This repository has been archived on 2024-06-26. You can view files and clone it, but cannot push or open issues or pull requests.
sakura/app/Session.php
2016-12-08 00:34:59 +01:00

178 lines
4 KiB
PHP

<?php
/**
* Holds the session object.
* @package Sakura
*/
namespace Sakura;
/**
* Session object.
* @package Sakura
* @author Julian van de Groep <me@flash.moe>
*/
class Session
{
/**
* Session storage id.
* @var int
*/
public $id = 0;
/**
* User id.
* @var int
*/
public $user = 0;
/**
* IP address this session was started from.
* @var string
*/
public $ip = '';
/**
* Country this session was started from.
* @var string
*/
public $country = '';
/**
* User agent this session was started from.
* @var string
*/
public $agent = '';
/**
* Session secret key.
* @var string
*/
public $key = '';
/**
* Timestamp from when this session was created.
* @var int
*/
public $start = 0;
/**
* Timestamp on which this session will invalidate.
* @var int
*/
public $expire = 0;
/**
* Constructor, $id can be a number or the secret key.
* @param mixed $id
*/
public function __construct($id)
{
$data = DB::table('sessions');
if (is_numeric($id)) {
$data->where('session_id', $id);
} else {
$data->where('session_key', $id);
}
$data = $data->first();
if ($data) {
$this->id = intval($data->session_id);
$this->user = intval($data->user_id);
$this->ip = Net::ntop($data->user_ip);
$this->country = $data->session_country;
$this->agent = $data->user_agent;
$this->key = $data->session_key;
$this->start = intval($data->session_start);
$this->expire = intval($data->session_expire);
}
}
/**
* Create a new session
* @param int $user
* @param string $ip
* @param string $country
* @param string $agent
* @param int $length
* @return Session
*/
public static function create(int $user, string $ip, string $country, string $agent = null, int $length = 604800)
{
$start = time();
$key = bin2hex(random_bytes(64));
$id = DB::table('sessions')
->insertGetId([
'user_id' => $user,
'user_ip' => Net::pton($ip),
'user_agent' => $agent,
'session_key' => $key,
'session_start' => $start,
'session_expire' => $start + $length,
'session_country' => $country,
]);
return new Session($id);
}
/**
* Delete this session.
*/
public function delete(): void
{
DB::table('sessions')
->where('session_id', $this->id)
->delete();
}
/**
* Validate the session.
* @param int $user
* @param string $ip
* @return bool
*/
public function validate(int $user, string $ip = null): bool
{
// Get session from database
$session = DB::table('sessions')
->where([
'session_key' => $this->key,
'user_id' => $user,
])
->first();
// Check if we actually got something in return
if (!$session) {
return false;
}
// Check if the session expired
if ($session->session_expire < time()) {
$this->delete();
return false;
}
if ($ip !== null) {
/* completely removed the code for ip checking because it only worked with IPv4
good thing is i can probably do CIDR based checking */
}
DB::table('sessions')
->where('session_id', $session->session_id)
->update(['session_expire' => time() + 604800]);
return true;
}
/**
* Get the country.
* @param bool $long
* @return string
*/
public function country(bool $long = false): string
{
return $long ? get_country_name($this->country) : $this->country;
}
}