| 1 | <?php |
| 2 | /*************************************************************************** |
| 3 | * Copyright (C) 2003-2008 Polytechnique.org * |
| 4 | * http://opensource.polytechnique.org/ * |
| 5 | * * |
| 6 | * This program is free software; you can redistribute it and/or modify * |
| 7 | * it under the terms of the GNU General Public License as published by * |
| 8 | * the Free Software Foundation; either version 2 of the License, or * |
| 9 | * (at your option) any later version. * |
| 10 | * * |
| 11 | * This program is distributed in the hope that it will be useful, * |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 14 | * GNU General Public License for more details. * |
| 15 | * * |
| 16 | * You should have received a copy of the GNU General Public License * |
| 17 | * along with this program; if not, write to the Free Software * |
| 18 | * Foundation, Inc., * |
| 19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 20 | ***************************************************************************/ |
| 21 | |
| 22 | class S |
| 23 | { |
| 24 | /** Set a constructor because this is called prior to S::s(), so we can |
| 25 | * define S::s() for other usages. |
| 26 | */ |
| 27 | private function __construct() |
| 28 | { |
| 29 | assert(false); |
| 30 | } |
| 31 | |
| 32 | public static function has($key) |
| 33 | { |
| 34 | return isset($_SESSION[$key]); |
| 35 | } |
| 36 | |
| 37 | public static function kill($key) |
| 38 | { |
| 39 | unset($_SESSION[$key]); |
| 40 | } |
| 41 | |
| 42 | public static function v($key, $default = null) |
| 43 | { |
| 44 | return isset($_SESSION[$key]) ? $_SESSION[$key] : $default; |
| 45 | } |
| 46 | |
| 47 | public static function s($key, $default = '') |
| 48 | { |
| 49 | return (string)S::v($key, $default); |
| 50 | } |
| 51 | |
| 52 | public static function i($key, $default = 0) |
| 53 | { |
| 54 | $i = S::v($key, $default); |
| 55 | return is_numeric($i) ? intval($i) : $default; |
| 56 | } |
| 57 | |
| 58 | public static function l(array $keys) |
| 59 | { |
| 60 | return array_map(array('S', 'v'), $keys); |
| 61 | } |
| 62 | |
| 63 | public static function set($key, $value) |
| 64 | { |
| 65 | $_SESSION[$key] =& $value; |
| 66 | } |
| 67 | |
| 68 | public static function bootstrap($key, $value) |
| 69 | { |
| 70 | if (!S::has($key)) { |
| 71 | S::set($key, $value); |
| 72 | } |
| 73 | } |
| 74 | |
| 75 | public static function logger($uid = null) |
| 76 | { |
| 77 | if (!S::has('log')) { |
| 78 | if (S::has('suid')) { |
| 79 | $suid = S::v('suid'); |
| 80 | S::set('log', new PlLogger(S::v('uid'), $suid['uid'])); |
| 81 | } else if (S::has('uid') || $uid) { |
| 82 | S::set('log', new PlLogger(S::v('uid', $uid))); |
| 83 | } |
| 84 | } |
| 85 | return S::v('log'); |
| 86 | } |
| 87 | |
| 88 | /** User object storage and accessor. The user object (an instance of the |
| 89 | * local subclass of PlUser) is currently stored as a S class variable, and |
| 90 | * not as a session variable, so as to avoid bloating the global on-disk |
| 91 | * session. |
| 92 | * TODO: When all the codebase will use S::user() as the only source for |
| 93 | * user ids, fullname/displayname, and forlife/bestalias, S::$user should |
| 94 | * move into the php session (and data it helds should be removed from |
| 95 | * the php session). */ |
| 96 | private static $user = null; |
| 97 | public static function &user() |
| 98 | { |
| 99 | if (self::$user == null) { |
| 100 | self::$user = User::getSilentWithValues(S::i('uid'), $_SESSION); |
| 101 | } |
| 102 | return self::$user; |
| 103 | } |
| 104 | |
| 105 | public static function has_perms() |
| 106 | { |
| 107 | return Platal::session()->checkPerms(PERMS_ADMIN); |
| 108 | } |
| 109 | |
| 110 | public static function logged() |
| 111 | { |
| 112 | return S::v('auth', AUTH_PUBLIC) > AUTH_PUBLIC; |
| 113 | } |
| 114 | |
| 115 | public static function identified() |
| 116 | { |
| 117 | return S::v('auth', AUTH_PUBLIC) >= Platal::session()->sureLevel(); |
| 118 | } |
| 119 | |
| 120 | // Anti-XSRF protections. |
| 121 | public static function has_xsrf_token() |
| 122 | { |
| 123 | return S::has('xsrf_token') && S::v('xsrf_token') == Env::v('token'); |
| 124 | } |
| 125 | |
| 126 | public static function assert_xsrf_token() |
| 127 | { |
| 128 | if (!S::has_xsrf_token()) { |
| 129 | Platal::page()->kill('L\'opération n\'a pas pu aboutir, merci de réessayer.'); |
| 130 | } |
| 131 | } |
| 132 | |
| 133 | public static function rssActivated() |
| 134 | { |
| 135 | return S::has('core_rss_hash') && S::v('core_rss_hash'); |
| 136 | } |
| 137 | } |
| 138 | |
| 139 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
| 140 | ?> |