Accueil

Documentation

members

- -

Packages

Interfaces

Classes

Files

Class: Session

Source Location: /members/session.class.php [line 40]

Class Overview

This class manages all sessions for the users.

Author(s):

Régis VIARRE <crowkait@phpboost.com

Methods

Class Details

This class manages all sessions for the users.

Class Methods

method act [line 51]

void act(
)

Manage the actions for the session caused by the user (connection, disconnection).

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method check [line 297]

void check(
string
$session_script_title)

Check session validity, and update it

Parameters:

string

$session_script_title

The page title where the session has been check.

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method csrf_get_protect [line 713]

true csrf_get_protect(
[mixed
$redirect = SEASURF_ATTACK_ERROR_PAGE])

Check the session against CSRF attacks by GET. Checks that GETs are done from this site with a correct token.

Parameters:

mixed

$redirect

if string, redirect to the $redirect error page if the token is wrong if false, do not redirect

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method csrf_post_protect [line 679]

bool csrf_post_protect(
[mixed
$redirect = SEASURF_ATTACK_ERROR_PAGE])

Check the session against CSRF attacks by POST. Checks that POSTs are done from this site. 2 different cases are accepted but the first is safer:

The request contains a parameter whose name is token and value is the value of the token of the current session.
If the token isn't in the request, we analyse the HTTP referer to be sure that the request comes from the current site and not from another which can be suspect

If the request doesn't match any of these two cases, this method will consider that it's a CSRF attack.

Parameters:

mixed

$redirect

if string, redirect to the $redirect error page if the token is wrong if false, do not redirect

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method end [line 357]

void end(
)

Destroy the session

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method get_module_parameters [line 411]

array get_module_parameters(
[string
$module = ''])

Get module's parametres from session

Parameters:

string

$module

module module name (if null then current module)

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method get_token [line 655]

string get_token(
)

Return the session token

method load [line 237]

void load(
)

Get informations from the user, and set it for his session.

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method set_module_parameters [line 379]

void set_module_parameters(
mixed
$parameters, [
$module = ''])

Save module's parameters into session

Parameters:

mixed	$parameters	module's parameters
	$module

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

method start [line 139]

True start(
int
$user_id, string
$password, 
$level, string
$session_script, string
$session_script_get, string
$session_script_title, [boolean
$autoconnect = false], [boolean
$already_hashed = false])

Start the session

Parameters:

int	$user_id	The member's user id.
string	$password	The member's password.
string	$session_script	Session script value where the session is started.
string	$session_script_get	Get value of session script where the session is started.
string	$session_script_title	Title of session script where the session is started.
boolean	$autoconnect	The member user id.
boolean	$already_hashed	True if password has been already hashed width str_hash() function, false otherwise.
	$level

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

static method garbage_collector [line 544]

static void garbage_collector(
)

Deletes all the existing sessions

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

Class Variables

[line 45] mixed $autoconnect = array()

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

[line 43] mixed $data = array()

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

[line 44] mixed $session_mod = 0

[ Top ] - [ Class Details ] - [ Methods ] - [ Variables ]

- -

Documentation generated on Tue, 28 Jul 2009 22:43:41 +0200 by phpDocumentor 1.4.1

Class: Session

Class Overview

Author(s):

Methods

Class Details

Tags:

Class Methods

method act [line 51]

method check [line 297]

Parameters:

method csrf_get_protect [line 713]

Tags:

Parameters:

method csrf_post_protect [line 679]

Tags:

Parameters:

method end [line 357]

method get_module_parameters [line 411]

Tags:

Parameters:

method get_token [line 655]

Tags:

method load [line 237]

method set_module_parameters [line 379]

Parameters:

method start [line 139]

Tags:

Parameters:

static method garbage_collector [line 544]

Class Variables

Annonces