classes/Session.php

   1 <?php
   2 /***************************************************************************
   3  *  Copyright (C) 2003-2006 Polytechnique.org                              *
   4  *  http://opensource.polytechnique.org/                                   *
   5  *                                                                         *
   6  *  This program is free software; you can redistribute it and/or modify   *
   7  *  it under the terms of the GNU General Public License as published by   *
   8  *  the Free Software Foundation; either version 2 of the License, or      *
   9  *  (at your option) any later version.                                    *
  10  *                                                                         *
  11  *  This program is distributed in the hope that it will be useful,        *
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
  14  *  GNU General Public License for more details.                           *
  15  *                                                                         *
  16  *  You should have received a copy of the GNU General Public License      *
  17  *  along with this program; if not, write to the Free Software            *
  18  *  Foundation, Inc.,                                                      *
  19  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  20  ***************************************************************************/
  21
  22 require_once 'diogenes/diogenes.misc.inc.php';
  23 require_once 'diogenes/diogenes.core.logger.inc.php';
  24
  25 class Session
  26 {
  27     function init()
  28     {
  29         @session_start();
  30         if (empty($_SESSION['challenge'])) {
  31             $_SESSION['challenge'] = sha1(uniqid(rand(), true));
  32         }
  33     }
  34
  35     function destroy()
  36     {
  37         @session_destroy();
  38         unset($_SESSION);
  39     }
  40
  41
  42
  43     function has($key)
  44     {
  45         return isset($_SESSION[$key]);
  46     }
  47
  48     function kill($key)
  49     {
  50         unset($_SESSION[$key]);
  51     }
  52
  53     function v($key, $default = null)
  54     {
  55         return isset($_SESSION[$key]) ? $_SESSION[$key] : $default;
  56     }
  57
  58     function i($key, $default = 0)
  59     {
  60         $i = Session::v($key, $default);
  61         return is_numeric($i) ? intval($i) : $default;
  62     }
  63
  64     function has_perms()
  65     {
  66         return Session::logged() && Session::v('perms') == PERMS_ADMIN;
  67     }
  68
  69     function logged()
  70     {
  71         return Session::v('auth', AUTH_PUBLIC) >= AUTH_COOKIE;
  72     }
  73
  74     function identified()
  75     {
  76         return Session::v('auth', AUTH_PUBLIC) >= AUTH_MDP;
  77     }
  78 }
  79
  80 class S extends Session { }
  81
  82 // {{{ function check_perms()
  83
  84 /** verifie si un utilisateur a les droits pour voir une page
  85  ** si ce n'est pas le cas, on affiche une erreur
  86  * @return void
  87  */
  88 function check_perms()
  89 {
  90     global $page;
  91     if (!S::has_perms()) {
  92         if ($_SESSION['log']) {
  93             $_SESSION['log']->log("noperms",$_SERVER['PHP_SELF']);
  94         }
  95         $page->kill("Tu n'as pas les permissions nécessaires pour accéder à cette page.");
  96     }
  97 }
  98
  99 // }}}
 100
 101 ?>