aptana_global/sql/sessions_iu.class.php - babel/server - Git at Google

 <?php
 /*******************************************************************************
  * Copyright (c) 2007 Eclipse Foundation and others.
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v1.0
  * which accompanies this distribution, and is available at
  * http://www.eclipse.org/legal/epl-v10.html
  *
  * Contributors:
  *    Paul Colton (Aptana)- initial API and implementation
  *    Eclipse Foundation
 *******************************************************************************/

 class sessions_iu extends sessions_ix {

 	function validate() {
 	  $cookie = (isset($_COOKIE[COOKIE_REMEMBER])?$_COOKIE[COOKIE_REMEMBER]:"");
       $rValue = 1;

       if (strpos($cookie,":")) {
         // Check for remember cookie and get user info if set
         list($nbr,$gid) = $this->decode_remember($cookie);
         if ( (!$this->sqlLoad("gid", $gid))
         	|| $gid != $this->_gid
         	|| $this->getSubnet() != $this->_subnet) {
         	# Failed - no such session, or session no match.  Need to relogin
         	setcookie(COOKIE_REMEMBER, "", -36000, "/");
         	$rValue = 0;
         }
         else {
         	# Update the session updated_at
         	$this->sqlTouch("updated_at");
         	$this->maintenance();
         }
         SetSessionVar('s_userAcct', $this->_userid);
         return $rValue;
       }
 	}

 	function destroy() {
 	  $cookie = (isset($_COOKIE[COOKIE_REMEMBER])?$_COOKIE[COOKIE_REMEMBER]:"");
       $rValue = 1;

       if (strpos($cookie,":")) {
         // Check for remember cookie and get user info if set
         list($nbr,$gid) = $this->decode_remember($cookie);
         if($nbr) {
         	# TODO: untaint
         	$sql = "DELETE FROM sessions WHERE userid = " . $nbr;
         	sqlQuery($sql);
         	unset($_SESSION['s_userAcct']);
   			unset($_SESSION['s_userName']);
   			unset($_SESSION['s_userType']);
         }
       }
 	}

 	function create($_userid) {
 		$this->_userid 	= $_userid;
 		$this->_gid 	= guidNbr();
 		$this->_subnet 	= $this->getSubnet();
 		$this->_updated_at = "NOW()";

 		$this->selfPost();
 	}

 	function maintenance() {
 		# Delete sessions older than 14 days
 		$this->sqlCmd("DELETE FROM {SELF} WHERE updated_at < DATE_SUB(NOW(), INTERVAL 14 DAY)");
 	}

 	function getSubnet() {
 		# return class-c subnet
 		return substr($_SERVER['REMOTE_ADDR'], 0, strrpos($_SERVER['REMOTE_ADDR'], ".")) . ".0";
 	}

     function encode_remember() {
       $code = ($this->_userid+111) . ":" . $this->_gid;
       return $code;
     }

     function decode_remember($remember) {
       list($nbr,$gid) = split(":",$remember);
       $nbr  = $nbr-111;
       return array($nbr,$gid);
     }
 }
 ?>
	<?php
	/*******************************************************************************
	* Copyright (c) 2007 Eclipse Foundation and others.
	* All rights reserved. This program and the accompanying materials
	* are made available under the terms of the Eclipse Public License v1.0
	* which accompanies this distribution, and is available at
	* http://www.eclipse.org/legal/epl-v10.html
	*
	* Contributors:
	* Paul Colton (Aptana)- initial API and implementation
	* Eclipse Foundation
	*******************************************************************************/

	class sessions_iu extends sessions_ix {

	function validate() {
	$cookie = (isset($_COOKIE[COOKIE_REMEMBER])?$_COOKIE[COOKIE_REMEMBER]:"");
	$rValue = 1;

	if (strpos($cookie,":")) {
	// Check for remember cookie and get user info if set
	list($nbr,$gid) = $this->decode_remember($cookie);
	if ( (!$this->sqlLoad("gid", $gid))
	\|\| $gid != $this->_gid
	\|\| $this->getSubnet() != $this->_subnet) {
	# Failed - no such session, or session no match. Need to relogin
	setcookie(COOKIE_REMEMBER, "", -36000, "/");
	$rValue = 0;
	}
	else {
	# Update the session updated_at
	$this->sqlTouch("updated_at");
	$this->maintenance();
	}
	SetSessionVar('s_userAcct', $this->_userid);
	return $rValue;
	}
	}

	function destroy() {
	$cookie = (isset($_COOKIE[COOKIE_REMEMBER])?$_COOKIE[COOKIE_REMEMBER]:"");
	$rValue = 1;

	if (strpos($cookie,":")) {
	// Check for remember cookie and get user info if set
	list($nbr,$gid) = $this->decode_remember($cookie);
	if($nbr) {
	# TODO: untaint
	$sql = "DELETE FROM sessions WHERE userid = " . $nbr;
	sqlQuery($sql);
	unset($_SESSION['s_userAcct']);
	unset($_SESSION['s_userName']);
	unset($_SESSION['s_userType']);
	}
	}
	}

	function create($_userid) {
	$this->_userid = $_userid;
	$this->_gid = guidNbr();
	$this->_subnet = $this->getSubnet();
	$this->_updated_at = "NOW()";

	$this->selfPost();
	}

	function maintenance() {
	# Delete sessions older than 14 days
	$this->sqlCmd("DELETE FROM {SELF} WHERE updated_at < DATE_SUB(NOW(), INTERVAL 14 DAY)");
	}

	function getSubnet() {
	# return class-c subnet
	return substr($_SERVER['REMOTE_ADDR'], 0, strrpos($_SERVER['REMOTE_ADDR'], ".")) . ".0";
	}

	function encode_remember() {
	$code = ($this->_userid+111) . ":" . $this->_gid;
	return $code;
	}

	function decode_remember($remember) {
	list($nbr,$gid) = split(":",$remember);
	$nbr = $nbr-111;
	return array($nbr,$gid);
	}
	}
	?>