Ferreteria/v0.3/class/fctUserSessions
< Ferreteria | v0.3 | class
Jump to navigation
Jump to search
/*::::
PURPOSE: Handles the table of user sessions
*/
class fctUserSessions extends ferreteria\data\cStandardTable {
use ftFrameworkAccess;
// OVERRIDE
protected function InitVars() { $this->ClearSession(); }
// CEMENT
protected function GetTableName() { return 'user_session'; }
// CEMENT
protected function RowsClass() { return KS_CLASS_USER_SESSION; }
// CEMENT
public function GetFieldClassArray() {
/*----
MEANING: indicates whether a lack of session record is because the user was never logged in (FALSE)
or because they were logged in but something changed and now the client can't be trusted (TRUE).
*/
public function GetStatus_SessionMismatch() { return $this->isMismatch; }
protected function SetStatus_SessionMismatch($b) { $this->isMismatch = $b; }
/*----
ACTION: tosses the session cookie to the browser
RETURNS: TRUE iff successful
NOTES:
* HTTP only sets the cookie when the page is reloaded.
Because of this, and because $_COOKIE is read-only,
we have to set a local variable when we create a new
session so that subsequent requests during the same
page-load don't think it hasn't been created yet,
and end up creating multiple records for each new session.
(It was creating 3 new records and using the last one.)
HISTORY:
2018-04-24 Decided there's no point in having a cookie-domain option,
so removed commented-out code. Also, probably just moving cookie functionality
to the App class/object.
2018-04-28 Using fcGlobals for naming cookies now.
*/
protected function ThrowCookie($sSessKey) {
protected function SetCookieValue($sValue) {
throw new exception('2018-04-28 Does anything still call this?');
$this->sCookieVal = $sValue;
}
/*----
RULES:
* If local value is set, return that.
* Otherwise, get actual cookie, set local value from it, and return that.
In other words: if local value is set, that bypasses checking for an actual cookie.
This assumes that the cookie will never get set later on during a page-load,
which seems like a reasonable assumption. (Note: the COOKIE array is effectively read-only.)
*/
protected function GetCookieValue() {
return fcApp::Me()->GetCookieValue(fcGlobals::Me()->GetSessionCookieName());
}
// 2016-11-14 PROTECTING because public access is apparently no longer needed
protected function ClearSession() { $this->rcSess = NULL; }
// 2016-10-31 PROTECTING until need for public access is known
protected function SetCurrentRecord(fcrUserSession $rcSess) { $this->rcSess = $rcSess; }
// 2016-10-31 PROTECTING until need for public access is known
protected function GetCurrentRecord() { return $this->rcSess; }
public function HasCurrentRecord() { return !is_null($this->GetCurrentRecord()); }
/*----
ACTION: returns a Session object for the current connection, whether or not one already exists
* if session object has already been loaded, assume it has been validated and return it
* if not, gets session key and auth from cookie
ASSUMES: session recordset is either NULL or a valid single record (and will set it accordingly)
...therefore if there is one loaded already, we can assume it has been validated against the current client.
HISTORY:
2012-10-13 Added caching of the Session object to avoid creating multiple copies.
2015-06-23 Fixed: Was throwing an error if there was no session key; it should just make a new session.
2016-11-14
* Moved cookie fetching/storage into GetCookieValue().
* Replacing screen output with public status methods.
* Rewriting to make more logical sense.
*/
public function MakeActiveRecord() {
}
- file: Template:L/ferreteria/file
- extends: Template:L/ferreteria/class
- row class: Template:L/ferreteria/class