[Summary view] [Print] [Text view]

   1  <?php
   2  /*+***********************************************************************************
   3   * The contents of this file are subject to the vtiger CRM Public License Version 1.0
   4   * ("License"); You may not use this file except in compliance with the License
   5   * The Original Code is:  vtiger CRM Open Source
   6   * The Initial Developer of the Original Code is vtiger.
   7   * Portions created by vtiger are Copyright (C) vtiger.
   8   * All Rights Reserved.
   9   *************************************************************************************/
  10  
  11      require_once ("libraries/HTTP_Session/Session.php");
  12      // Later may we can move this to config file.
  13      
  14      global $maxWebServiceSessionLifeSpan, $maxWebServiceSessionIdleTime;
  15      
  16      $maxWebServiceSessionLifeSpan = 86400; //Max life span of a session is a day.
  17      $maxWebServiceSessionIdleTime = 1800; //Max life span session should be kept alive after the last transaction.
  18      
  19      // Till Here.
  20      
  21      class SessionManager{
  22          private $maxLife ;  
  23          private $idleLife ;
  24          //Note: the url lookup part of http_session will have String null or this be used as id instead of ignoring it.
  25          //private $sessionName = "sessionName";
  26          private $sessionVar = "__SessionExists";
  27          private $error ;
  28          
  29  		function SessionManager(){
  30              
  31              global $maxWebServiceSessionLifeSpan, $maxWebServiceSessionIdleTime;
  32              
  33              $now = time();
  34              $this->maxLife = $now + $maxWebServiceSessionLifeSpan;
  35              $this->idleLife = $now + $maxWebServiceSessionIdleTime;
  36              
  37              HTTP_Session::useCookies(false); //disable cookie usage. may this could be moved out constructor?
  38              // only first invocation of following method, which is setExpire 
  39              //have an effect and any further invocation will be have no effect.
  40              HTTP_Session::setExpire($this->maxLife);
  41              // this method replaces the new with old time if second params is true 
  42              //otherwise it subtracts the time from previous time
  43              HTTP_Session::setIdle($this->idleLife, true);
  44          }
  45          
  46  		function isValid(){
  47              
  48              $valid = true;
  49              // expired
  50              if (HTTP_Session::isExpired()) {
  51                  $valid = false;
  52                  HTTP_Session::destroy();
  53                  throw new WebServiceException(WebServiceErrorCode::$SESSLIFEOVER,"Session has life span over please login again");
  54              }
  55              
  56              // idled
  57              if (HTTP_Session::isIdle()) {
  58                  $valid = false;
  59                  HTTP_Session::destroy();
  60                  throw new WebServiceException(WebServiceErrorCode::$SESSIONIDLE,"Session has been invalidated to due lack activity");
  61              }
  62              //echo "<br>is new: ", HTTP_Session::isNew();
  63              //invalid sessionId provided.
  64              //echo "<br>get: ",$this->get($this->sessionVar);
  65              if(!$this->get($this->sessionVar) && !HTTP_Session::isNew()){
  66                  $valid = false;
  67                  HTTP_Session::destroy();
  68                  throw new WebServiceException(WebServiceErrorCode::$SESSIONIDINVALID,"Session Identifier provided is Invalid");
  69              }
  70              
  71              return $valid;
  72          }
  73          
  74  		function startSession($sid = null,$adoptSession=false){
  75              
  76  //            if($sid){
  77  //                HTTP_Session::id($sid);
  78  //            }
  79              
  80              if(!$sid || strlen($sid) ===0){
  81                  $sid = null;
  82              }
  83              
  84              //session name is used for guessing the session id by http_session so pass null.
  85              HTTP_Session::start(null, $sid);
  86              
  87              $newSID = HTTP_Session::id();
  88              
  89              if(!$sid || $adoptSession==true){
  90                  $this->set($this->sessionVar,"true");
  91              }else{
  92                  if(!$this->get($this->sessionVar)){
  93                      HTTP_Session::destroy();
  94                      throw new WebServiceException(WebServiceErrorCode::$SESSIONIDINVALID,"Session Identifier provided is Invalid");
  95                      $newSID = null;
  96                  }
  97              }
  98              
  99              if(!$this->isValid()){
 100                  $newSID = null;
 101              }
 102              $sid = $newSID;
 103              return $sid;
 104              
 105          }
 106          
 107  		function getSessionId(){
 108              return HTTP_Session::id();
 109          }
 110          
 111  		function set($var_name, $var_value){
 112              //TODO test setRef and getRef combination
 113              //echo "<br>setting name: ",$var_name," :value: ",$var_value;
 114              HTTP_Session::set($var_name, $var_value);
 115          }
 116          
 117  		function get($name){
 118              //echo "<br> getting for: ",$name," :value: ",HTTP_Session::get($name);
 119              return HTTP_Session::get($name);
 120          }
 121          
 122          FUNCTION getError(){
 123              return $this->error;
 124          }
 125          
 126  		function destroy(){
 127              HTTP_Session::destroy();
 128          }
 129          
 130      }
 131      
 132  ?>