d6/d6e/_remember_me_8php_source.html

 <?php

 /*

  You may not change or alter any portion of this comment or credits

  of supporting developers from this source code or any supporting source code

  which is considered copyrighted (c) material of the original comment or credit authors.


  This program is distributed in the hope that it will be useful,

  but WITHOUT ANY WARRANTY; without even the implied warranty of

  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

 */


 namespace Xoops\Core\Session;


 use Xoops\Core\Random;

 use Xoops\Core\Request;

 use Xoops\Core\HttpRequest;


 class RememberMe

 {


     protected $userTokens = array();


     protected $userId = 0;


     protected $xoops = null;


     protected $now = 0;


     public function __construct()

     {

         $this->xoops = \Xoops::getInstance();

         $this->now = time();

     }


     public function recall()

     {

         $this->now = time();

         $cookieData = $this->readUserCookie();

         if (false === $cookieData) {

             return false;   // no or invalid cookie

         }

         list($userId, $series, $token) = $cookieData;

         $this->readUserTokens($userId);

         if ($this->hasSeriesToken($series, $token)) {

             $values = $this->getSeriesToken($series, $token);

             // debounce concurrent requests

             if (isset($values['next_token'])) {

                 // this token was already replaced, use replacement to update cookie

                 $nextToken = $values['next_token'];

             } else {

                 // issue a new token for this series

                 $nextToken = $this->getNewToken();

                 // expire old token, and forward to the new one

                 $values = array('expires_at' => $this->now + 10, 'next_token' => $nextToken);

                 $this->setSeriesToken($series, $token, $values);

                 // register the new token

                 $values = array('expires_at' => $this->now + 2592000);

                 $this->setSeriesToken($series, $nextToken, $values);

             }

             $cookieData = array($userId, $series, $nextToken);

             $this->writeUserCookie($cookieData);

             $return = $userId;

         } else {

             // cookie is not valid

             if ($this->hasSeries($series)) {

                 // We have a valid series, but an invalid token.

                 // Highly possible token was comprimised. Invalidate all saved tokens;

                 $this->clearUserTokens();

             }

             $this->clearUserCookie();

             $return = false;

         }

         $this->writeUserTokens($userId);

         return $return;

     }


     public function forget()

     {

         $this->now = time();

         $cookieData = $this->readUserCookie();

         if (false !== $cookieData) {

             list($userId, $series, $token) = $cookieData;

             $this->readUserTokens($userId);

             $this->unsetSeries($series);

             $this->writeUserTokens($userId);

         }

         $this->clearUserCookie();

     }


     public function invalidateAllForUser($userId)

     {

         $this->readUserTokens($userId);

         $this->clearUserTokens();

         $this->writeUserTokens($userId);

     }


     protected function hasSeries($series)

     {

         return isset($this->userTokens[$series]);

     }


     protected function unsetSeries($series)

     {

         unset($this->userTokens[$series]);

     }


     protected function hasSeriesToken($series, $token)

     {

         return isset($this->userTokens[$series][$token]);

     }


     protected function getSeriesToken($series, $token)

     {

         if (isset($this->userTokens[$series][$token])) {

             return $this->userTokens[$series][$token];

         }

         return false;

     }


     protected function setSeriesToken($series, $token, $values)

     {

         $this->userTokens[$series][$token] = $values;

     }


     protected function unsetSeriesToken($series, $token)

     {

         unset($this->userTokens[$series][$token]);

     }


     protected function readUserTokens($userId)

     {

         $key = "user/{$userId}/usercookie";

         $this->userTokens = $this->xoops->cache()->read($key);

         if (false === $this->userTokens) {

             $this->clearUserTokens();

         }

         $this->removeExpiredTokens();

     }


     protected function writeUserTokens($userId)

     {

         $key = "user/{$userId}/usercookie";

         $this->xoops->cache()->write($key, $this->userTokens, 2592000);

     }


     protected function removeExpiredTokens()

     {

         $now = $this->now;

         $userTokens = $this->userTokens;

         foreach ($userTokens as $series => $tokens) {

             foreach ($tokens as $token => $values) {

                 if (isset($values['expires_at']) && $values['expires_at'] < $now) {

                     $this->unsetSeriesToken($series, $token);

                 }

             }

         }

         $userTokens = $this->userTokens;

         foreach ($userTokens as $series => $tokens) {

             if (empty($tokens)) {

                 $this->unsetSeries($series);

             }

         }

     }


     protected function clearUserTokens()

     {

         $this->userTokens = array();

     }


     protected function getNewSeries()

     {

         return Random::generateKey();

     }


     protected function getNewToken()

     {

         return Random::generateOneTimeToken();

     }


     public function createUserCookie($userId)

     {

         $this->readUserTokens($userId);

         $this->now = time();

         $series = $this->getNewSeries();

         $token = $this->getNewToken();

         $cookieData = array($userId, $series, $token);

         $this->setSeriesToken($series, $token, array('expires_at' => $this->now + 2592000));

         $this->writeUserCookie($cookieData);

         $this->writeUserTokens($userId);

     }


     protected function clearUserCookie()

     {

         $this->writeUserCookie('', -3600);

     }


     protected function readUserCookie()

     {

         $usercookie = $this->xoops->getConfig('usercookie');

         if (empty($usercookie)) {

             return false; // remember me is not configured

         }


         $usercookie = $this->xoops->getConfig('usercookie');

         $notFound = 'Nosuchcookie';

         $cookieData = Request::getString($usercookie, $notFound, 'COOKIE');

         if ($cookieData !== $notFound) {

             $temp = explode('-', $cookieData);

             if (count($temp) == 3) {

                 $temp[0] = (integer) $temp[0];

                 return $temp;

             }

             $this->clearUserCookie(); // clean up garbage cookie

         }

         return false;

     }


     protected function writeUserCookie($cookieData, $expire = 2592000)

     {

         $usercookie = $this->xoops->getConfig('usercookie');

         if (empty($usercookie)) {

             return; // remember me is not configured

         }

         if (is_array($cookieData)) {

             $cookieData = implode('-', $cookieData);

         }

         $httpRequest = HttpRequest::getInstance();

         $path = \XoopsBaseConfig::get('cookie-path');

         $domain = \XoopsBaseConfig::get('cookie-domain');

         $secure = $httpRequest->is('ssl');

         setcookie($usercookie, $cookieData, $this->now + $expire, $path, $domain, $secure, true);

     }

 }

Xoops\Core\Session\RememberMe\unsetSeriesToken
unsetSeriesToken($series, $token)
Definition: RememberMe.php:247

$path
$path
Definition: execute.php:31

Xoops\Core\Session\RememberMe\getNewSeries
getNewSeries()
Definition: RememberMe.php:320

Xoops\Core\Session\RememberMe\unsetSeries
unsetSeries($series)
Definition: RememberMe.php:191

Xoops\Core\Session\RememberMe\clearUserCookie
clearUserCookie()
Definition: RememberMe.php:359

Xoops\getInstance
static getInstance()
Definition: Xoops.php:160

Xoops\Core\Session\RememberMe\$userTokens
$userTokens
Definition: RememberMe.php:62

Xoops\Core\Session\RememberMe\__construct
__construct()
Definition: RememberMe.php:82

Xoops\Core\Random\generateOneTimeToken
static generateOneTimeToken($hash= 'sha512', $bytes=64)
Definition: Random.php:41

Xoops\Core\Session\RememberMe\removeExpiredTokens
removeExpiredTokens()
Definition: RememberMe.php:287

Xoops\Core\Session\RememberMe\hasSeriesToken
hasSeriesToken($series, $token)
Definition: RememberMe.php:204

Xoops\Core\Session\RememberMe\writeUserTokens
writeUserTokens($userId)
Definition: RememberMe.php:276

Xoops\Core\Session\RememberMe\setSeriesToken
setSeriesToken($series, $token, $values)
Definition: RememberMe.php:234

Xoops\Core\Session\RememberMe\readUserTokens
readUserTokens($userId)
Definition: RememberMe.php:259

Random

Xoops\Core\Session\RememberMe\$xoops
$xoops
Definition: RememberMe.php:72

Request

Xoops\Core\Session\RememberMe\writeUserCookie
writeUserCookie($cookieData, $expire=2592000)
Definition: RememberMe.php:399

Xoops\Core\Session\RememberMe\recall
recall()
Definition: RememberMe.php:94

Xoops\Core\Session\RememberMe\getNewToken
getNewToken()
Definition: RememberMe.php:330

Xoops\Core\Random\generateKey
static generateKey($hash= 'sha512', $bytes=128)
Definition: Random.php:60

XoopsBaseConfig\get
static get($name)
Definition: XoopsBaseConfig.php:117

Xoops\Core\Session\RememberMe\hasSeries
hasSeries($series)
Definition: RememberMe.php:179

Xoops\Core\Session\RememberMe\invalidateAllForUser
invalidateAllForUser($userId)
Definition: RememberMe.php:165

Xoops\Core\Session\RememberMe\createUserCookie
createUserCookie($userId)
Definition: RememberMe.php:342

HttpRequest

Xoops\Core\Session\RememberMe\$userId
$userId
Definition: RememberMe.php:67

Xoops\Core\Session\RememberMe\forget
forget()
Definition: RememberMe.php:143

Xoops\Core\Session
Definition: Fingerprint.php:12

Xoops\Core\HttpRequest\getInstance
static getInstance()
Definition: HttpRequest.php:171

Xoops\Core\Session\RememberMe\readUserCookie
readUserCookie()
Definition: RememberMe.php:370

Xoops\Core\Request\getString
static getString($name, $default= '', $hash= 'default', $mask=0)
Definition: Request.php:244

Xoops\Core\Session\RememberMe\getSeriesToken
getSeriesToken($series, $token)
Definition: RememberMe.php:217

Xoops\Core\Session\RememberMe\$now
$now
Definition: RememberMe.php:77

$temp
$temp
Definition: page_tablesfill.php:56

Xoops\Core\Session\RememberMe\clearUserTokens
clearUserTokens()
Definition: RememberMe.php:310

RememberMe