/**
* Load the session from the database into the object instance
*
* @access private
* @internal
* @version 1.2.0
* @since 1.0.1
* @param string $sessionID
* @return boolean
*/
private function load_session($sessionID)
{
$db = new argent_database();
$query = "\r\n SELECT \r\n * \r\n FROM \r\n `ua_sessions` \r\n WHERE \r\n `session_id` = '{$db->escape_value($sessionID)}'\r\n AND\r\n `session_name` = '{$db->escape_value($this->name)}'\r\n AND \r\n `userAgent` = '{$db->escape_value($_SERVER['HTTP_USER_AGENT'])}'";
$sessionData = $db->returnrow($query);
/**
* Check the session checksum for validity
*/
$session_verifier = argent_identifier::session_verifier($sessionData['started']);
$session_checksum = substr($sessionData['session_id'], 33);
if ($session_verifier != $session_checksum) {
return false;
}
if ($sessionData['session_id'] == $sessionID && $sessionData['last_activity'] > mktime() - $sessionData['timeout']) {
$this->id = $sessionData['session_id'];
$this->timeout = $sessionData['timeout'];
$this->secure = (bool) $sessionData['secure'];
$this->domain = $sessionData['domain'];
$this->expiry = $sessionData['last_activity'] + $sessionData['timeout'];
$this->path = $sessionData['path'];
$this->data = unserialize($sessionData['data']);
$query = "\r\n UPDATE \r\n `ua_sessions`\r\n SET \r\n `last_activity` = " . mktime() . "\r\n WHERE\r\n `session_id` = '{$db->escape_value($sessionID)}'\r\n AND \r\n `session_name` = '{$db->escape_value($this->name)}'";
$db->query($query);
unset($db);
return true;
} else {
unset($db);
return false;
}
}
/**
* Returns true if the specified User Right exists
*
* @param string $right
* @return \argent_error|boolean
*/
public static function right_exists($right)
{
$error = new argent_error();
$db = new argent_database();
if (!is_string($right)) {
$error->add('1050', 'Invalid data type: expecting STRING', $relationship, 'argent_meta');
}
if ($error->has_errors()) {
return $error;
}
$sql = "\r\n SELECT\r\n *\r\n FROM\r\n `ua_rights`\r\n WHERE\r\n `right` = '{$db->escape_value($right)}'\r\n ";
$rights = $db->returnrow($sql);
if ($rights['right'] == $right) {
return $rights['object_id'];
}
return false;
}
public static function related($primary_object_id, $secondary_object_id, $relationship = null, $include_reverse = false)
{
$error = new argent_error();
$db = new argent_database();
if (!argent_meta::object_registered($primary_object_id)) {
$error->add('1038', 'Object does not exist', $primary_object_id, 'argent_uauth');
}
if (!argent_meta::object_registered($secondary_object_id)) {
$error->add('1038', 'Object does not exist', $secondary_object_id, 'argent_uauth');
}
if (!is_string($relationship) && $relationship != null) {
$error->add('1050', 'Invalid data type: expecting STRING', $relationship, 'argent_meta');
}
if ($error->has_errors()) {
return $error;
}
$sql = "\r\n SELECT\r\n *\r\n FROM\r\n `ua_relationships`\r\n WHERE\r\n (`primary_object_id` = '{$db->escape_value($primary_object_id)}'\r\n AND\r\n `secondary_object_id` = '{$db->escape_value($secondary_object_id)}' )\r\n ";
if ($include_reverse) {
$sql .= "\r\n OR\r\n (`primary_object_id` = '{$db->escape_value($secondary_object_id)}'\r\n AND\r\n `secondary_object_id` = '{$db->escape_value($primary_object_id)}' )\r\n ";
}
if ($relationship != null) {
$sql .= "\r\n AND\r\n `relationship` = '{$db->escape_value($relationship)}'\r\n ";
}
$relationship_data = $db->returnrow($sql);
if (!empty($relationship_data['primary_object_id'])) {
return $relationship_data;
}
return false;
}
