Commit | Line | Data |
---|---|---|
cab08090 | 1 | <?php |
2 | /*************************************************************************** | |
179afa7f | 3 | * Copyright (C) 2003-2008 Polytechnique.org * |
cab08090 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
22 | class Session | |
23 | { | |
6995a9b9 | 24 | public static function init() |
cab08090 | 25 | { |
26 | @session_start(); | |
27 | if (empty($_SESSION['challenge'])) { | |
28 | $_SESSION['challenge'] = sha1(uniqid(rand(), true)); | |
20934085 | 29 | } |
2fe96c54 VZ |
30 | if (empty($_SESSION['xsrf_token'])) { |
31 | $_SESSION['xsrf_token'] = rand_url_id(); | |
32 | } | |
9e1b4320 | 33 | if (!isset($_SESSION['perms']) || !($_SESSION['perms'] instanceof FlagSet)) { |
20934085 | 34 | $_SESSION['perms'] = new FlagSet(); |
35 | } | |
cab08090 | 36 | } |
37 | ||
6995a9b9 | 38 | public static function destroy() |
cab08090 | 39 | { |
40 | @session_destroy(); | |
41 | unset($_SESSION); | |
42 | } | |
43 | ||
6995a9b9 | 44 | public static function has($key) |
cab08090 | 45 | { |
46 | return isset($_SESSION[$key]); | |
47 | } | |
48 | ||
6995a9b9 | 49 | public static function kill($key) |
cab08090 | 50 | { |
51 | unset($_SESSION[$key]); | |
52 | } | |
53 | ||
6995a9b9 | 54 | public static function v($key, $default = null) |
cab08090 | 55 | { |
56 | return isset($_SESSION[$key]) ? $_SESSION[$key] : $default; | |
57 | } | |
58 | ||
eaf30d86 | 59 | public static function s($key, $default = '') |
7280eb45 | 60 | { |
61 | return (string)Session::v($key, $default); | |
eaf30d86 | 62 | } |
7280eb45 | 63 | |
6995a9b9 | 64 | public static function i($key, $default = 0) |
6b590724 | 65 | { |
66 | $i = Session::v($key, $default); | |
67 | return is_numeric($i) ? intval($i) : $default; | |
68 | } | |
cab08090 | 69 | |
7280eb45 | 70 | public static function l(array $keys) |
71 | { | |
72 | return array_map(array('Session', 'v'), $keys); | |
73 | } | |
74 | ||
6995a9b9 | 75 | public static function has_perms() |
cab08090 | 76 | { |
bf517daf | 77 | return Session::logged() && Session::v('perms')->hasFlag(PERMS_ADMIN); |
cab08090 | 78 | } |
79 | ||
2fe96c54 VZ |
80 | public static function has_xsrf_token() |
81 | { | |
82 | return Session::has('xsrf_token') && Session::v('xsrf_token') == Env::v('token'); | |
83 | } | |
84 | ||
6995a9b9 | 85 | public static function logged() |
cab08090 | 86 | { |
87 | return Session::v('auth', AUTH_PUBLIC) >= AUTH_COOKIE; | |
88 | } | |
89 | ||
6995a9b9 | 90 | public static function identified() |
cab08090 | 91 | { |
92 | return Session::v('auth', AUTH_PUBLIC) >= AUTH_MDP; | |
93 | } | |
94 | } | |
95 | ||
b76f0797 | 96 | // {{{ function check_perms() |
97 | ||
98 | /** verifie si un utilisateur a les droits pour voir une page | |
99 | ** si ce n'est pas le cas, on affiche une erreur | |
100 | * @return void | |
101 | */ | |
102 | function check_perms() | |
103 | { | |
104 | global $page; | |
105 | if (!S::has_perms()) { | |
106 | if ($_SESSION['log']) { | |
107 | $_SESSION['log']->log("noperms",$_SERVER['PHP_SELF']); | |
108 | } | |
a7de4ef7 | 109 | $page->kill("Tu n'as pas les permissions nécessaires pour accéder à cette page."); |
b76f0797 | 110 | } |
111 | } | |
112 | ||
113 | // }}} | |
114 | ||
a7de4ef7 | 115 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
cab08090 | 116 | ?> |