2015-09-15 20:37:29 +00:00
|
|
|
<?php
|
2016-02-03 22:22:56 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Holds the session object.
|
2016-02-03 22:22:56 +00:00
|
|
|
* @package Sakura
|
|
|
|
*/
|
|
|
|
|
2015-09-15 20:37:29 +00:00
|
|
|
namespace Sakura;
|
|
|
|
|
2015-10-18 19:06:30 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Session object.
|
2015-10-18 19:06:30 +00:00
|
|
|
* @package Sakura
|
2016-02-02 21:04:15 +00:00
|
|
|
* @author Julian van de Groep <me@flash.moe>
|
2015-10-18 19:06:30 +00:00
|
|
|
*/
|
2015-09-15 20:37:29 +00:00
|
|
|
class Session
|
|
|
|
{
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Session storage id.
|
2016-02-02 21:04:15 +00:00
|
|
|
* @var int
|
|
|
|
*/
|
2016-08-07 14:10:27 +00:00
|
|
|
public $id = 0;
|
2016-02-02 21:04:15 +00:00
|
|
|
|
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* User id.
|
|
|
|
* @var int
|
|
|
|
*/
|
|
|
|
public $user = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* IP address this session was started from.
|
2016-02-02 21:04:15 +00:00
|
|
|
* @var string
|
|
|
|
*/
|
2016-08-07 14:10:27 +00:00
|
|
|
public $ip = '';
|
2015-09-15 20:37:29 +00:00
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Country this session was started from.
|
|
|
|
* @var string
|
2016-02-02 21:04:15 +00:00
|
|
|
*/
|
2016-08-07 14:10:27 +00:00
|
|
|
public $country = '';
|
2016-03-31 20:03:25 +00:00
|
|
|
|
2016-08-07 14:10:27 +00:00
|
|
|
/**
|
|
|
|
* User agent this session was started from.
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
public $agent = '';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Session secret key.
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
public $key = '';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Timestamp from when this session was created.
|
|
|
|
* @var int
|
|
|
|
*/
|
|
|
|
public $start = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Timestamp on which this session will invalidate.
|
|
|
|
* @var int
|
|
|
|
*/
|
|
|
|
public $expire = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether to extend the session's lifetime.
|
|
|
|
* @var bool
|
|
|
|
*/
|
|
|
|
public $remember = false;
|
2015-10-18 01:50:50 +00:00
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Constructor, $id can be a number or the secret key.
|
|
|
|
* @param mixed $id
|
2016-02-02 21:04:15 +00:00
|
|
|
*/
|
2016-08-07 14:10:27 +00:00
|
|
|
public function __construct($id)
|
2015-10-18 01:50:50 +00:00
|
|
|
{
|
2016-08-07 14:10:27 +00:00
|
|
|
$data = DB::table('sessions');
|
2015-10-18 01:50:50 +00:00
|
|
|
|
2016-08-07 14:10:27 +00:00
|
|
|
if (is_numeric($id)) {
|
|
|
|
$data->where('session_id', $id);
|
|
|
|
} else {
|
|
|
|
$data->where('session_key', $id);
|
|
|
|
}
|
2015-10-18 01:50:50 +00:00
|
|
|
|
2016-08-07 14:10:27 +00:00
|
|
|
$data = $data->first();
|
|
|
|
|
|
|
|
if ($data) {
|
|
|
|
$this->id = intval($data->session_id);
|
|
|
|
$this->user = intval($data->user_id);
|
|
|
|
$this->ip = Net::ntop($data->user_ip);
|
|
|
|
$this->country = $data->session_country;
|
|
|
|
$this->agent = $data->user_agent;
|
|
|
|
$this->key = $data->session_key;
|
|
|
|
$this->start = intval($data->session_start);
|
|
|
|
$this->expire = intval($data->session_expire);
|
|
|
|
$this->remember = boolval($data->session_remember);
|
|
|
|
}
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Create a new session
|
|
|
|
* @param int $user
|
|
|
|
* @param string $ip
|
|
|
|
* @param string $country
|
|
|
|
* @param string $agent
|
|
|
|
* @param bool $remember
|
|
|
|
* @param int $length
|
|
|
|
* @return Session
|
2016-02-02 21:04:15 +00:00
|
|
|
*/
|
2016-12-04 16:33:52 +00:00
|
|
|
public static function create(int $user, string $ip, string $country, string $agent = null, bool $remember = false, int $length = 604800)
|
2015-11-20 12:21:12 +00:00
|
|
|
{
|
2016-08-07 14:10:27 +00:00
|
|
|
$start = time();
|
|
|
|
$key = bin2hex(random_bytes(64));
|
|
|
|
|
|
|
|
$id = DB::table('sessions')
|
|
|
|
->insertGetId([
|
|
|
|
'user_id' => $user,
|
|
|
|
'user_ip' => Net::pton($ip),
|
|
|
|
'user_agent' => $agent,
|
|
|
|
'session_key' => $key,
|
|
|
|
'session_start' => $start,
|
|
|
|
'session_expire' => $start + $length,
|
|
|
|
'session_remember' => $remember ? 1 : 0,
|
|
|
|
'session_country' => $country,
|
|
|
|
]);
|
2015-11-20 12:21:12 +00:00
|
|
|
|
2016-08-07 14:10:27 +00:00
|
|
|
return new Session($id);
|
2015-11-20 12:21:12 +00:00
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
2016-08-07 14:10:27 +00:00
|
|
|
* Delete this session.
|
2016-02-02 21:04:15 +00:00
|
|
|
*/
|
2016-12-04 16:33:52 +00:00
|
|
|
public function delete(): void
|
2015-10-18 01:50:50 +00:00
|
|
|
{
|
2016-02-25 16:06:29 +00:00
|
|
|
DB::table('sessions')
|
2016-08-07 14:10:27 +00:00
|
|
|
->where('session_id', $this->id)
|
|
|
|
->delete();
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
|
|
|
|
2016-02-02 21:04:15 +00:00
|
|
|
/**
|
|
|
|
* Validate the session.
|
2016-08-07 14:10:27 +00:00
|
|
|
* @param int $user
|
|
|
|
* @param string $ip
|
|
|
|
* @return bool
|
2016-02-02 21:04:15 +00:00
|
|
|
*/
|
2016-12-04 16:33:52 +00:00
|
|
|
public function validate(int $user, string $ip = null): bool
|
2015-10-18 01:50:50 +00:00
|
|
|
{
|
|
|
|
// Get session from database
|
2016-02-25 16:06:29 +00:00
|
|
|
$session = DB::table('sessions')
|
2016-08-07 14:10:27 +00:00
|
|
|
->where([
|
|
|
|
'session_key' => $this->key,
|
|
|
|
'user_id' => $user,
|
|
|
|
])
|
2016-08-06 14:09:01 +00:00
|
|
|
->first();
|
2015-10-18 01:50:50 +00:00
|
|
|
|
|
|
|
// Check if we actually got something in return
|
|
|
|
if (!$session) {
|
2016-08-07 14:10:27 +00:00
|
|
|
return false;
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Check if the session expired
|
2016-08-06 14:09:01 +00:00
|
|
|
if ($session->session_expire < time()) {
|
2016-08-07 14:10:27 +00:00
|
|
|
$this->delete();
|
|
|
|
return false;
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
|
|
|
|
2016-09-21 11:30:01 +00:00
|
|
|
if ($ip !== null) {
|
|
|
|
/* completely removed the code for ip checking because it only worked with IPv4
|
2016-04-25 02:01:14 +00:00
|
|
|
good thing is i can probably do CIDR based checking */
|
2016-09-21 11:30:01 +00:00
|
|
|
}
|
2015-10-18 01:50:50 +00:00
|
|
|
|
|
|
|
// If the remember flag is set extend the session time
|
2016-08-06 14:09:01 +00:00
|
|
|
if ($session->session_remember) {
|
2016-02-25 16:06:29 +00:00
|
|
|
DB::table('sessions')
|
2016-08-07 14:10:27 +00:00
|
|
|
->where('session_id', $session->session_id)
|
2016-02-25 16:06:29 +00:00
|
|
|
->update(['session_expire' => time() + 604800]);
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Return 2 if the remember flag is set and return 1 if not
|
2016-08-07 14:10:27 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the country.
|
|
|
|
* @param bool $long
|
|
|
|
* @return string
|
|
|
|
*/
|
2016-12-04 16:33:52 +00:00
|
|
|
public function country(bool $long = false): string
|
2016-08-07 14:10:27 +00:00
|
|
|
{
|
|
|
|
return $long ? get_country_name($this->country) : $this->country;
|
2015-10-18 01:50:50 +00:00
|
|
|
}
|
2015-09-15 20:37:29 +00:00
|
|
|
}
|