/
Session.php
207 lines (186 loc) · 6.23 KB
/
Session.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
<?php
namespace mvcrb;
defined('ROOT') OR die('No direct script access.');
/*
* клас для работы с сессиями
* он настолько простой что нечего тут даже и пояснять.
*
*/
class Session {
/**
* Determine if session has started.
*
* @var boolean
*/
private static $sessionStarted = false;
public static $sessionName = '';
/**
* if session has not started, start sessions
*/
private static function SecSessionStart() {
if(session_status() === PHP_SESSION_ACTIVE){
self::$sessionStarted = true;
return true;
}
$SessionsDir = SITE_DIR . 'usersessions';
ini_set("session.gc_probability", 30); /* Можно настроить на 100%, если у вас там нет никакого медленного кода */
ini_set("session.gc_divisor", 100);
ini_set("session.gc_maxlifetime", 3600); /* Время жизни сессии в секундах (то самое, которое передается в функцию gc) */
session_save_path($SessionsDir);
// session_name(self::$sessionName);
// session_id(self::$sessionName);
if (ini_set('session.use_only_cookies', 1) === FALSE) {
exit('SecSessionStart(): Could not initiate a safe session (ini_set)');
}
$cookieParams = session_get_cookie_params();
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], false);
$handler = new FileSessionHandler();
session_set_save_handler(
array($handler, 'open'),
array($handler, 'close'),
array($handler, 'read'),
array($handler, 'write'),
array($handler, 'destroy'),
array($handler, 'gc')
);
if(session_status() === PHP_SESSION_NONE) session_start(); // Start the PHP session
// session_regenerate_id(); // regenerated the session, delete the old one.
//
$BrowserHesh = self::get('BrowserHesh');
if($BrowserHesh){
$browser = mvcrb::BrouserHash();
// dd($browser.' '.$BrowserHesh);
if($browser!==$BrowserHesh){
// dd($browser.' '.$BrowserHesh);
self::Destroy();
}
}
}
public static function init() {
if (!self::$sessionStarted) {
// session_start();
self::$sessionName = mvcrb::BrouserHash();
self::SecSessionStart();
}
return self::$sessionStarted;
}
/**
* Add value to a session.
*
* @param string $key name the data to save
* @param string|bool $value the data to save
*/
public static function set($key, $value = false) {
// dd($key);
if (is_array($key) && $value === false) {
foreach ($key as $name => $value) {
$_SESSION[$name] = $value;
}
} else {
$_SESSION[$key] = $value;
}
}
/**
* Extract item from session then delete from the session, finally return the item.
*
* @param string $key item to extract
* @return mixed|null
*/
public static function pull($key) {
if (isset($_SESSION[$key])) {
$value = $_SESSION[$key];
unset($_SESSION[$key]);
return $value;
}
return null;
}
/**
* Get item from session
*
* @param string $key item to look for in session
* @param boolean $secondkey if used then use as a second key
* @return mixed|null
*/
public static function get($key, $secondkey = false) {
if ($secondkey == true) {
if (isset($_SESSION[$key][$secondkey])) {
return $_SESSION[$key][$secondkey];
}
} else {
if (isset($_SESSION[$key])) {
return $_SESSION[$key];
}
}
return null;
}
/**
* id
*
* @return string with the session id.
*/
public static function id() {
return session_id();
}
/**
* Regenerate session_id.
*
* @return string session_id
*/
public static function regenerate() {
session_regenerate_id(true);
return session_id();
}
/**
* Return the session array.
*
* @return array of session indexes
*/
public static function display() {
return $_SESSION;
}
/**
* Empties and destroys the session.
*
* @param string $key - session name to destroy
* @param boolean $prefix - if set to true clear all sessions for current SESSION_PREFIX
*/
public static function destroy($key = '', $prefix = false) {
/** only run if session has started */
if (self::$sessionStarted == true) {
// get session parameters
$params = session_get_cookie_params();
// Delete the actual cookie.
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
/** if key is empty and $prefix is false */
if ($key == '' && $prefix == false) {
session_gc();
session_unset();
session_destroy();
} elseif ($prefix == true) {
/** clear all session for set SESSION_PREFIX */
foreach ($_SESSION as $key => $value) {
// if (strpos($key, self::$sessionName) === 0) {
unset($_SESSION[$key]);
// }
}
} else {
/** clear specified session key */
unset($_SESSION[$key]);
}
}
}
public static function DestroyAll() {
if (self::$sessionStarted) {
// session_unset();
// session_destroy();
// session_start();
// session_regenerate_id(true);
session_gc();
session_unset();
session_destroy();
session_write_close();
// setcookie(session_name(), '', 0, '/');
session_abort();
}
}
}