Location: PHPKode > projects > Eventum > eventum-2.2/include/class.session.php
<?php
/* vim: set expandtab tabstop=4 shiftwidth=4 encoding=utf-8: */
// +----------------------------------------------------------------------+
// | Eventum - Issue Tracking System                                      |
// +----------------------------------------------------------------------+
// | Copyright (c) 2003 - 2008 MySQL AB                                   |
// | Copyright (c) 2008 - 2009 Sun Microsystem Inc.                       |
// |                                                                      |
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation; either version 2 of the License, or    |
// | (at your option) any later version.                                  |
// |                                                                      |
// | This program is distributed in the hope that it will be useful,      |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of       |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        |
// | GNU General Public License for more details.                         |
// |                                                                      |
// | You should have received a copy of the GNU General Public License    |
// | along with this program; if not, write to:                           |
// |                                                                      |
// | Free Software Foundation, Inc.                                       |
// | 59 Temple Place - Suite 330                                          |
// | Boston, MA 02111-1307, USA.                                          |
// +----------------------------------------------------------------------+
// | Authors: Bryan Alsdorf <hide@address.com>                             |
// +----------------------------------------------------------------------+
//
// @(#) $Id: class.session.php 3797 2009-01-12 20:14:39Z balsdorf $
//

require_once(APP_INC_PATH . "class.error_handler.php");
require_once(APP_INC_PATH . "class.setup.php");

/**
 * Wrapper class for sessions. This is an initial bare bones implementation.
 * Additional methods will be later as needed.
 *
 * @version 1.0
 * @author Bryan Alsdorf <hide@address.com>
 */

class Session
{
    /**
     * Sets the passed variable in the session using the specified name.
     * 
     * @access  public
     * @param   string $name Name to store variable under.
     * @param   mixed $var Variable to store in session.
     */
    function set($name, $var)
    {
        GLOBAL $_SESSION;
        $_SESSION[$name] = $var;
    }
    
    
    /**
     * Returns the session variable specified by $name
     * 
     * @access  public
     * @param   string $name The name of variable to be returned.
     * @return  mixed The session variable.
     */
    function get($name)
    {
        GLOBAL $_SESSION;
        return @$_SESSION[$name];
    }
    
    
    /**
     * Returns true if the session variable $name is set, false otherwise.
     * 
     * @access  public
     * @param   string $name The name of the variable to check.
     * @return  boolean If the variable is set
     */
    function is_set($name)
    {
        GLOBAL $_SESSION;
        return isset($_SESSION[$name]);
    }


    /**
     * Initialize the session
     *
     * @access  public
     * @param   integer $usr_id The ID of the user
     */
    function init($usr_id)
    {
        @session_start();

        // clear all old session variables
        $_SESSION = array();

        // regenerate ID to prevent session fixation
        session_regenerate_id();

        // set the IP in the session so we can check it later
        $_SESSION['login_ip'] = $_SERVER['REMOTE_ADDR'];

        // store user ID in session
        $_SESSION['usr_id'] = $usr_id;// XXX: Should we perform checks on this usr ID before accepting it?
    }


    /**
     * Verify that the current request to use the session has the same IP address as the request that started it.
     *
     * @access  public
     * @param   integer $usr_id The ID of the user
     */
    function verify($usr_id)
    {
        @session_start();

        // Don't check the IP of the session, since this caused problems for users that use a proxy farm that uses
        // a different IP address each page load.
        if (!Session::is_set('usr_id')) {
            Session::init($usr_id);
        }
    }


    /**
     * Destroys the current session
     */
    function destroy()
    {
        @session_destroy();
    }
}

// benchmarking the included file (aka setup time)
if (APP_BENCHMARK) {
    $GLOBALS['bench']->setMarker('Included Session Class');
}
Return current item: Eventum