* Candidate for initial ElggSession magic class

* Session now properly cleared on init and logout - this has knock on effect that you can no longer assume that $_SESSION['id'] or 'guid' will be integer, making it necessary to cast. git-svn-id: https://code.elgg.org/elgg/trunk@2448 36083f99-b078-4883-b0ff-0f9b5a30f544
author: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-11-14 13:17:55 +0000
committer: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-11-14 13:17:55 +0000
commit: cca93b954711e1729e3c43ed1eca25b1516ba8fa (patch)
tree: 89322fb3529cda80de548e3a4d0c814e1e00f599 /engine/lib/sessions.php
parent: d7fc2feb27caa7c35100ac62faf6076004370d84 (diff)
download: elgg-cca93b954711e1729e3c43ed1eca25b1516ba8fa.tar.gz
elgg-cca93b954711e1729e3c43ed1eca25b1516ba8fa.tar.bz2
1 files changed, 43 insertions, 35 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index bd9ce9d31..dee5cd4a9 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -13,7 +13,7 @@
 	 */
 
 	/** Elgg magic session */
-	static $SESSION;
+	global $SESSION;
 
 	/**
 	 * Magic session class.
@@ -23,11 +23,13 @@
 	 * Primarily this is intended to provide a way of supplying "logged in user" details without touching the session 
 	 * (which can cause problems when accessed server side).
 	 * 
-	 * If a value is present in the session then that value is returned, otherwise a plugin hook 'session::get', '$var' is called,
+	 * If a value is present in the session then that value is returned, otherwise a plugin hook 'session:get', '$var' is called,
 	 * where $var is the variable being requested.
 	 * 
 	 * Setting values will store variables in the session in the normal way.
 	 * 
+	 * LIMITATIONS: You can not access multidimensional arrays
+	 * 
 	 * This is EXPERIMENTAL.
 	 */
 	class ElggSession implements ArrayAccess
@@ -35,6 +37,8 @@
 		/** Local cache of trigger retrieved variables */
 		private static $__localcache; 
 		
+		function __isset($key) { return $this->offsetExists($key); }
+				
 		/** Set a value, go straight to session. */
 		function offsetSet($key, $value) { $_SESSION[$key] = $value; } 
  		
@@ -44,21 +48,21 @@
 		 */
  		function offsetGet($key) 
  		{ 
+ 			if (!ElggSession::$__localcache)
+ 				ElggSession::$__localcache = array();
+ 				
  			if (isset($_SESSION[$key]))
  				return $_SESSION[$key];	
  				
- 			if (isset($this->__localcache[$key]))
- 				return $this->__localcache[$key];
+ 			if (isset(ElggSession::$__localcache[$key]))
+ 				return ElggSession::$__localcache[$key];
  			
  			$value = null;
- 			$value = trigger_plugin_hook('session::get', $key, null, $value);
- 			
- 			if (!$this->__localcache)
- 				$this->__localcache = array();
+ 			$value = trigger_plugin_hook('session:get', $key, null, $value);
  			
- 			$this->__localcache[$key] = $value;
+ 			ElggSession::$__localcache[$key] = $value;
  			
-   			return $this->__localcache[$key];
+   			return ElggSession::$__localcache[$key];
  		} 
  		
  		/**
@@ -66,7 +70,7 @@
  		 */
  		function offsetUnset($key) 
  		{
-   			unset($this->__localcache[$key]);
+   			unset(ElggSession::$__localcache[$key]);
 			unset($_SESSION[$key]); 
  		} 
  		
@@ -74,10 +78,13 @@
  		 * Return whether the value is set in either the session or the cache.
  		 */
  		function offsetExists($offset) { 
-			if (isset($this->__localcache[$key]))
+			if (isset(ElggSession::$__localcache[$offset]))
 				return true;
 				
-			return isset($_SESSION[$key]); 
+			if (isset($_SESSION[$offset]))
+				return true;
+
+			if ($this->offsetGet($offset)) return true;
 		}
 	}
 
@@ -88,9 +95,11 @@
 	 * @return true|false
 	 */
 		function isloggedin() {
+			
+			global $SESSION;
 			
-			if (!is_installed()) return false;
-			if ((isset($_SESSION['guid'])) && ($_SESSION['guid'] > 0) && (isset($_SESSION['id'])) && ($_SESSION['id'] > 0) )
+			if (!is_installed()) return false; 
+			if ((isset($SESSION['guid'])) && ($SESSION['guid'] > 0) && (isset($SESSION['id'])) && ($SESSION['id'] > 0) )
 			
 				return true;
 			return false;
@@ -106,7 +115,9 @@
 	 */
 		function isadminloggedin()
 		{
-			if ((isloggedin()) && (($_SESSION['user']->admin || $_SESSION['user']->siteadmin)))
+			global $SESSION;
+			
+			if ((isloggedin()) && (($SESSION['user']->admin || $SESSION['user']->siteadmin)))
 				return true;
 				
 			return false;
@@ -287,9 +298,8 @@
 	            if (isset($_COOKIE['elggperm'])) {            
 	                $code = $_COOKIE['elggperm'];
 	                $code = md5($code);
-	                $_SESSION['guid'] = 0;
-	                $_SESSION['id'] = 0;
-	                // $_SESSION['user'] = new ElggDummy();
+	                unset($_SESSION['guid']);//$_SESSION['guid'] = 0;
+	                unset($_SESSION['id']);//$_SESSION['id'] = 0;
 	                if ($user = get_user_by_code($code)) {
                     	$_SESSION['user'] = $user;
                         $_SESSION['id'] = $user->getGUID();
@@ -297,10 +307,9 @@
                         $_SESSION['code'] = $_COOKIE['elggperm'];
 	                }
 	            } else {
-	            	//$_SESSION['user'] = new ElggDummy();
-	                $_SESSION['id'] = 0;
-	                $_SESSION['guid'] = 0;
-	                $_SESSION['code'] = "";
+	            	unset($_SESSION['id']); //$_SESSION['id'] = 0;
+	                unset($_SESSION['guid']);//$_SESSION['guid'] = 0;
+	                unset($_SESSION['code']);//$_SESSION['code'] = "";
 	            }
 	        } else {
 	            if (!empty($_SESSION['code'])) {
@@ -310,17 +319,16 @@
 	                	$_SESSION['id'] = $user->getGUID();
                         $_SESSION['guid'] = $_SESSION['id'];
 	                } else {
-	                	unset($_SESSION['user']);
-	                	// $_SESSION['user'] = new ElggDummy();
-	                	$_SESSION['guid'] = 0;
-	                	$_SESSION['id'] = 0;
-	                	$_SESSION['code'] = "";
+	                	unset($_SESSION['user']);
+	                	unset($_SESSION['id']); //$_SESSION['id'] = 0;
+		                unset($_SESSION['guid']);//$_SESSION['guid'] = 0;
+		                unset($_SESSION['code']);//$_SESSION['code'] = "";
 	                }
 	            } else {
 	            	//$_SESSION['user'] = new ElggDummy();
-	            	$_SESSION['guid'] = 0;
-	                $_SESSION['id'] = 0;
-	                $_SESSION['code'] = "";
+	            	unset($_SESSION['id']); //$_SESSION['id'] = 0;
+	                unset($_SESSION['guid']);//$_SESSION['guid'] = 0;
+	                unset($_SESSION['code']);//$_SESSION['code'] = "";
 	            }
 	        }
 	        if ($_SESSION['id'] > 0) {
@@ -334,13 +342,13 @@
     		register_pam_handler('pam_auth_userpass');
     		
     		// Initialise the magic session
-    		static $SESSION;
+    		global $SESSION;
     		$SESSION = new ElggSession();
     		
     		return true;
 	        
-		}
-
+		}
+		
 	/**
 	 * Used at the top of a page to mark it as logged in users only.
 	 *
@@ -359,7 +367,7 @@
 		function admin_gatekeeper()
 		{
 			gatekeeper();
-			if (!$_SESSION['user']->admin && !$_SESSION['user']->siteadmin) {
+			if (!isadminloggedin()) {
 				$_SESSION['last_forward_from'] = current_page_url();
 				forward();
 			}
author	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-11-14 13:17:55 +0000
committer	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-11-14 13:17:55 +0000
commit	cca93b954711e1729e3c43ed1eca25b1516ba8fa (patch)
tree	89322fb3529cda80de548e3a4d0c814e1e00f599 /engine/lib/sessions.php
parent	d7fc2feb27caa7c35100ac62faf6076004370d84 (diff)
download	elgg-cca93b954711e1729e3c43ed1eca25b1516ba8fa.tar.gz elgg-cca93b954711e1729e3c43ed1eca25b1516ba8fa.tar.bz2