2020-08-09 12:51:57 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
session_start();
|
|
|
|
|
|
|
|
require_once("Database.class.php");
|
2020-08-20 18:37:49 +00:00
|
|
|
require_once("constants.php");
|
2020-08-09 12:51:57 +00:00
|
|
|
|
|
|
|
class Session {
|
2020-08-20 18:37:49 +00:00
|
|
|
public static function get_admin_session()
|
|
|
|
{
|
|
|
|
return Database::escape_string($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function get_visitor_session()
|
|
|
|
{
|
|
|
|
return Database::escape_string($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
|
|
|
|
}
|
|
|
|
|
2020-08-09 12:51:57 +00:00
|
|
|
public static function generate_id()
|
|
|
|
{
|
|
|
|
return uniqid(uniqid("", true), true);
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function login($user_id)
|
|
|
|
{
|
|
|
|
$session_id = self::generate_id();
|
2020-08-20 18:37:49 +00:00
|
|
|
$expiry = time() + $GLOBALS["SESSION_ADMIN_VALIDITY"];
|
|
|
|
$query = "INSERT INTO `user_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $user_id, $expiry);";
|
|
|
|
Database::execute_query($query);
|
|
|
|
$_SESSION[$GLOBALS["SESSION_ADMIN"]] = $session_id;
|
|
|
|
return self::is_logged_in() == $user_id;
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public static function logout()
|
|
|
|
{
|
2020-08-20 18:37:49 +00:00
|
|
|
$query = "DELETE FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
|
|
|
|
Database::execute_query($query);
|
|
|
|
unset($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public static function is_logged_in()
|
|
|
|
{
|
2020-08-20 18:37:49 +00:00
|
|
|
$query = "SELECT `user_id` FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
|
|
|
|
$result = Database::execute_query($query);
|
|
|
|
if ($result->num_rows == 1) {
|
|
|
|
return $result->fetch_assoc()["user_id"];
|
|
|
|
}
|
|
|
|
return false;
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public static function remember_visitor($visitor_id)
|
|
|
|
{
|
|
|
|
$session_id = self::generate_id();
|
2020-08-20 18:37:49 +00:00
|
|
|
$expiry = time() + $GLOBALS["SESSION_VISITOR_VALIDITY"];
|
|
|
|
$query = "INSERT INTO `visitor_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $visitor_id, $expiry);";
|
|
|
|
Database::execute_query($query);
|
|
|
|
$_SESSION[$GLOBALS["SESSION_VISITOR"]] = $session_id;
|
|
|
|
return self::get_visitor() == $visitor_id;
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
|
2020-08-20 18:37:49 +00:00
|
|
|
public static function get_visitor()
|
2020-08-09 12:51:57 +00:00
|
|
|
{
|
2020-08-20 18:37:49 +00:00
|
|
|
$query = "SELECT `visitor_id` FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
|
|
|
|
$result = Database::execute_query($query);
|
|
|
|
if ($result->num_rows == 1) {
|
|
|
|
return $result->fetch_assoc()["visitor_id"];
|
|
|
|
}
|
|
|
|
return false;
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public static function forget_visitor($visitor_id)
|
|
|
|
{
|
2020-08-20 18:37:49 +00:00
|
|
|
$query = "DELETE FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
|
|
|
|
Database::execute_query($query);
|
|
|
|
unset($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
|
2020-08-09 12:51:57 +00:00
|
|
|
}
|
|
|
|
}
|