/**
* routeStartup() - check to see if a session exists versus a given parameter
*
* @param (Zend_Controller_Request_Abstract $request
* @return void
*/
public function routeStartup(Zend_Controller_Request_Abstract $request)
{
//$request->setParam('ClientId','1');
$regenerate = false;
$uri = $request->getRequestUri();
if (preg_match($this->_regex, $uri, $uriKey)) {
$sessionKey = $uriKey[1];
unset($uriKey);
// OK we have a session ID passed to us by $_GET
// Check to see if a cookie exists for this user
if (Showcase_Session::sessionExists()) {
// Cookie exists, remove the SID param from the request
$request->setParam('sid', null);
} else {
if (false === strpos($_SERVER['HTTP_USER_AGENT'], 'Googlebot')) {
Showcase_Session::setSessionKey($sessionKey);
// no session for this user
// a get query and no session means either they are using an old link
// or that they have really high security settings
// let's go to the database and see if we can find them
$regenerate = true;
$sessionId = Showcase_Session::getSessionId($request);
// checks database to get the true PHPSESSID
if ($sessionId) {
// they have a session in the database, set their current session as the existing one
// and then regenerate it anyway as a security measure.
try {
Showcase_Session::setId($sessionId);
} catch (Zend_Exception $e) {
try {
Showcase_Session::destroy(true);
} catch (Zend_Exception $e) {
}
}
}
unset($sessionId);
// this is not a variable you want lying around. Ever. Unsetting just to be safe.
}
}
$request->setRequestUri(preg_replace($this->_regex, '', $uri));
}
Showcase_Session::start();
if ($regenerate) {
Showcase_Session::regenerateId();
}
}
protected function _update()
{
$userId = false;
$sessionKey = $this->_getSessionKey();
if ($sessionKey) {
$stmt = Zend_Registry::get('dbh')->proc('session_load');
$stmt->bindParam(':key', $sessionKey, PDO::PARAM_STR);
try {
$stmt->execute();
} catch (Zend_Db_Statement_Exception $e) {
die('session_load: ' . $e->getMessage());
}
$result = $stmt->fetchAll(Zend_Db::FETCH_OBJ);
$stmt->closeCursor();
$userDetails = false;
if (is_array($result) && count($result)) {
$userDetails = $result[0];
}
unset($stmt);
if ($userDetails instanceof stdClass) {
if (Showcase_Session::checkIpRange(Showcase_Session::encodeIp($this->_remoteIp), $userDetails->ip)) {
if ($userDetails->agent == $this->_sessionData->agent) {
$stmt = Zend_Registry::get('dbh')->proc('session_update');
$stmt->bindParam(':new_key', $sessionKey, PDO::PARAM_STR);
try {
$stmt->execute();
} catch (Zend_Db_Statement_Exception $e) {
die(__LINE__ . ':' . __FILE__ . ':' . $e->getMessage());
}
$stmt->closeCursor();
unset($stmt);
$this->_sessionData->key = $sessionKey;
$this->_sessionData->start = $userDetails->start;
$this->_sessionData->update = $userDetails->updated;
$this->_sessionData->agent = $userDetails->agent;
//$this->_sessionData->portal = $userDetails->portal;
$this->_sessionData->setUserId($userDetails->user);
if (self::SESSION_GET == $this->_sessionMethod) {
Showcase_Session::setSessionKey($sessionKey);
}
//$this->_cleanUpExpiredSessions();
return true;
}
}
}
}
$this->_insert();
}