Benjamin Renard
4f47dc056d
* Move example application in example sub-directory * Widely use App::get() instead of Config::get()
87 lines
2.4 KiB
PHP
87 lines
2.4 KiB
PHP
<?php
|
|
|
|
namespace EesyPHP;
|
|
|
|
/**
|
|
* Session management
|
|
*/
|
|
class Session {
|
|
|
|
/**
|
|
* Session max duration (in seconds, default: 12h)
|
|
* @var int
|
|
*/
|
|
protected static int $max_duration = 12 * 60 * 60;
|
|
|
|
/**
|
|
* Initialization
|
|
* @param int|null $max_duration Session max duration in second
|
|
* (optional, default: from session.max_duration config key if set, 12h otherwise)
|
|
* @param int|null $timeout Session inactivity timeout in second
|
|
* (optional, default: from session.timeout config key if set, no timeout otherwise)
|
|
* @return void
|
|
*/
|
|
public static function init($max_duration=null, $timeout=null) {
|
|
if (php_sapi_name() == "cli")
|
|
return;
|
|
|
|
// Define session max duration
|
|
if (is_null($max_duration))
|
|
$max_duration = App::get('session.max_duration', null, 'int');
|
|
if (is_int($max_duration))
|
|
self :: $max_duration = $max_duration;
|
|
|
|
ini_set('session.gc_maxlifetime', strval(self :: $max_duration));
|
|
ini_set('session.cookie_lifetime', strval(self :: $max_duration));
|
|
|
|
// Start session
|
|
session_start();
|
|
|
|
// Init session key
|
|
if (!isset($_SESSION['session_key'])) {
|
|
$_SESSION['session_key'] = uniqid();
|
|
}
|
|
|
|
// Handle session timeout
|
|
if (is_null($timeout))
|
|
$timeout = App::get('session.timeout', null, 'int');
|
|
if (is_int($timeout) && $timeout) {
|
|
if (!isset($_SESSION['session_last_access'])) {
|
|
Log :: debug('Set initial session last access');
|
|
$_SESSION['session_last_access'] = time();
|
|
}
|
|
elseif ($_SESSION['session_last_access'] > (time() - $timeout)) {
|
|
Log :: debug(
|
|
'Session timeout not expired, update session last access '.
|
|
'(Previous value : %d', $_SESSION['session_last_access']);
|
|
$_SESSION['session_last_access'] = time();
|
|
}
|
|
else {
|
|
Log :: info('Session destroyed due to inactivity');
|
|
session_destroy();
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Check session key
|
|
* @param string|null $value The value of the session key to check
|
|
* (optional, default: $_REQUEST['session_key'])
|
|
* @return bool
|
|
*/
|
|
public static function check_key($value=null) {
|
|
if (is_null($value) && isset($_REQUEST['session_key']))
|
|
$value = $_REQUEST['session_key'];
|
|
return ($value && $_SESSION['session_key'] == $value);
|
|
}
|
|
|
|
}
|
|
|
|
|
|
if (php_sapi_name() == "cli")
|
|
return true;
|
|
|
|
|
|
|
|
# vim: tabstop=2 shiftwidth=2 softtabstop=2 expandtab
|