Rev 35 | Rev 85 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?php
class MySessionHandler implements SessionHandlerInterface {
private static $instance = null;
private static $sessionTab = 0;
private static $_sess_db = null;
private static $db_user = null;
private static $db_pass = null;
private static $db_name = null;
private static $db_host = null;
public static function getInstance($set_tab = null, $mysqlConfig = null){
if (is_null(self::$instance)){
self::$instance = new self();
}
if ($set_tab && !is_null($set_tab) && ($set_tab > 0 || $set_tab == 'login')) {
self::setSessionTab($set_tab);
} else {
self::setSessionTab();
}
// store mysqli configuration
if (!is_null($mysqlConfig)) {
if (isset($mysqlConfig['db_user']) && !empty($mysqlConfig['db_user'])) {
self::$db_user = $mysqlConfig['db_user'];
} else {
throw new \Exception("MySessionHandler:: - db_user not set in configuration");
}
if (isset($mysqlConfig['db_pass']) && !empty($mysqlConfig['db_pass'])) {
self::$db_pass = $mysqlConfig['db_pass'];
} else {
throw new \Exception("MySessionHandler:: - db_pass not set in configuration");
}
if (isset($mysqlConfig['db_name']) && !empty($mysqlConfig['db_name'])) {
self::$db_name = $mysqlConfig['db_name'];
} else {
throw new \Exception("MySessionHandler:: - db_name not set in configuration");
}
if (isset($mysqlConfig['db_host']) && !empty($mysqlConfig['db_host'])) {
self::$db_host = $mysqlConfig['db_host'];
} else {
throw new \Exception("MySessionHandler:: - db_host not set in configuration");
}
}
return self::$instance;
}
public static function getDBSessionId(){
return self::$_sess_db;
}
public static function getSessionTab(){
return self::$sessionTab;
}
public static function setSessionTab($tab = 0){
self::$sessionTab = $tab ? (int)$tab : (int)rand(1, pow(10, 9) - 1);
}
public function open($savePath = null, $sessionName = null)
{
if(is_null(self::$sessionTab)){
self::setSessionTab();
}
self::$_sess_db = mysqli_connect(self::$db_host, self::$db_user, self::$db_pass, self::$db_name);
if (mysqli_connect_errno())
{
error_log("Failed to connect to MySQL: " . mysqli_connect_error() . " (" . mysqli_connect_errno() . ")");
return false;
}
return true;
}
public function close()
{
return mysqli_close(self::$_sess_db);
}
public function read($id)
{
$id = mysqli_real_escape_string(self::$_sess_db, $id);
$sql = "SELECT data
FROM sessions
WHERE id = '$id' and tab = '" . self::getSessionTab() . "'";
$_SESSION = [];
if ($result = mysqli_query(self::$_sess_db, $sql))
{
if (mysqli_num_rows($result))
{
$record = mysqli_fetch_assoc($result);
$decrypted = Cryptor::Decrypt($record['data']);
$_SESSION = json_decode($decrypted, true);
}
} else {
error_log("MySQL Read Session Error: " . mysqli_error(self::$_sess_db) . " (" . mysqli_errno(self::$_sess_db) . ")");
}
if (self::getSessionTab() != 0) {
$sql = "SELECT data
FROM sessions
WHERE id = '$id' and tab = '0'";
if ($result = mysqli_query(self::$_sess_db, $sql))
{
if (mysqli_num_rows($result))
{
$record = mysqli_fetch_assoc($result);
$decrypted = Cryptor::Decrypt($record['data']);
$temp = json_decode($decrypted, true);
$_SESSION = array_merge($_SESSION, $temp);
}
} else {
error_log("MySQL Login Read Session Error: " . mysqli_error(self::$_sess_db) . " (" . mysqli_errno(self::$_sess_db) . ")"); // bugbug
}
}
if (isset($_SESSION) && !empty($_SESSION) && $_SESSION != null) {
return session_encode();
}
return '';
}
public function write($id, $data)
{
return true; // see commit()
}
public static function commit($id)
{
$id = mysqli_real_escape_string(self::$_sess_db, $id);
$access = mysqli_real_escape_string(self::$_sess_db, time());
$encrypted = Cryptor::Encrypt(json_encode($_SESSION));
$userId = (empty($_SESSION['sessData']['userID']) ? 'NULL' : $_SESSION['sessData']['userID']);
$sql = "REPLACE
INTO sessions
VALUES ('$id', '" . self::getSessionTab() . "', '$access', '$encrypted', $userId)";
if (!($result = mysqli_query(self::$_sess_db, $sql))) {
error_log("MySQL Write Session Error: " . mysqli_error(self::$_sess_db) . " (" . mysqli_errno(self::$_sess_db) . ")");
}
return $result;
}
public function destroy($id)
{
$id = mysqli_real_escape_string(self::$_sess_db, $id);
$sql = "DELETE
FROM sessions
WHERE id = '$id' and tab = '" . self::getSessionTab() . "'";
if (!($result = mysqli_query(self::$_sess_db, $sql))) {
error_log("MySQL Destroy Session: " . mysqli_error(self::$_sess_db) . " (" . mysqli_errno(self::$_sess_db) . ")");
}
return $result;
}
public function gc($maxlifetime)
{
$old = mysqli_real_escape_string(self::$_sess_db, time() - $maxlifetime);
$sql = "DELETE
FROM sessions
WHERE access < '$old'";
if (!($result = mysqli_query(self::$_sess_db, $sql))) {
error_log("MySQL Session GC Error: " . mysqli_error(self::$_sess_db) . " (" . mysqli_errno(self::$_sess_db) . ")");
}
return $result;
}
}