From 15c2acee08cbd0909f06ce154cf7c614e8bf2957 Mon Sep 17 00:00:00 2001
From: Benjamin Renard <brenard@zionetrix.net>
Date: Sun, 29 Jan 2023 22:34:43 +0100
Subject: [PATCH] Move session stuff in EesyPHP namespace

---
 includes/core.php      |  6 ++-
 includes/functions.php |  3 +-
 includes/session.php   | 46 -----------------------
 src/Session.php        | 85 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 92 insertions(+), 48 deletions(-)
 delete mode 100644 includes/session.php
 create mode 100644 src/Session.php

diff --git a/includes/core.php b/includes/core.php
index a977f4a..1b2bd5f 100644
--- a/includes/core.php
+++ b/includes/core.php
@@ -5,6 +5,7 @@ use EesyPHP\Log;
 use EesyPHP\SentryIntegration;
 use EesyPHP\SentrySpan;
 use EesyPHP\SentryTransaction;
+use EesyPHP\Session;
 use EesyPHP\Url;
 
 error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);
@@ -59,7 +60,10 @@ Log::init(
   isset($log_php_errors_levels)?$log_php_errors_levels:null
 );
 require_once('functions.php');
-require_once('session.php');
+Session :: init(
+  isset($session_max_duration)?$session_max_duration:null,
+  isset($session_timeout)?$session_timeout:null
+);
 
 // Nomenclatures
 $status_list = array (
diff --git a/includes/functions.php b/includes/functions.php
index 0acf130..db6a41b 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -2,6 +2,7 @@
 
 use EesyPHP\Check;
 use EesyPHP\Log;
+use EesyPHP\Session;
 
 /*
  * Check values helpers
@@ -313,7 +314,7 @@ function check_ajax_request($session_key=null) {
   global $ajax, $debug_ajax;
   $ajax = true;
 
-  if (check_session_key($session_key))
+  if (Session :: check_key($session_key))
     fatal_error('Invalid request');
 
   if ($debug_ajax)
diff --git a/includes/session.php b/includes/session.php
deleted file mode 100644
index 4c359e1..0000000
--- a/includes/session.php
+++ /dev/null
@@ -1,46 +0,0 @@
-<?php
-
-use EesyPHP\Log;
-
-if (php_sapi_name() == "cli")
-  return true;
-
-// Define session max duration
-if (!isset($session_max_duration))
-  $session_max_duration = (12*60*60); // Default to 12h
-ini_set('session.gc_maxlifetime', $session_max_duration);
-ini_set('session.cookie_lifetime', $session_max_duration);
-
-// Start session
-session_start();
-
-// Init session key
-if (!isset($_SESSION['session_key'])) {
-  $_SESSION['session_key']=uniqid();
-}
-
-// Handle session timeout
-if (isset($session_timeout) && $session_timeout) {
-  if (!isset($_SESSION['session_last_access'])) {
-    Log :: debug('Set initial session last access');
-    $_SESSION['session_last_access'] = time();
-  }
-  elseif ($_SESSION['session_last_access'] > (time() - $session_timeout)) {
-    Log :: debug(
-      'Session timeout not expired, update session last access '.
-      '(Previous value : '.$_SESSION['session_last_access'].')');
-    $_SESSION['session_last_access'] = time();
-  }
-  else {
-    Log :: info('Session destroyed due to inactivity');
-    session_destroy();
-  }
-}
-
-function check_session_key($value=null) {
-  if (is_null($value) && isset($_REQUEST['session_key']))
-    $value = $_REQUEST['session_key'];
-  return ($value && $_SESSION['session_key'] == $value);
-}
-
-# vim: tabstop=2 shiftwidth=2 softtabstop=2 expandtab
diff --git a/src/Session.php b/src/Session.php
new file mode 100644
index 0000000..9b32759
--- /dev/null
+++ b/src/Session.php
@@ -0,0 +1,85 @@
+<?php
+
+namespace EesyPHP;
+
+use EesyPHP\Log;
+
+
+/**
+ * Session management
+ */
+class Session {
+
+  /**
+   * Session max duration (in seconds, default: 12h)
+   * @var int
+   */
+  protected static int $max_duration = 12 * 60 * 60;
+
+  /**
+   * Initialization
+   * @param int|null $max_duration Session max duration in second
+   *                               (optional, default: 12h)
+   * @param int|null $timeout Session inactivity timeout in second
+   *                          (optional, default: no timeout)
+   * @return void
+   */
+  public static function init($max_duration=null, $timeout=null) {
+    if (php_sapi_name() == "cli")
+      return;
+
+    // Define session max duration
+    if (is_int($max_duration))
+      self :: $max_duration = $max_duration;
+
+    ini_set('session.gc_maxlifetime', strval(self :: $max_duration));
+    ini_set('session.cookie_lifetime', strval(self :: $max_duration));
+
+    // Start session
+    session_start();
+
+    // Init session key
+    if (!isset($_SESSION['session_key'])) {
+      $_SESSION['session_key'] = uniqid();
+    }
+
+    // Handle session timeout
+    if ($timeout) {
+      if (!isset($_SESSION['session_last_access'])) {
+        Log :: debug('Set initial session last access');
+        $_SESSION['session_last_access'] = time();
+      }
+      elseif ($_SESSION['session_last_access'] > (time() - $timeout)) {
+        Log :: debug(
+          'Session timeout not expired, update session last access '.
+          '(Previous value : %d', $_SESSION['session_last_access']);
+        $_SESSION['session_last_access'] = time();
+      }
+      else {
+        Log :: info('Session destroyed due to inactivity');
+        session_destroy();
+      }
+    }
+  }
+
+  /**
+   * Check session key
+   * @param string|null $value The value of the session key to check
+   *                           (optional, default: $_REQUEST['session_key'])
+   * @return bool
+   */
+  public static function check_key($value=null) {
+    if (is_null($value) && isset($_REQUEST['session_key']))
+      $value = $_REQUEST['session_key'];
+    return ($value && $_SESSION['session_key'] == $value);
+  }
+
+}
+
+
+if (php_sapi_name() == "cli")
+  return true;
+
+
+
+# vim: tabstop=2 shiftwidth=2 softtabstop=2 expandtab