Example #1
0
 public function __construct($dbConnection, $name, $tableName = 'session', $lifetime = 3600, $path = null, $domain = null, $secure = false)
 {
     parent::__construct($dbConnection);
     $this->sessionName = $name;
     $this->tableName = $tableName;
     $this->lifetime = $lifetime;
     $this->path = $path;
     $this->domain = $domain;
     $this->secure = $secure;
     $this->sessionId = $_COOKIE[$name];
     if (rand(0, 50) == 1) {
         $this->garbageCollector();
     }
     if (strlen($this->sessionId) < 32) {
         $this->startNewSession();
     } else {
         if (!$this->validateSession()) {
             $this->startNewSession();
         }
     }
 }
Example #2
0
 private function ValidateAuthorization($doc)
 {
     $doc = strtolower($doc);
     $notLoggedRegex = '/@notlogged/';
     preg_match($notLoggedRegex, $doc, $matches);
     if ($matches) {
         if (App::getInstance()->getSession()->_login) {
             throw new \Exception("Already logged in!", 400);
         }
     }
     $authorizeRegex = '/@authorize(?:\\s+error:\\("(.+)"\\))?/';
     preg_match($authorizeRegex, $doc, $matches);
     if ($matches) {
         $error = 'Unauthorized!';
         if ($matches[1]) {
             $error = ucfirst($matches[1]);
         }
         if (!App::getInstance()->getSession()->_login) {
             throw new \Exception($error, 401);
         }
     }
     $adminRegex = '/@admin/';
     preg_match($adminRegex, $doc, $matches);
     if ($matches) {
         if (!SimpleDB::isAdmin()) {
             throw new \Exception("Admin access only!", 401);
         }
     }
     $roleRegex = '/@role\\s*\\("(.+)"\\)/';
     preg_match($roleRegex, $doc, $matches);
     if ($matches[1]) {
         $role = $matches[1];
         if (!SimpleDB::hasRole($role) && !SimpleDB::isAdmin()) {
             $role = ucfirst($role);
             throw new \Exception("{$role} access only!", 401);
         }
     }
 }
Example #3
0
 /**
  * @param int $userId
  * @return ProfileViewModel
  */
 function getUserInfo(int $userId) : ProfileViewModel
 {
     $db = SimpleDB::getInstance('conference_scheduler');
     $result = $db->prepare("SELECT\n                                username, email\n                                FROM users\n                                WHERE id = ?");
     $result->execute([$userId]);
     $userRow = $result->fetch();
     $user = new ProfileViewModel($userRow['username'], $userRow['email']);
     return $user;
 }