Abstract library for handling account sessions and cookies
//extending
abstract class StaffSession extends \LSS\Session {
public static function requireManager(){
if(self::get('is_manager')) return true;
throw new Exception('Permission denied');
}
public static function init(){
self::$config_name = 'staff';
self::$session_name = 'staff_token';
self::$session_table = 'staff_session';
self::$user_primary_key = 'staff_id';
}
}
//overrides the parent vars
StaffSession::init();
//check for session
try {
if(StaffSession::checkLogin()){
//register session
$token = StaffSession::fetchByToken(StaffSession::getTokenFromSession());
$session = array_merge(Staff::fetch($token['staff_id']),$token);
StaffSession::storeSession($session);
unset($session,$token);
//set tpl globals (if Tpl is available)
if(is_callable(array('Tpl','_get'))){
Tpl::_get()->set(array(
'staff_name' => StaffSession::get('name')
,'staff_lastlogin' => date(Config::get('account.date.general_format'),StaffSession::get('last_login'))
));
}
} else {
if(server('REQUEST_URI') != Url::login()) redirect(Url::login());
}
} catch(Exception $e){
StaffSession::tokenDestroy(StaffSession::getTokenFromSession());
StaffSession::destroySession();
redirect(Url::login());
}
Returns true when a valid session exists
Redirects to Url::login() if no session is found
Checks if a session needed to validate a login exists
Returns MDA key from the session registry When $var is FALSE the entire registry is returned
$staff_id = Session::get('staff_id');
Sets the session registry Returns TRUE on success FALSE on failure
Returns the current session token
Stores the token in an actual PHP session
Destroys the session help in PHP
Return a session by token
- $id The identifier of the account
- $remote_ip Remote IP address used for session
- $user_agent The USER_AGENT field of the remote user Returns a session record
- $token The session token
- $remote_ip Remote IP of the session starter
- $return_token When FALSE this function returns BOOL otherwise returns the token
- $id The identifier of the account
- $remote_ip Remote IP address used for session
- $user_agent The USER_AGENT field of the remote user Returns the newly created token
Destroys the given token and returns that token