/**
Instantiate class
@param $db object
@param $table string
@param $ttl int
**/
function __construct(\DB\SQL $db, $table, $ttl = 60)
{
$this->db = $db;
$this->engine = $db->driver();
$this->table = $table;
$this->fields = $db->schema($table, $ttl);
$this->reset();
}
/**
* Instantiate class
* @param $db object
* @param $table string
* @param $force bool
* @param $onsuspect callback
**/
function __construct(\DB\SQL $db, $table = 'sessions', $force = TRUE, $onsuspect = NULL)
{
if ($force) {
$eol = "\n";
$tab = "\t";
$db->exec((preg_match('/mssql|sqlsrv|sybase/', $db->driver()) ? 'IF NOT EXISTS (SELECT * FROM sysobjects WHERE ' . 'name=' . $db->quote($table) . ' AND xtype=\'U\') ' . 'CREATE TABLE dbo.' : 'CREATE TABLE IF NOT EXISTS ' . (($name = $db->name()) && $db->driver() != 'pgsql' ? $name . '.' : '')) . $table . ' (' . $eol . $tab . $db->quotekey('session_id') . ' VARCHAR(40),' . $eol . $tab . $db->quotekey('data') . ' TEXT,' . $eol . $tab . $db->quotekey('csrf') . ' TEXT,' . $eol . $tab . $db->quotekey('ip') . ' VARCHAR(40),' . $eol . $tab . $db->quotekey('agent') . ' VARCHAR(255),' . $eol . $tab . $db->quotekey('stamp') . ' INTEGER,' . $eol . $tab . 'PRIMARY KEY (' . $db->quotekey('session_id') . ')' . $eol . ');');
}
parent::__construct($db, $table);
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'cleanup'));
register_shutdown_function('session_commit');
@session_start();
$fw = \Base::instance();
$headers = $fw->get('HEADERS');
if (($ip = $this->ip()) && $ip != $fw->get('IP') || ($agent = $this->agent()) && (!isset($headers['User-Agent']) || $agent != $headers['User-Agent'])) {
if (isset($onsuspect)) {
$fw->call($onsuspect, array($this));
} else {
session_destroy();
$fw->error(403);
}
}
$csrf = $fw->hash($fw->get('ROOT') . $fw->get('BASE')) . '.' . $fw->hash(mt_rand());
if ($this->load(array('session_id=?', $this->sid = session_id()))) {
$this->set('csrf', $csrf);
$this->save();
}
}
/**
* Instantiate class
* @param $db object
* @param $table string
**/
function __construct(\DB\SQL $db, $table = 'sessions')
{
$db->exec((preg_match('/mssql|sqlsrv|sybase/', $db->driver()) ? 'IF NOT EXISTS (SELECT * FROM sysobjects WHERE ' . 'name=' . $db->quote($table) . ' AND xtype=\'U\') ' . 'CREATE TABLE dbo.' : 'CREATE TABLE IF NOT EXISTS ' . (($name = $db->name()) ? $name . '.' : '')) . $table . ' (' . 'session_id VARCHAR(40),' . 'data TEXT,' . 'csrf TEXT,' . 'ip VARCHAR(40),' . 'agent VARCHAR(255),' . 'stamp INTEGER,' . 'PRIMARY KEY(session_id)' . ');');
parent::__construct($db, $table);
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'cleanup'));
register_shutdown_function('session_commit');
@session_start();
$fw = \Base::instance();
$headers = $fw->get('HEADERS');
if (($csrf = $this->csrf()) && (!isset($_COOKIE['_']) || $_COOKIE['_'] != $csrf || ($ip = $this->ip()) && $ip != $fw->get('IP') || ($agent = $this->agent()) && !isset($headers['User-Agent']) || $agent != $headers['User-Agent'])) {
$jar = $fw->get('JAR');
$jar['expire'] = strtotime('-1 year');
call_user_func_array('setcookie', array_merge(array('_', ''), $jar));
unset($_COOKIE['_']);
session_destroy();
\Base::instance()->error(403);
}
$csrf = $fw->hash($fw->get('ROOT') . $fw->get('BASE')) . '.' . $fw->hash(mt_rand());
if ($this->load(array('session_id=?', session_id()))) {
$this->set('csrf', $csrf);
$this->save();
call_user_func_array('setcookie', array('_', $csrf) + $fw->get('JAR'));
}
}
/**
* Instantiate class
* @param $db object
* @param $table string
* @param $fields array|string
* @param $ttl int
**/
function __construct(\DB\SQL $db, $table, $fields = NULL, $ttl = 60)
{
$this->db = $db;
$this->engine = $db->driver();
if ($this->engine == 'oci') {
$table = strtoupper($table);
}
$this->source = $table;
$this->table = $this->db->quotekey($table);
$this->fields = $db->schema($table, $fields, $ttl);
$this->reset();
}
/**
* Instantiate class
* @param $db \DB\SQL
* @param $table string
* @param $force bool
* @param $onsuspect callback
* @param $key string
**/
function __construct(\DB\SQL $db, $table = 'sessions', $force = TRUE, $onsuspect = NULL, $key = NULL)
{
if ($force) {
$eol = "\n";
$tab = "\t";
$db->exec((preg_match('/mssql|sqlsrv|sybase/', $db->driver()) ? 'IF NOT EXISTS (SELECT * FROM sysobjects WHERE ' . 'name=' . $db->quote($table) . ' AND xtype=\'U\') ' . 'CREATE TABLE dbo.' : 'CREATE TABLE IF NOT EXISTS ' . (($name = $db->name()) && $db->driver() != 'pgsql' ? $name . '.' : '')) . $table . ' (' . $eol . $tab . $db->quotekey('session_id') . ' VARCHAR(255),' . $eol . $tab . $db->quotekey('data') . ' TEXT,' . $eol . $tab . $db->quotekey('ip') . ' VARCHAR(45),' . $eol . $tab . $db->quotekey('agent') . ' VARCHAR(300),' . $eol . $tab . $db->quotekey('stamp') . ' INTEGER,' . $eol . $tab . 'PRIMARY KEY (' . $db->quotekey('session_id') . ')' . $eol . ');');
}
parent::__construct($db, $table);
$this->onsuspect = $onsuspect;
session_set_save_handler([$this, 'open'], [$this, 'close'], [$this, 'read'], [$this, 'write'], [$this, 'destroy'], [$this, 'cleanup']);
register_shutdown_function('session_commit');
$fw = \Base::instance();
$headers = $fw->get('HEADERS');
$this->_csrf = $fw->hash($fw->get('ROOT') . $fw->get('BASE')) . '.' . $fw->hash(mt_rand());
if ($key) {
$fw->set($key, $this->_csrf);
}
$this->_agent = isset($headers['User-Agent']) ? $headers['User-Agent'] : '';
$this->_ip = $fw->get('IP');
}
/**
* parse command array and return backend specific query
* @param $cmd
* @param $cmd array
* @return bool|string
*/
protected function findQuery($cmd)
{
foreach ($cmd as $backend => $val) {
if (preg_match('/' . $backend . '/', $this->db->driver())) {
return $val;
}
}
trigger_error(sprintf(self::TEXT_ENGINE_NOT_SUPPORTED, $this->db->driver()));
}
/**
* Instantiate class
* @param $db object
* @param $table string|array
* @param $fields array|string
* @param $ttl int
**/
function __construct(\DB\SQL $db, $table, $fields = NULL, $ttl = 60)
{
$this->db = $db;
$this->engine = $db->driver();
$this->table = null;
$this->fields = array();
if (null != $table) {
// QiangYu 支持多个表取得 Schema,注意不同的表之间不要取相同名字的列名
if (is_array($table)) {
$this->fields = array();
foreach ($table as $oneTable) {
$this->fields = array_merge($this->fields, $db->schema($oneTable, $fields, $ttl));
}
} else {
// 单表查询
$table = trim($table);
$this->table = $table;
if (strstr($table, ' ')) {
// QiangYu 表名不应该有空格,如果有空格,则为特殊的查询,比如 tableA left join tableB ,就不能做任何处理
} else {
if ($this->engine == 'oci') {
$table = strtoupper($table);
}
$this->source = $table;
$this->table = $this->db->quotekey($table);
$this->fields = $db->schema($table, $fields, $ttl);
}
}
}
$this->reset();
}
/**
* Instantiate class
* @param $db object
* @param $table string
**/
function __construct(\DB\SQL $db, $table = 'sessions')
{
$db->exec((preg_match('/mssql|sqlsrv|sybase/', $db->driver()) ? 'IF NOT EXISTS (SELECT * FROM sysobjects WHERE ' . 'name=' . $db->quote($table) . ' AND xtype=\'U\') ' . 'CREATE TABLE dbo.' : 'CREATE TABLE IF NOT EXISTS ' . (($name = $db->name()) ? $name . '.' : '')) . $table . ' (' . 'session_id VARCHAR(40),' . 'data TEXT,' . 'ip VARCHAR(40),' . 'agent VARCHAR(255),' . 'stamp INTEGER,' . 'PRIMARY KEY(session_id)' . ');');
parent::__construct($db, $table);
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'cleanup'));
register_shutdown_function('session_commit');
}
/**
* parse command array and return backend specific query
* @param $cmd
* @param $cmd array
* @return bool|string
*/
protected function findQuery($cmd)
{
$match = FALSE;
foreach ($cmd as $backend => $val) {
if (preg_match('/' . $backend . '/', $this->db->driver())) {
$match = TRUE;
break;
}
}
if (!$match) {
trigger_error(sprintf(self::TEXT_ENGINE_NOT_SUPPORTED, $this->db->driver()));
return FALSE;
}
return $val;
}
