public function __construct($dbConnection, $name, $tableName = 'session', $lifetime = 3600, $path = null, $domain = null, $secure = false)
{
parent::__construct($dbConnection);
$this->sessionName = $name;
$this->tableName = $tableName;
$this->lifetime = $lifetime;
$this->path = $path;
$this->domain = $domain;
$this->secure = $secure;
$this->sessionId = $_COOKIE[$name];
if (rand(0, 50) == 1) {
$this->garbageCollector();
}
if (strlen($this->sessionId) < 32) {
$this->startNewSession();
} else {
if (!$this->validateSession()) {
$this->startNewSession();
}
}
}
private function ValidateAuthorization($doc)
{
$doc = strtolower($doc);
$notLoggedRegex = '/@notlogged/';
preg_match($notLoggedRegex, $doc, $matches);
if ($matches) {
if (App::getInstance()->getSession()->_login) {
throw new \Exception("Already logged in!", 400);
}
}
$authorizeRegex = '/@authorize(?:\\s+error:\\("(.+)"\\))?/';
preg_match($authorizeRegex, $doc, $matches);
if ($matches) {
$error = 'Unauthorized!';
if ($matches[1]) {
$error = ucfirst($matches[1]);
}
if (!App::getInstance()->getSession()->_login) {
throw new \Exception($error, 401);
}
}
$adminRegex = '/@admin/';
preg_match($adminRegex, $doc, $matches);
if ($matches) {
if (!SimpleDB::isAdmin()) {
throw new \Exception("Admin access only!", 401);
}
}
$roleRegex = '/@role\\s*\\("(.+)"\\)/';
preg_match($roleRegex, $doc, $matches);
if ($matches[1]) {
$role = $matches[1];
if (!SimpleDB::hasRole($role) && !SimpleDB::isAdmin()) {
$role = ucfirst($role);
throw new \Exception("{$role} access only!", 401);
}
}
}
/**
* @param int $userId
* @return ProfileViewModel
*/
function getUserInfo(int $userId) : ProfileViewModel
{
$db = SimpleDB::getInstance('conference_scheduler');
$result = $db->prepare("SELECT\n username, email\n FROM users\n WHERE id = ?");
$result->execute([$userId]);
$userRow = $result->fetch();
$user = new ProfileViewModel($userRow['username'], $userRow['email']);
return $user;
}
