33
|
1 <?
|
|
2 //
|
|
3 // FAPWEB - Demo Party Website System System
|
|
4 // Session management and authentication
|
|
5 // (C) Copyright 2012 Matti 'ccr' Hamalainen <ccr@tnsp.org>
|
|
6 //
|
|
7
|
|
8 function stGetSessionItem($name, $default = "")
|
|
9 {
|
|
10 global $sessionType;
|
|
11 if (isset($sessionType))
|
|
12 return (isset($_SESSION[$sessionType]) && isset($_SESSION[$sessionType][$name])) ? trim($_SESSION[$sessionType][$name]) : $default;
|
|
13 else
|
|
14 return isset($_SESSION[$name]) ? trim($_SESSION[$name]) : $default;
|
|
15 }
|
|
16
|
|
17
|
|
18 function stSetSessionItem($name, $value)
|
|
19 {
|
|
20 global $sessionType;
|
|
21 if (!isset($sessionType))
|
|
22 die("Session type not set.");
|
|
23
|
|
24 $_SESSION[$sessionType][$name] = $value;
|
|
25 }
|
|
26
|
|
27
|
|
28 function stSessionExpire()
|
|
29 {
|
|
30 global $sessionType;
|
|
31
|
|
32 // Check for session expiration
|
|
33 if (!isset($_SESSION[$sessionType]) || !isset($_SESSION[$sessionType]["expires"]))
|
|
34 {
|
|
35 if (stGetSetting("debug")) error_log("Session ".$sessionType." expires due to expire time not set.");
|
|
36 stSessionEnd();
|
|
37 return FALSE;
|
|
38 }
|
|
39
|
|
40 if ($_SESSION[$sessionType]["expires"] < time())
|
|
41 {
|
|
42 if (stGetSetting("debug")) error_log("Session ".$sessionType." / ".session_id()." expires due to timeout ".$_SESSION[$sessionType]["expires"]." < ".time());
|
|
43 stSessionEnd();
|
|
44 return FALSE;
|
|
45 }
|
|
46
|
|
47 // Add more time to expiration
|
|
48 $timeout = stGetSetting($_SESSION[$sessionType]["timeout"], 0);
|
|
49 if (stGetSetting("debug")) error_log("Adding more time to ".$sessionType." session ".session_id()." :: ".$timeout);
|
|
50 $_SESSION[$sessionType]["expires"] = time() + $timeout * 60;
|
|
51 return TRUE;
|
|
52 }
|
|
53
|
|
54
|
|
55 function stSessionEnd()
|
|
56 {
|
|
57 global $sessionType;
|
|
58 $result = FALSE;
|
|
59
|
|
60 if (stGetSetting("debug")) error_log("Request END session ".$sessionType);
|
|
61
|
|
62 if (@session_start() === TRUE && isset($_SESSION))
|
|
63 {
|
|
64 // End current session type
|
|
65 if (isset($_SESSION[$sessionType]))
|
|
66 {
|
|
67 if (stGetSetting("debug")) error_log("END session ".$sessionType." / ".$_SESSION[$sessionType]["expires"]);
|
|
68 $_SESSION[$sessionType] = array();
|
|
69 unset($_SESSION[$sessionType]);
|
|
70 $result = TRUE;
|
|
71 }
|
|
72
|
|
73 // If all session types are ended, clear the cookies etc
|
|
74 if (!isset($_SESSION["user"]) && !isset($_SESSION["admin"]))
|
|
75 {
|
|
76 if (stGetSetting("debug")) error_log("Clearing all session data.");
|
|
77 $_SESSION = array();
|
|
78
|
|
79 if (ini_get("session.use_cookies"))
|
|
80 {
|
|
81 $params = session_get_cookie_params();
|
|
82 setcookie(session_name(), "", time() - 242000,
|
|
83 $params["path"], $params["domain"],
|
|
84 $params["secure"], $params["httponly"]
|
|
85 );
|
|
86 }
|
|
87
|
|
88 @session_destroy();
|
|
89 }
|
|
90 }
|
|
91
|
|
92 return $result;
|
|
93 }
|
|
94
|
|
95
|
|
96 function stSessionStart($key, $timeout)
|
|
97 {
|
|
98 global $sessionType;
|
|
99
|
|
100 if (@session_start() === TRUE)
|
|
101 {
|
|
102 if (stGetSetting("debug")) error_log("START ".$sessionType." session OK.");
|
|
103 $_SESSION[$sessionType] = array(
|
|
104 "key" => $key,
|
|
105 "timeout" => $timeout,
|
|
106 "expires" => time() + stGetSetting($timeout) * 60,
|
|
107 "message" => "",
|
|
108 "status" => 0,
|
|
109 );
|
|
110 return TRUE;
|
|
111 }
|
|
112 else
|
|
113 {
|
|
114 if (stGetSetting("debug")) error_log("START ".$sessionType." session --FAILED--");
|
|
115 return FALSE;
|
|
116 }
|
|
117 }
|
|
118
|
|
119
|
|
120 function stAdmSessionAuth()
|
|
121 {
|
|
122 if (@session_start() === TRUE &&
|
|
123 stGetSessionItem("key", FALSE) == stGetSetting("admPassword"))
|
|
124 {
|
|
125 if (stGetSetting("debug")) error_log("AUTH admin session OK.");
|
|
126 return stSessionExpire();
|
|
127 }
|
|
128 else
|
|
129 {
|
|
130 if (stGetSetting("debug")) error_log("AUTH admin session FAIL.");
|
|
131 return FALSE;
|
|
132 }
|
|
133 }
|
|
134
|
|
135
|
|
136 function stUserSessionAuth()
|
|
137 {
|
|
138 global $sessionType;
|
|
139
|
|
140 if (@session_start() === TRUE &&
|
|
141 isset($_SESSION[$sessionType]) &&
|
|
142 isset($_SESSION[$sessionType]["key"]))
|
|
143 return stSessionExpire();
|
|
144 else
|
|
145 return FALSE;
|
|
146 }
|
|
147
|
|
148
|
|
149 function stSetSessionStatus($status)
|
|
150 {
|
|
151 global $sessionType;
|
|
152 if (isset($_SESSION[$sessionType]) || session_start() === TRUE)
|
|
153 {
|
|
154 if ($status >= 0)
|
|
155 stSetSessionItem("prevstatus", stGetSessionItem("status", FALSE));
|
|
156
|
|
157 stSetSessionItem("status", $status);
|
|
158 }
|
|
159 }
|
|
160
|
|
161 ?> |