Permalink
Browse files

BackwardsCompatibilityBreak - Removed the `$prefix` parameter from th…

…e methods fSession::delete(), fSession::get() and fSession::set()

Fixed ticket #302 - added the method fSession::add()

Fixed ticket #303 - added a second parameter to fSession::setLength() and added fSession::enablePersistence()
  • Loading branch information...
wbond committed Oct 26, 2009
1 parent 30b7765 commit 5a19c8ed311e59758fb8889138bca0f6486f6029
Showing with 265 additions and 109 deletions.
  1. +22 −43 classes/fAuthorization.php
  2. +8 −7 classes/fCRUD.php
  3. +7 −6 classes/fMessaging.php
  4. +6 −6 classes/fRequest.php
  5. +222 −47 classes/fSession.php
View
@@ -9,7 +9,8 @@
* @package Flourish
* @link http://flourishlib.com/fAuthorization
*
* @version 1.0.0b3
* @version 1.0.0b4
* @changes 1.0.0b4 Updated class to use new fSession API [wb, 2009-10-23]
* @changes 1.0.0b3 Updated class to use new fSession API [wb, 2009-05-08]
* @changes 1.0.0b2 Fixed a bug with using named IP ranges in ::checkIP() [wb, 2009-01-10]
* @changes 1.0.0b The initial implementation [wb, 2007-06-14]
@@ -60,13 +61,6 @@ class fAuthorization
*/
static private $named_ip_ranges = array();
/**
* If the session id has been regenerated
*
* @var boolen
*/
static private $regenerated = FALSE;
/**
* Adds a named IP address or range, or array of addresses and/or ranges
@@ -218,9 +212,9 @@ static public function checkIP($ip_ranges)
*/
static public function checkLoggedIn()
{
if (fSession::get('user_auth_level', NULL, __CLASS__ . '::') !== NULL ||
fSession::get('user_acls', NULL, __CLASS__ . '::') !== NULL ||
fSession::get('user_token', NULL, __CLASS__ . '::') !== NULL) {
if (fSession::get(__CLASS__ . '::user_auth_level', NULL) !== NULL ||
fSession::get(__CLASS__ . '::user_acls', NULL) !== NULL ||
fSession::get(__CLASS__ . '::user_token', NULL) !== NULL) {
return TRUE;
}
return FALSE;
@@ -234,10 +228,10 @@ static public function checkLoggedIn()
*/
static public function destroyUserInfo()
{
fSession::delete('user_auth_level', __CLASS__ . '::');
fSession::delete('user_acls', __CLASS__ . '::');
fSession::delete('user_token', __CLASS__ . '::');
fSession::delete('requested_url', __CLASS__ . '::');
fSession::delete(__CLASS__ . '::user_auth_level');
fSession::delete(__CLASS__ . '::user_acls');
fSession::delete(__CLASS__ . '::user_token');
fSession::delete(__CLASS__ . '::requested_url');
}
@@ -250,9 +244,9 @@ static public function destroyUserInfo()
*/
static public function getRequestedURL($clear, $default_url=NULL)
{
$requested_url = fSession::get('requested_url', $default_url, __CLASS__ . '::');
$requested_url = fSession::get(__CLASS__ . '::requested_url', $default_url);
if ($clear) {
fSession::delete('requested_url', __CLASS__ . '::');
fSession::delete(__CLASS__ . '::requested_url');
}
return $requested_url;
}
@@ -265,7 +259,7 @@ static public function getRequestedURL($clear, $default_url=NULL)
*/
static public function getUserACLs()
{
return fSession::get('user_acls', NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::user_acls', NULL);
}
@@ -276,7 +270,7 @@ static public function getUserACLs()
*/
static public function getUserAuthLevel()
{
return fSession::get('user_auth_level', NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::user_auth_level', NULL);
}
@@ -287,7 +281,7 @@ static public function getUserAuthLevel()
*/
static public function getUserToken()
{
return fSession::get('user_token', NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::user_token', NULL);
}
@@ -298,25 +292,11 @@ static public function getUserToken()
*/
static private function redirect()
{
fSession::set('requested_url', fURL::getWithQueryString(), __CLASS__ . '::');
self::setRequestedURL(fURL::getWithQueryString());
fURL::redirect(self::$login_page);
}
/**
* Regenerates the session id, but only once per script execution
*
* @return void
*/
static private function regenerate()
{
if (!self::$regenerated) {
session_regenerate_id();
self::$regenerated = TRUE;
}
}
/**
* Redirect the user to the login page if they do not have the permissions required
*
@@ -383,7 +363,6 @@ static public function reset()
self::$level = NULL;
self::$login_page = NULL;
self::$named_ip_ranges = array();
self::$regenerated = FALSE;
}
@@ -419,7 +398,7 @@ static public function setLoginPage($url)
*/
static public function setRequestedURL($url)
{
fSession::set('requested_url', $url, __CLASS__ . '::');
fSession::set(__CLASS__ . '::requested_url', $url);
}
@@ -444,8 +423,8 @@ static public function setRequestedURL($url)
*/
static public function setUserACLs($acls)
{
fSession::set('user_acls', $acls, __CLASS__ . '::');
self::regenerate();
fSession::set(__CLASS__ . '::user_acls', $acls);
fSession::regenerateID();
}
@@ -458,8 +437,8 @@ static public function setUserACLs($acls)
static public function setUserAuthLevel($level)
{
self::validateAuthLevel($level);
fSession::set('user_auth_level', $level, __CLASS__ . '::');
self::regenerate();
fSession::set(__CLASS__ . '::user_auth_level', $level);
fSession::regenerateID();
}
@@ -471,8 +450,8 @@ static public function setUserAuthLevel($level)
*/
static public function setUserToken($token)
{
fSession::set('user_token', $token, __CLASS__ . '::');
self::regenerate();
fSession::set(__CLASS__ . '::user_token', $token);
fSession::regenerateID();
}
View
@@ -9,7 +9,8 @@
* @package Flourish
* @link http://flourishlib.com/fCRUD
*
* @version 1.0.0b4
* @version 1.0.0b5
* @changes 1.0.0b5 Updated class to use new fSession API [wb, 2009-10-23]
* @changes 1.0.0b4 Updated class to use new fSession API [wb, 2009-05-08]
* @changes 1.0.0b3 Backwards Compatiblity Break - moved ::printOption() to fHTML::printOption(), ::showChecked() to fHTML::showChecked(), ::removeListItems() and ::reorderListItems() to fException::splitMessage(), ::generateRequestToken() to fRequest::generateCSRFToken(), and ::validateRequestToken() to fRequest::validateCSRFToken() [wb, 2009-05-08]
* @changes 1.0.0b2 Fixed a bug preventing loaded search values from being included in redirects [wb, 2009-03-18]
@@ -90,7 +91,7 @@ static public function getColumnClass($column)
*/
static private function getPreviousSearchValue($column)
{
return fSession::get(fURL::get() . '::previous_search::' . $column, NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::' . fURL::get() . '::previous_search::' . $column, NULL);
}
@@ -101,7 +102,7 @@ static private function getPreviousSearchValue($column)
*/
static private function getPreviousSortColumn()
{
return fSession::get(fURL::get() . '::previous_sort_column', NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::' . fURL::get() . '::previous_sort_column', NULL);
}
@@ -112,7 +113,7 @@ static private function getPreviousSortColumn()
*/
static private function getPreviousSortDirection()
{
return fSession::get(fURL::get() . '::previous_sort_direction', NULL, __CLASS__ . '::');
return fSession::get(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', NULL);
}
@@ -331,7 +332,7 @@ static public function reset()
*/
static private function setPreviousSearchValue($column, $value)
{
fSession::set(fURL::get() . '::previous_search::' . $column, $value, __CLASS__ . '::');
fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_search::' . $column, $value);
}
@@ -343,7 +344,7 @@ static private function setPreviousSearchValue($column, $value)
*/
static private function setPreviousSortColumn($sort_column)
{
fSession::set(fURL::get() . '::previous_sort_column', $sort_column, __CLASS__ . '::');
fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_sort_column', $sort_column);
}
@@ -355,7 +356,7 @@ static private function setPreviousSortColumn($sort_column)
*/
static private function setPreviousSortDirection($sort_direction)
{
fSession::set(fURL::get() . '::previous_sort_direction', $sort_direction, __CLASS__ . '::');
fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', $sort_direction);
}
View
@@ -9,7 +9,8 @@
* @package Flourish
* @link http://flourishlib.com/fMessaging
*
* @version 1.0.0b5
* @version 1.0.0b6
* @changes 1.0.0b6 Updated class to use new fSession API [wb, 2009-10-23]
* @changes 1.0.0b5 Made the `$recipient` parameter optional for all methods [wb, 2009-07-08]
* @changes 1.0.0b4 Added support for `'*'` and arrays of names to ::check() [wb, 2009-06-02]
* @changes 1.0.0b3 Updated class to use new fSession API [wb, 2009-05-08]
@@ -62,7 +63,7 @@ static public function check($name, $recipient=NULL)
return FALSE;
}
return fSession::get($name, NULL, __CLASS__ . '::' . $recipient . '::') !== NULL;
return fSession::get(__CLASS__ . '::' . $recipient . '::' . $name, NULL) !== NULL;
}
@@ -84,7 +85,7 @@ static public function create($name, $recipient, $message=NULL)
$recipient = '{default}';
}
fSession::set($name, $message, __CLASS__ . '::' . $recipient . '::');
fSession::set(__CLASS__ . '::' . $recipient . '::' . $name, $message);
}
@@ -114,9 +115,9 @@ static public function retrieve($name, $recipient=NULL)
$recipient = '{default}';
}
$prefix = __CLASS__ . '::' . $recipient . '::';
$message = fSession::get($name, NULL, $prefix);
fSession::delete($name, $prefix);
$key = __CLASS__ . '::' . $recipient . '::' . $name;
$message = fSession::get($key, NULL);
fSession::delete($key);
return $message;
}
View
@@ -15,7 +15,8 @@
* @package Flourish
* @link http://flourishlib.com/fRequest
*
* @version 1.0.0b8
* @version 1.0.0b9
* @changes 1.0.0b9 Updated class to use new fSession API [wb, 2009-10-23]
* @changes 1.0.0b8 Casting to an integer or string in ::get() now properly casts when the `$key` isn't present in the request, added support for date, time, timestamp and `?` casts [wb, 2009-08-25]
* @changes 1.0.0b7 Fixed a bug with ::filter() not properly creating new `$_FILES` entries [wb, 2009-07-02]
* @changes 1.0.0b6 ::filter() now works with empty prefixes and filtering the `$_FILES` superglobal has been fixed [wb, 2009-07-02]
@@ -193,9 +194,7 @@ static public function generateCSRFToken($url=NULL)
$token = fCryptography::randomString(16);
$tokens = fSession::get($url . '::csrf_tokens', array(), __CLASS__ . '::');
$tokens[] = $token;
fSession::set($url . '::csrf_tokens', $tokens, __CLASS__ . '::');
fSession::add(__CLASS__ . '::' . $url . '::csrf_tokens', $token);
return $token;
}
@@ -658,7 +657,8 @@ static public function validateCSRFToken($token, $url=NULL)
$url = fURL::get();
}
$tokens = fSession::get($url . '::csrf_tokens', array(), __CLASS__ . '::');
$key = __CLASS__ . '::' . $url . '::csrf_tokens';
$tokens = fSession::get($key, array());
if (!in_array($token, $tokens)) {
throw new fValidationException(
@@ -667,7 +667,7 @@ static public function validateCSRFToken($token, $url=NULL)
}
$tokens = array_diff($tokens, array($token));;
fSession::set($url . '::csrf_tokens', $tokens, __CLASS__ . '::');
fSession::set($key, $tokens);
}
Oops, something went wrong.

0 comments on commit 5a19c8e

Please sign in to comment.