $sess['username']; 189: $session->realname = $sess['realname']; 190: 191: // And update expiry 192: $q="UPDATE ".$this->DESK->Database->Table("session")." SET ".$this->DESK->Database->Field("updated_dt")."=NOW(),"; 193: $q.=$this->DESK->Database->Field("expires_dt")."=DATE_ADD(NOW(), INTERVAL ".$this->DESK->Database->Safe($expiry)." MINUTE) "; 194: $q.="WHERE ".$this->DESK->Database->Field("session_id")."=\"".$this->DESK->Database->Safe($sid)."\""; 195: $this->DESK->Database->Query($q); 196: 197: return $session; 198: } 199: return false; 200: } 201: 202: /** 203: * Destroy a session 204: * @param string $sid Session ID 205: **/ 206: function Destroy($sid) 207: { 208: $q="DELETE FROM ".$this->DESK->Database->Table("session")." WHERE ".$this->DESK->Database->Field("session_id")."="; 209: $q.=$this->DESK->Database->SafeQuote($sid); 210: $this->DESK->Database->Query($q); 211: } 212: } 213: 214: 215: ?> 216: 217: