Ejemplo n.º 1
0
 /**
  * Check if session is valid and is not expired. If no valid session, check cookie keepSession.
  *
  * @param bool $checkKeepSessionCookie  If true check cookie keepSession
  * @param bool $isAutomaticRequest      If true don't update sessionLastTime
  */
 protected static function restore($checkKeepSessionCookie = true, $isAutomaticRequest = false)
 {
     $session = self::getInstance();
     if (session_status() != PHP_SESSION_ACTIVE) {
         static::startSession();
         self::sessionLog("session_start():" . __LINE__);
     }
     $refClass = self::getReflectionClass();
     foreach ($refClass->getConstants() as $constname => $constvalue) {
         if (substr($constname, 0, 8) !== 'SESSION_') {
             continue;
         }
         $session->{$constvalue} = isset($_SESSION[__CLASS__][$constvalue]) ? $_SESSION[__CLASS__][$constvalue] : null;
     }
     $newhash = self::createHash($session->userId, $session->sault);
     if (!($newhash == $session->hash && !empty($session->hash))) {
         // reset session (invalid)
         self::sessionLog("invalid hash:" . __LINE__);
         $session->userId = 0;
         $session->hash = '';
         if ($checkKeepSessionCookie && self::isCookieKeepSession()) {
             self::restore(false, $isAutomaticRequest);
             if ($session->userId) {
                 // we've recovered session, update last login
                 $u = new User();
                 Scalr::getDb()->Execute("UPDATE {$u->table()} SET {$u->columnLastLogin} = NOW() WHERE {$u->columnId} = ?", [$session->userId]);
             }
         }
     } else {
         if (strtotime(Scalr::config('scalr.security.user.session.timeout'), $session->lastTime) < time()) {
             self::sessionLog("session timeout was expired:" . __LINE__);
             if ($checkKeepSessionCookie) {
                 $_SESSION[__CLASS__][self::SESSION_USER_ID] = 0;
                 $_SESSION[__CLASS__][self::SESSION_HASH] = '';
                 self::restore($checkKeepSessionCookie, $isAutomaticRequest);
             } else {
                 $session->userId = 0;
                 $session->hash = '';
             }
             return;
         }
         if (!$isAutomaticRequest) {
             $_SESSION[__CLASS__][self::SESSION_LAST_TIME] = $session->lastTime = time();
         }
         if (strtotime(Scalr::config('scalr.security.user.session.lifetime'), $session->initTime) < time()) {
             self::sessionLog("session lifetime was expired:" . __LINE__);
             if ($checkKeepSessionCookie) {
                 $_SESSION[__CLASS__][self::SESSION_USER_ID] = 0;
                 $_SESSION[__CLASS__][self::SESSION_HASH] = '';
                 self::restore($checkKeepSessionCookie, $isAutomaticRequest);
             } else {
                 $session->userId = 0;
                 $session->hash = '';
             }
             return;
         }
     }
     session_write_close();
     self::sessionLog("session_write_close():" . __LINE__);
 }