</Map>
</Mapping>
</Class>
-</Wolf>
\ No newline at end of file
+
+ <Class name="WebSession">
+ <Abstract lang="php"/>
+ <Property name="sessionid" type="string">Cookie for this session</Property>
+ <Property name="customerid" type="int">ID of the customer using this session or null</Property>
+ <Property name="customer" type="Customer">customer object or null</Property>
+ <Property name="timeout" type="int64">time at which this cookie is deleted</Property>
+ <Mapping table="websession">
+ <Map property="sessionid"/>
+ <Map property="customerid"/>
+ <Map property="timeout"/>
+ <Map property="customer">
+ <Call lang="php" method="WOCustomer::fromTablecustomer(WTcustomer::getFromDB($table->customerid))"/>
+ </Map>
+ </Mapping>
+ </Class>
+</Wolf>
</Table>
<Table name="websession" backup="no">
- <Column name="sessionid" type="string:64" primarykey="yes"/>
+ <Column name="sessionid" type="string:64" primarykey="yes">
+ <Call lang="php" method="WOWebSession::getNewSessionId()"/>
+ </Column>
<!--/customer-->
- <Column name="customerid" type="int32" notnull="yes" foreignkey="customer:customerid"/>
+ <Column name="customerid" type="int32" null="yes" foreignkey="customer:customerid"/>
<!--unix timestamp at which to delete this session-->
<Column name="timeout" type="int64" notnull="yes"/>
</Table>
wob_autoclass('LanguageManager','./inc/classes/language_manager.php');
wob_autoclass('ConfigManager','./inc/classes/config_manager.php');
-wob_autoclass('Websession','./inc/classes/websession.php');
wob_autoclass('BaseVars','./inc/classes/basevars.php');
?>
\ No newline at end of file
+++ /dev/null
-<?
-// (c) Konrad Rosenbaum, 2007-2011
-// (c) Peter Keller, 2007/8
-// protected under the GNU AGPL version 3 or at your option any newer
-// see COPYING.AGPL
-
-define("COOKIE_WEBSESSION", "msmoke_session");
-
-/** creates a web session to authorize a customer */
-class Websession {
-
- private $loggedin;
- private $customerid;
- private $sessionid;
-
- public function __construct()
- {
- global $_COOKIE;
- global $db;
-
- //prune session table
- $db->deleteRows("websession", "timeout < ".time());
-
- //default:
- $this->loggedin=false;
- $this->customerid=null;
-
- //check cookie
- if(isset($_COOKIE[COOKIE_WEBSESSION])){
- $res = $db->select("websession", "*", "sessionid=".$db->escapeString($_COOKIE[COOKIE_WEBSESSION]));
- if (count($res) > 0){
- $uid = $res[0]["customerid"];
- $this->sessionid = $res[0]["sessionid"];
-
- $customer = new Customer($uid);
- if ($customer->exists()) {
- $this->customerid = $customer->getID();
- $this->loggedin = true;
- } else {
- $this->destroySession();
- }
- }
- }
- }
-
- /** checks if the customer is authorized */
- public function isAuthorized()
- {
- return $this->loggedin;
- }
-
- /** returns the current customer */
- public function getCustomer()
- {
- if ($this->loggedin)
- return new Customer($this->customerid);
- else
- return false;
- }
-
- /** creates a new session for the customer */
- public function createSession($customerId)
- {
- global $db;
- global $WebSessionTimeout;
-
- $this->destroySession();
-
- $customer = new Customer($customerId);
-
- // only if customer exists, create session
- if ($customer->exists()) {
-
- //create session and set cookie
- do{
- $sessionid = getRandom(128);
- $res = $db->select("websession", "*", "sessionid=".$db->escapeString($sessionid));
- $again = count($res) > 0;
- } while ($again);
-
- $timeout=time()+$WebSessionTimeout;
- $db->insert("websession", array("sessionid"=>$sessionid, "customerid"=>$customer->getID(), "timeout"=>$timeout));
-
- setcookie(COOKIE_WEBSESSION, $sessionid, $timeout);
-
- $this->loggedin = true;
- $this->customerid = $customer->getID();
- }
- }
-
- /** destroys the current session */
- public function destroySession()
- {
- global $db;
-
- if($this->loggedin){
- $db->deleteRows("websession", "sessionid=".$db->escapeString($this->sessionid));
- }
-
- setcookie(COOKIE_WEBSESSION, "", 1);
- }
-
- /** logs the customer out */
- public function logout()
- {
- $this->destroySession();
- header("Location: index.php");
- exit();
- }
-};
-?>
\ No newline at end of file
redirectHome(array("mode"=>"cart","cartid"=>$cartid));
}
+///clean up old carts
+static protected function cleanupDb()
+{
+ global $db;
+ $res=$db->select("cart","cartid","timeout < ".time());
+ foreach($res as $row){
+ $where="cartid = ".$db->escapeString($row['cartid']);
+ $db->deleteRows("cartticket",$where);
+ $db->deleteRows("cartvoucher",$where);
+ $db->deleteRows("cartitem",$where);
+ $db->deleteRows("cart",$where);
+ }
+}
+
/**returns the current cart ID, or an empty string if there is no cart, automatically updates its timeout*/
static public function getCart(){
+ //DB cleanup
+ self::cleanupDb();
+ //actually look for cart
global $CartTimeout;
$c=self::findCart();
if($c!=""){
wob_autoclass("WOTicket","inc/wext/ticket.php");
wob_autoclass("WOVoucher","inc/wext/voucher.php");
wob_autoclass("WOWebCart","inc/wext/webcart.php");
+wob_autoclass("WOWebSession","inc/wext/websession.php");
wob_autoclass("WOCartVoucher","inc/wext/webcart.php");
wob_autoclass("MSmokeTransaction","inc/wext/transaction.php");
--- /dev/null
+<?
+// (c) Konrad Rosenbaum, 2007-2011
+// (c) Peter Keller, 2007/8
+// protected under the GNU AGPL version 3 or at your option any newer
+// see COPYING.AGPL
+
+define("COOKIE_WEBSESSION", "msmoke_session");
+
+/** creates a web session to authorize a customer */
+class WOWebSession extends WOWebSessionAbstract
+{
+ ///if the cookie exists: gets the current web session, if not: creates it
+ static public function getOrCreateWebSession()
+ {
+ global $_COOKIE;
+ global $db;
+
+ //prune session table
+ $db->deleteRows("websession", "timeout < ".time());
+
+ //check cookie
+ if(isset($_COOKIE[COOKIE_WEBSESSION])){
+ $wsid=$_COOKIE[COOKIE_WEBSESSION];
+ $res = WTwebsession::getFromDB($wsid);
+ if (is_a($res,"WTwebsession")){
+ return WOWebSession::fromTablewebsession($res);
+ }
+ }
+ //fall back
+ //create entry
+ global $WebSessionTimeout;
+ $ws=WTwebsession::newRow();
+ $ws->timeout=time()+$WebSessionTimeout;
+ $ws->insert();
+ //set cookie
+ setCookie(COOKIE_WEBSESSION,$ws->sessionid,0);
+ //return
+ return WOWebSession::fromTablewebsession($ws);
+ }
+
+ /** \internal called to generate a new session ID, used by WTwebsession to generate the primary key*/
+ static public function getNewSessionId(){
+ do{
+ //generate ID
+ $ci=getCode39ID(32);
+ //look for duplicate
+ $res=WTwebsession::getFromDB($ci);
+ if(is_a($res,"WTcart"))continue;
+ //return ID
+ return $ci;
+ }while(true);
+ }
+
+ /** logs the customer out */
+ public function logout()
+ {
+ global $db;
+ $db->deleteRows("websession", "sessionid=".$db->escapeString($this->sessionid));
+ setcookie(COOKIE_WEBSESSION, "", 1);
+ redirectHome();
+ exit();
+ }
+};
+?>
\ No newline at end of file
$mode=$_GET["mode"];
}
-//set internal session to virtual "_web" user for use by transactions
+//set internal $session to virtual "_web" user for use by transactions
Session::setWebSession();
+$websession=WOWebSession::getOrCreateWebSession();
//initialize TWIG
BaseVars::initTwig();
BaseVars::init();
$basevars['inputnames']['cartid']=WebCart::cartIdName;
$basevars['cartcookie']=WebCart::cartIdName;
+$basevars['sessionid']=$websession->getsessionid();
// other info
$basevars['lang']=LanguageManager::singleton();
<a href="{{script.setlanguage|raw}}{{lng|raw}}"><img src="images/{{lng|raw}}.png" alt="{{lng}}"/></a>
{% endfor %}
{% endif %}
+<br/>
+<div style="font-size:50%">Session: {{sessionid}}</div>
</p>
<!-- End Menu -->
projects / web/konrad/smoke.git / commitdiff