|
33
|
1 <?
|
|
|
2 //
|
|
|
3 // FAPWEB - Demo Party Website System System
|
|
|
4 // Session management and authentication
|
|
|
5 // (C) Copyright 2012 Matti 'ccr' Hamalainen <ccr@tnsp.org>
|
|
|
6 //
|
|
|
7
|
|
51
|
8 function stDebug($msg)
|
|
|
9 {
|
|
|
10 if (stGetSetting("debug"))
|
|
|
11 error_log($msg);
|
|
|
12 }
|
|
|
13
|
|
|
14
|
|
|
15 function stGetSpecSessionItem($stype, $name, $default = "")
|
|
|
16 {
|
|
|
17 if (isset($stype))
|
|
|
18 return (isset($_SESSION[$stype]) && isset($_SESSION[$stype][$name])) ? $_SESSION[$stype][$name] : $default;
|
|
|
19 else
|
|
|
20 return $default;
|
|
|
21 }
|
|
|
22
|
|
|
23
|
|
33
|
24 function stGetSessionItem($name, $default = "")
|
|
|
25 {
|
|
|
26 global $sessionType;
|
|
51
|
27 return stGetSpecSessionItem($sessionType, $name, $default);
|
|
33
|
28 }
|
|
|
29
|
|
|
30
|
|
|
31 function stSetSessionItem($name, $value)
|
|
|
32 {
|
|
|
33 global $sessionType;
|
|
|
34 if (!isset($sessionType))
|
|
|
35 die("Session type not set.");
|
|
|
36
|
|
|
37 $_SESSION[$sessionType][$name] = $value;
|
|
|
38 }
|
|
|
39
|
|
|
40
|
|
51
|
41 function stSessionExpire($stype)
|
|
33
|
42 {
|
|
|
43 // Check for session expiration
|
|
51
|
44 if (!isset($_SESSION[$stype]) || !isset($_SESSION[$stype]["expires"]))
|
|
33
|
45 {
|
|
51
|
46 stDebug("Session ".$stype." expires due to expire time not set.");
|
|
|
47 stSessionEnd($stype);
|
|
33
|
48 return FALSE;
|
|
|
49 }
|
|
|
50
|
|
51
|
51 if ($_SESSION[$stype]["expires"] < time())
|
|
33
|
52 {
|
|
51
|
53 stDebug("Session ".$stype." / ".session_id()." expires due to timeout ".$_SESSION[$stype]["expires"]." < ".time());
|
|
|
54 stSessionEnd($stype);
|
|
33
|
55 return FALSE;
|
|
|
56 }
|
|
|
57
|
|
|
58 // Add more time to expiration
|
|
51
|
59 $timeout = stGetSetting($_SESSION[$stype]["timeout"], 0);
|
|
|
60 stDebug("Adding more time to ".$stype." session ".session_id()." :: ".$timeout);
|
|
|
61 $_SESSION[$stype]["expires"] = time() + $timeout * 60;
|
|
33
|
62 return TRUE;
|
|
|
63 }
|
|
|
64
|
|
|
65
|
|
51
|
66 function stSessionEnd($stype)
|
|
33
|
67 {
|
|
|
68 $result = FALSE;
|
|
|
69
|
|
51
|
70 stDebug("Request END session ".$stype);
|
|
33
|
71
|
|
|
72 if (@session_start() === TRUE && isset($_SESSION))
|
|
|
73 {
|
|
|
74 // End current session type
|
|
51
|
75 if (isset($_SESSION[$stype]))
|
|
33
|
76 {
|
|
51
|
77 stDebug("END session ".$stype." / ".$_SESSION[$stype]["expires"]);
|
|
|
78 $_SESSION[$stype] = array();
|
|
|
79 unset($_SESSION[$stype]);
|
|
33
|
80 $result = TRUE;
|
|
|
81 }
|
|
|
82
|
|
|
83 // If all session types are ended, clear the cookies etc
|
|
51
|
84 if (!isset($_SESSION[SESS_USER]) && !isset($_SESSION[SESS_ADMIN]))
|
|
33
|
85 {
|
|
51
|
86 stDebug("Clearing all session data.");
|
|
33
|
87 $_SESSION = array();
|
|
|
88
|
|
|
89 if (ini_get("session.use_cookies"))
|
|
|
90 {
|
|
|
91 $params = session_get_cookie_params();
|
|
|
92 setcookie(session_name(), "", time() - 242000,
|
|
|
93 $params["path"], $params["domain"],
|
|
|
94 $params["secure"], $params["httponly"]
|
|
|
95 );
|
|
|
96 }
|
|
|
97
|
|
|
98 @session_destroy();
|
|
|
99 }
|
|
|
100 }
|
|
|
101
|
|
|
102 return $result;
|
|
|
103 }
|
|
|
104
|
|
|
105
|
|
51
|
106 function stSessionStart($stype, $key, $timeout)
|
|
33
|
107 {
|
|
|
108 if (@session_start() === TRUE)
|
|
|
109 {
|
|
51
|
110 stDebug("START ".$stype." session OK.");
|
|
|
111 $_SESSION[$stype] = array(
|
|
33
|
112 "key" => $key,
|
|
|
113 "timeout" => $timeout,
|
|
|
114 "expires" => time() + stGetSetting($timeout) * 60,
|
|
|
115 "message" => "",
|
|
|
116 "status" => 0,
|
|
|
117 );
|
|
|
118 return TRUE;
|
|
|
119 }
|
|
|
120 else
|
|
|
121 {
|
|
51
|
122 stDebug("START ".$stype." session --FAILED--");
|
|
33
|
123 return FALSE;
|
|
|
124 }
|
|
|
125 }
|
|
|
126
|
|
|
127
|
|
|
128 function stAdmSessionAuth()
|
|
|
129 {
|
|
|
130 if (@session_start() === TRUE &&
|
|
51
|
131 stGetSpecSessionItem(SESS_ADMIN, "key", FALSE) == stGetSetting("admPassword"))
|
|
33
|
132 {
|
|
51
|
133 stDebug("AUTH admin session OK.");
|
|
|
134 return stSessionExpire(SESS_ADMIN);
|
|
33
|
135 }
|
|
|
136 else
|
|
|
137 {
|
|
51
|
138 stDebug("AUTH admin session FAIL.");
|
|
33
|
139 return FALSE;
|
|
|
140 }
|
|
|
141 }
|
|
|
142
|
|
|
143
|
|
|
144 function stUserSessionAuth()
|
|
|
145 {
|
|
|
146 if (@session_start() === TRUE &&
|
|
51
|
147 stGetSpecSessionItem(SESS_USER, "key", FALSE) !== FALSE)
|
|
|
148 {
|
|
|
149 stDebug("AUTH user session OK.");
|
|
|
150 return stSessionExpire(SESS_ADMIN);
|
|
|
151 }
|
|
33
|
152 else
|
|
51
|
153 {
|
|
|
154 stDebug("AUTH user session FAIL.");
|
|
33
|
155 return FALSE;
|
|
51
|
156 }
|
|
33
|
157 }
|
|
|
158
|
|
|
159
|
|
|
160 function stSetSessionStatus($status)
|
|
|
161 {
|
|
|
162 global $sessionType;
|
|
|
163 if (isset($_SESSION[$sessionType]) || session_start() === TRUE)
|
|
|
164 {
|
|
|
165 if ($status >= 0)
|
|
|
166 stSetSessionItem("prevstatus", stGetSessionItem("status", FALSE));
|
|
|
167
|
|
|
168 stSetSessionItem("status", $status);
|
|
|
169 }
|
|
|
170 }
|
|
|
171
|
|
|
172 ?> |
