/** @var int Session expiration timeout, in seconds */
public static $LONG_TIMEOUT = 31536000; // 1 year
- /** @var string Name of the cookie set after logging in **/
- public static $LOGGED_IN_COOKIE = 'shaarli_staySignedIn';
-
/** @var array Local reference to the global $_SESSION array */
protected $session = [];
*/
public function storeLoginInfo($clientIpId)
{
- // Generate unique random number (different than phpsessionid)
- $this->session['uid'] = sha1(uniqid('', true) . '_' . mt_rand());
$this->session['ip'] = $clientIpId;
$this->session['username'] = $this->conf->get('credentials.login');
$this->extendTimeValidityBy(self::$SHORT_TIMEOUT);
public function logout()
{
if (isset($this->session)) {
- unset($this->session['uid']);
unset($this->session['ip']);
unset($this->session['expires_on']);
unset($this->session['username']);
*/
public function hasSessionExpired()
{
- if (empty($this->session['uid'])) {
+ if (empty($this->session['expires_on'])) {
return true;
}
if (time() >= $this->session['expires_on']) {
if ($this->conf->get('security.session_protection_disabled') === true) {
return false;
}
- if ($this->session['ip'] == $clientIpId) {
+ if (isset($this->session['ip']) && $this->session['ip'] === $clientIpId) {
return false;
}
return true;
}
+
+ /** @return array Local reference to the global $_SESSION array */
+ public function getSession(): array
+ {
+ return $this->session;
+ }
+
+ /**
+ * @param mixed $default value which will be returned if the $key is undefined
+ *
+ * @return mixed Content stored in session
+ */
+ public function getSessionParameter(string $key, $default = null)
+ {
+ return $this->session[$key] ?? $default;
+ }
}
projects / github / shaarli / Shaarli.git / blobdiff