Viewing File core/SessionManager.php of 0.00.0a
Home or version:
File: 0.00.0a/core/SessionManager.php (View as HTML)

  1: <?php 
  2: /* -------------------------------------------------------------
  3: This file is part of FreeDESK
  4: 
  5: FreeDESK is (C) Copyright 2012 David Cutting
  6: 
  7: FreeDESK is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeDESK is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeDESK.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freedesk/
 21: -------------------------------------------------------------- */
 22: 
 23: /**
 24:  * Session Class - contains information about interactive user session
 25: **/
 26: class Session
 27: {
 28: 	/**
 29: 	 * Type of session
 30: 	**/
 31: 	var $type = ContextType::None;
 32: 	/**
 33: 	 * Session ID
 34: 	**/
 35: 	var $sid = "";
 36: 	/**
 37: 	 * Username
 38: 	**/
 39: 	var $username = "";
 40: 	/**
 41: 	 * Real name
 42: 	**/
 43: 	var $realname = "";
 44: 	/**
 45: 	 * Create a SID - sets $this->sid and returns SID
 46: 	 * @return string SID
 47: 	**/
 48: 	function CreateSID()
 49: 	{
 50: 		$allow = "abcdefghijklmnopqrstuvwxyz0123456789XYZ";
 51: 		$len = 128;
 52: 		$allowlen = strlen($allow);
 53: 		$this->sid="";
 54: 		mt_srand(microtime()*1000000);
 55: 		for ($i=0; $i<$len; ++$i)
 56: 		{
 57: 			$this->sid.=$allow[mt_rand(0,$allowlen-1)];
 58: 		}
 59: 		return $this->sid;
 60: 	}
 61: 	/**
 62: 	 * Return XML Description of the Session
 63: 	 * @param bool $header Return XML header (optional, default false)
 64: 	 * @return string XML Data
 65: 	**/
 66: 	function XML($header=false)
 67: 	{
 68: 		$xml = new xmlCreate();
 69: 		$xml->startElement("session");
 70: 		$xml->charElement("type",$this->type);
 71: 		$xml->charElement("sid",$this->sid);
 72: 		$xml->charElement("username",$this->username);
 73: 		$xml->endElement("session");
 74: 		return $xml->getXML($header);
 75: 	}
 76: 	/**
 77: 	 * Get a 'nice' name
 78: 	 * @return string Nice name for current user
 79: 	**/
 80: 	function NiceName()
 81: 	{
 82: 		$name = "";
 83: 		if ($this->type == ContextType::Customer)
 84: 			$name.="CUSTOMER: ";
 85: 		if ($this->realname != "")
 86: 			$name.=$this->realname;
 87: 		else
 88: 			$name.=$this->username;
 89: 		return $name;
 90: 	}
 91: }
 92: 
 93: /**
 94:  * Session Manager class - handles creation, check and update of sessions
 95: **/
 96: class SessionManager
 97: {
 98: 	/**
 99: 	 * FreeDESK Instance
100: 	**/
101: 	private $DESK = null;
102: 	
103: 	/**
104: 	 * Constructor
105: 	 * @param mixed $freeDESK FreeDESK instance
106: 	**/
107: 	function SessionManager(&$freeDESK)
108: 	{
109: 		$this->DESK = &$freeDESK;
110: 		$this->DESK->PluginManager->Register(new Plugin(
111: 			"Session Manager", "0.01", "Core" ));
112: 	}
113: 	
114: 	/**
115: 	 * Create a Session
116: 	 * @param mixed $type Type of session of form ContextType)
117: 	 * @param string $username Username
118: 	 * @param string $password Password
119: 	 * @return mixed Session class on success or bool false on failure
120: 	**/
121: 	function Create($type, $username, $password)
122: 	{	// TODO: Customer
123: 		$expiry = $this->DESK->Configuration->Get("session.expire","15");
124: 		// Fetch user auth type
125: 		$q="SELECT ".$this->DESK->Database->Field("authtype").",".$this->DESK->Database->Field("realname")." FROM ".$this->DESK->Database->Table("user")." ";
126: 		$q.="WHERE ".$this->DESK->Database->Field("username")."=\"".$this->DESK->Database->Safe($username)."\" LIMIT 0,1";
127: 		$r=$this->DESK->Database->Query($q);
128: 		$user=$this->DESK->Database->FetchAssoc($r);
129: 		$this->DESK->Database->Free($r);
130: 		if ($user)
131: 		{
132: 			$authtype=$user['authtype'];
133: 			if ($authtype=="")
134: 				$authtype=$this->DESK->Configuration->Get("auth.default","standard");
135: 			$authmethod=AuthenticationFactory::Create($this->DESK, $authtype);
136: 			if (!$authmethod)
137: 				return false;
138: 			if ($authmethod->Authenticate($type, $username, $password))
139: 			{
140: 				// Successful Login
141: 				$session = new Session();
142: 				$session->type = $type;
143: 				$session->username = $username;
144: 				$session->realname = $user['realname'];
145: 				$session->CreateSID();
146: 				
147: 				// Create the session in the DB
148: 				$q="INSERT INTO ".$this->DESK->Database->Table("session")."(".$this->DESK->Database->Field("username").",";
149: 				$q.=$this->DESK->Database->Field("session_id").",".$this->DESK->Database->Field("sessiontype").",";
150: 				$q.=$this->DESK->Database->Field("created_dt").",".$this->DESK->Database->Field("updated_dt").",";
151: 				$q.=$this->DESK->Database->Field("expires_dt").",".$this->DESK->Database->Field("realname").") VALUES(";
152: 				$q.="\"".$this->DESK->Database->Safe($username)."\",";
153: 				$q.="\"".$this->DESK->Database->Safe($session->sid)."\",";
154: 				$q.=$this->DESK->Database->Safe($type).",";
155: 				$q.="NOW(),NOW(),DATE_ADD(NOW(), INTERVAL ".$this->DESK->Database->Safe($expiry)." MINUTE),";
156: 				$q.=$this->DESK->Database->SafeQuote($user['realname']).")";
157: 				
158: 				$this->DESK->Database->Query($q);
159: 				
160: 				return $session;
161: 			}
162: 		}
163: 		return false; // default failure
164: 	}
165: 	
166: 	/**
167: 	 * Check a Session
168: 	 * @param mixed $sid Session ID
169: 	 * @return mixed Sesson class on success or bool false on failure
170: 	**/
171: 	function Check($sid)
172: 	{
173: 		$expiry = $this->DESK->Configuration->Get("session.expire","15");
174: 		
175: 		// Select session from DB
176: 		$q="SELECT * FROM ".$this->DESK->Database->Table("session")." WHERE ".$this->DESK->Database->Field("session_id")."=";
177: 		$q.="\"".$this->DESK->Database->Safe($sid)."\" AND ".$this->DESK->Database->Field("expires_dt").">NOW() LIMIT 0,1";
178: 		
179: 		$r=$this->DESK->Database->Query($q);
180: 		$sess=$this->DESK->Database->FetchAssoc($r);
181: 		$this->DESK->Database->Free($r);
182: 		if ($sess) // If session found
183: 		{
184: 			// Load session data
185: 			$session = new Session();
186: 			$session->sid = $sid;
187: 			$session->type = $sess['sessiontype'];
188: 			$session->username = $sess['username'];
189: 			$session->realname = $sess['realname'];
190: 			
191: 			// And update expiry
192: 			$q="UPDATE ".$this->DESK->Database->Table("session")." SET ".$this->DESK->Database->Field("updated_dt")."=NOW(),";
193: 			$q.=$this->DESK->Database->Field("expires_dt")."=DATE_ADD(NOW(), INTERVAL ".$this->DESK->Database->Safe($expiry)." MINUTE) ";
194: 			$q.="WHERE ".$this->DESK->Database->Field("session_id")."=\"".$this->DESK->Database->Safe($sid)."\"";
195: 			$this->DESK->Database->Query($q);
196: 			
197: 			return $session;
198: 		}
199: 		return false;
200: 	}
201: 	
202: 	/**
203: 	 * Destroy a session
204: 	 * @param string $sid Session ID
205: 	**/
206: 	function Destroy($sid)
207: 	{
208: 		$q="DELETE FROM ".$this->DESK->Database->Table("session")." WHERE ".$this->DESK->Database->Field("session_id")."=";
209: 		$q.=$this->DESK->Database->SafeQuote($sid);
210: 		$this->DESK->Database->Query($q);
211: 	}
212: }
213: 
214: 
215: ?>
216: 
217:
CodeXplore for FreeDESK by David Cutting, all rights reserved.