diff --git a/includes/core.php b/includes/core.php index a977f4a..1b2bd5f 100644 --- a/includes/core.php +++ b/includes/core.php @@ -5,6 +5,7 @@ use EesyPHP\Log; use EesyPHP\SentryIntegration; use EesyPHP\SentrySpan; use EesyPHP\SentryTransaction; +use EesyPHP\Session; use EesyPHP\Url; error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED); @@ -59,7 +60,10 @@ Log::init( isset($log_php_errors_levels)?$log_php_errors_levels:null ); require_once('functions.php'); -require_once('session.php'); +Session :: init( + isset($session_max_duration)?$session_max_duration:null, + isset($session_timeout)?$session_timeout:null +); // Nomenclatures $status_list = array ( diff --git a/includes/functions.php b/includes/functions.php index 0acf130..db6a41b 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -2,6 +2,7 @@ use EesyPHP\Check; use EesyPHP\Log; +use EesyPHP\Session; /* * Check values helpers @@ -313,7 +314,7 @@ function check_ajax_request($session_key=null) { global $ajax, $debug_ajax; $ajax = true; - if (check_session_key($session_key)) + if (Session :: check_key($session_key)) fatal_error('Invalid request'); if ($debug_ajax) diff --git a/includes/session.php b/includes/session.php deleted file mode 100644 index 4c359e1..0000000 --- a/includes/session.php +++ /dev/null @@ -1,46 +0,0 @@ - (time() - $session_timeout)) { - Log :: debug( - 'Session timeout not expired, update session last access '. - '(Previous value : '.$_SESSION['session_last_access'].')'); - $_SESSION['session_last_access'] = time(); - } - else { - Log :: info('Session destroyed due to inactivity'); - session_destroy(); - } -} - -function check_session_key($value=null) { - if (is_null($value) && isset($_REQUEST['session_key'])) - $value = $_REQUEST['session_key']; - return ($value && $_SESSION['session_key'] == $value); -} - -# vim: tabstop=2 shiftwidth=2 softtabstop=2 expandtab diff --git a/src/Session.php b/src/Session.php new file mode 100644 index 0000000..9b32759 --- /dev/null +++ b/src/Session.php @@ -0,0 +1,85 @@ + (time() - $timeout)) { + Log :: debug( + 'Session timeout not expired, update session last access '. + '(Previous value : %d', $_SESSION['session_last_access']); + $_SESSION['session_last_access'] = time(); + } + else { + Log :: info('Session destroyed due to inactivity'); + session_destroy(); + } + } + } + + /** + * Check session key + * @param string|null $value The value of the session key to check + * (optional, default: $_REQUEST['session_key']) + * @return bool + */ + public static function check_key($value=null) { + if (is_null($value) && isset($_REQUEST['session_key'])) + $value = $_REQUEST['session_key']; + return ($value && $_SESSION['session_key'] == $value); + } + +} + + +if (php_sapi_name() == "cli") + return true; + + + +# vim: tabstop=2 shiftwidth=2 softtabstop=2 expandtab