<?php
/*
############################[ <about> ] #######################
Author :: Bijaya Kumar Behera <hide@address.com>
Website :: http://digitalwebsolutions.in
Add :: +91 9911033016 ,011-25331969
############################[ </about> ] #######################
*/
class SessionManager
{
private $ciphered = false;
private $userAgentCheck =false;
private $path = '/';
private $host = '/';
private $ideal = 0; // in sec, 0 for ignore ideal times
private $level = 0 ;
private $postCheck = true;
private $refreshCheck = true;
private $sessionId = null;
private $cookieLifeTime =0 ;
private $sessionPath = null;
private $sessionStartTime = 0;
private $userAgent = '';
private $APP_SESS ="APP_SESS";
//Holds the guid from the http-posts
private $queue = array();
private $regenerate = false;
const queueSize = 3;
private static $sessions;
private $useSession ='default';
public static function setSessions(&$sessions ) {
if( !is_array($sessions) || count($sessions)==0 ) {
$sessions = array(
'default' => array(
'name' =>'3GROCKETSESS',
'use' =>'file',
'level' =>0,
'ciphered' =>true ,
'ideal' =>0,
'postCheck' => true
)
) ;
}
self::$sessions = &$sessions;
}
public static function autoStartSession($useSession) {
$use_session_config= self::getSessionConfig($useSession);
if( isset($use_session_config['name']) && isset($_COOKIE[$use_session_config['name']] ))
return self::startSession($useSession);
else
return self::startSession($useSession, FALSE);
}
public static function getSessionConfig($useSession) {
if( ! isset( self:: $sessions[$useSession] ) )
throw new Exception("Session config information not found i,e '$useSession' ");
$use_session_config = self:: $sessions[$useSession] ;
return $use_session_config;
}
public static function &startSession($useSession = 'default', $flag = true) {
static $instance= array() ;
$use_session_config= self::getSessionConfig($useSession);
if( ! $flag && empty($instance) ) {
$sessInstance = &new SessionManager();
$sessInstance->ciphered = ! isset($use_session_config['ciphered']) ? false : $use_session_config['ciphered'] ;
$sessInstance->level = ! isset($use_session_config['level']) || !in_array($use_session_config['level'], array(1,2,3,4) ) ? 0 : $use_session_config['level'];
$sessInstance->useSession =$useSession;
return $sessInstance;
}
if( empty($instance) ) {
$sessInstance = new SessionManager();
$sessInstance->useSession =$useSession;
$sessInstance->ciphered = ! isset($use_session_config['ciphered']) ? false : $use_session_config['ciphered'] ;
$sessInstance->level = ! isset($use_session_config['level']) || !in_array($use_session_config['level'], array(1,2,3,4) ) ? 0 : $use_session_config['level'] ;
$sessInstance->postCheck = ! isset($use_session_config['postCheck']) ? false : $use_session_config['postCheck'] ;
$sessInstance->refreshCheck = ! isset($use_session_config['refreshCheck']) ? false : $use_session_config['refreshCheck'] ;
$sessInstance->userAgentCheck = ! isset($use_session_config['userAgentCheck']) ? false : $use_session_config['userAgentCheck'] ;
$sessInstance->regenerate = ! isset($use_session_config['regenerate']) ? false : $use_session_config['regenerate'] ;
$sessInstance->ideal = ! isset($use_session_config['ideal']) ? 0 : $use_session_config['ideal'] ;
$sessInstance->name = ! isset($use_session_config['name']) ? '3GROCKETSESS' : $use_session_config['name'];
$sessInstance->cookieLifeTime = ! isset($use_session_config['life_time']) ? false : $use_session_config['life_time'];
$sessInstance->sessionPath = ! isset($use_session_config['session_path']) ? SITE_ROOT . DS . 'temp' .DS .'sessions_data' : $use_session_config['session_path'];
if( $sessInstance->level == 1 && ! headers_sent() ) {
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s" )." GMT");
header("Expires: -1");
header("Cache-Control: no-cache,no-store, must-revalidate, post-check=0, pre-check=0 ");
}
$isFunIniSet = function_exists('ini_set');
if( $isFunIniSet && isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ) {
ini_set('session.cookie_secure', 1);
}
$sessInstance->cookieLifeTime = $sessInstance->cookieLifeTime == FALSE ? 0 : $sessInstance->cookieLifeTime ;
switch (true) {
case isset($use_session_config['use']) && $use_session_config['use'] == 'file' :
case isset($use_session_config['use']) && $use_session_config['use'] == 'database':
// not used
default :
if ( is_null ($_SESSION) && $isFunIniSet ) {
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', '');
ini_set('session.serialize_handler', 'php');
ini_set('session.use_cookies', 1);
ini_set('session.name',$sessInstance->name);
ini_set('session.cookie_lifetime', $sessInstance->cookieLifeTime);
ini_set('session.cookie_path', '/');
ini_set('session.auto_start', 0);
ini_set('session.save_path', $sessInstance->sessionPath );
}
break;
}
if (ini_get('session.auto_start') == true && session_name() != $sessInstance->name) {
session_write_close();
}
if( is_null ($_SESSION) ) {
@session_name($sessInstance->name);
session_cache_limiter ("must-revalidate");
header ('P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"');
}
// Start session here ...
session_start() ;
if(! is_null ($_SESSION) ) {
if( $sessInstance->checkSet('session_timeout') )
$sessInstance->sessionStartTime = $sessInstance->read('session_timeout');
if( $sessInstance->userAgentCheck && $sessInstance->checkSet('userAgent') )
$sessInstance->userAgent = $sessInstance->read('userAgent') ;
$sessInstance->write('session_timeout', time() + $sessInstance->ideal ) ;
$sessInstance->write('userAgent', $_SERVER['HTTP_USER_AGENT']) ;
}
$instance[] = &$sessInstance ;
}
return $instance[0];
}
public function getRefreshGuid() {
return base64_encode( md5( uniqid()));
}
public function checkSession() {
$s = "";
$refreshedDetected = false ;
if( $this->refreshCheck && (strtolower($_SERVER['REQUEST_METHOD']) == 'post') && isset($_POST['REFRESH_GUID']) ) {
$s = $_POST['REFRESH_GUID'];
if( ! $this->checkSet('REFRESH_QUEUE') )
$this->write('REFRESH_QUEUE', array() );
$queue = $this->read('REFRESH_QUEUE');
if( in_array($s, array_values($queue)) && strlen($s) >0 )
$refreshedDetected = true;
else {
if ( count($queue) > self::queueSize )
$queue= array_slice($queue,0 ,self::queueSize);
//since the post is not a refresh the guid is written to the queue
array_unshift($queue, $s);
$this->write( 'REFRESH_QUEUE', $queue);
}
}
$ret = !( ($this->postCheck && (strtolower($_SERVER['REQUEST_METHOD']) == 'get')) || ($this->userAgentCheck && (strtolower($_SERVER['HTTP_USER_AGENT']) != strtolower($this->read('userAgent')))) || ( $this->ideal!=0 && $this->sessionStartTime >0 && time() > $this->sessionStartTime ) || $refreshedDetected );
if( $ret && $this->regenerate)
$this->regenerate_id() ;
return $ret;
}
public function regenerate_id( ) {
$oldSessionId = session_id();
if ($oldSessionId && function_exists('session_regenerate_id') ) {
$sessionpath = session_save_path();
if (PHP_VERSION < 5.1) {
session_regenerate_id(true);
$newSessid = session_id();
if (function_exists('session_write_close')) {
session_write_close();
}
$file = $sessionpath . DIRECTORY_SEPARATOR . "sess_$oldSessionId";
@unlink($file);
session_id($newSessid);
session_start();
} else {
session_regenerate_id();
$newSessid = session_id();
session_write_close();
$file = $sessionpath . DIRECTORY_SEPARATOR . "sess_$oldSessionId";
@unlink($file);
session_id($newSessid);
session_start();
}
}
}
public function delete($name ) {
if( $this->checkSet($name) ) {
unset( $_SESSION[$this->APP_SESS][$name] );
return true;
} else
return false;
}
public function destroy($force = false ) {
if( $force) {
session_destroy();
session_write_close();
$_SESSION = null;
return true;
} else {
if( isset($_SESSION[$this->APP_SESS]) ){
unset($_SESSION[$this->APP_SESS]);
return true;
} else
return false;
}
}
public function started() {
return !is_null($_SESSION) ;
}
public function write($name , $value ) {
// not started , Start session now
if( !$this->started() )
$this->startSession($this->useSession, true);
$_SESSION[$this->APP_SESS][$name] = $this->ciphered ? mcryptCryptography::getInstance()->encrypt( serialize($value)) : $value;
}
public function read($name, $default = false ) {
// Dont start session
return $this->checkSet($name) ? $this->ciphered ? unserialize(mcryptCryptography::getInstance()->decrypt($_SESSION[$this->APP_SESS][$name] )) : $_SESSION[$this->APP_SESS][$name] : $default ;
}
public function checkSet($name) {
return isset( $_SESSION[$this->APP_SESS][$name]);
}
public function flash() {
$args = func_get_args();
if( empty($args) ) {
$FLASH_MSG = $this->read('FLASH_MSG');
$this->delete('FLASH_MSG') ;
return $FLASH_MSG;
} else {
$this->write('FLASH_MSG' ,$args[0]) ;
}
}
public function jsDisabledKey() {
if( $this->level >0 ) :?>
<script type="text/javascript" >
function CtrlCutCopyPaste(e) {
//For Ctrl Key
if(e && e.keyCode == 17 || e && e.keyCode == 18) {
// Capture and remap F5
alert('This Activity is Unauthorized!\n\r =>3G Rocket Framework 1.0');
return false;
}
var keyCode = 0 ;
if( e && e.keyCode == 116) {
// Capture and remap F5
//window.event.keyCode = 505;
keyCode = 505 ;
}
if(e && keyCode == 505) {
// New action for F5
alert('F5 Key Function is disabled on this Page\n\r =>3G Rocket Framework 1.0');
return false;
// Must return false or the browser will refresh anyway
}
return true;
}
function disableF5Key(e) {
var set = 0 ;
if(e && e.keyCode == 116) {
// Capture and remap F5
// Bugs in forfox 3.6.3 , find by me on 2010- june - 11 +/- 10.10:10 am
//e.keyCode = 505;
set = 505 ;
}
if(e && set == 505) {
// New action for F5
alert('F5 Key Function is disabled on this Page\n\r =>3G Rocket Framework 1.0');
return false;
// Must return false or the browser will refresh anyway
}
if(e && e.keyCode == '17'){
alert('Control Key is disabled on this Page\n\r =>3G Rocket Framework 1.0');
return false;
}
if(e && e.keyCode == '18') {
alert('Alt Key is disabled on this Page\n\r =>3G Rocket Framework 1.0');
return false;
}
return true;
}
var message="Right Click Function Disabled on this Page!\n\r =>3G Rocket Framework 1.0";
function clickIE4() {
if (event.button==2){
alert(message);
return false;
}
}
function clickNS4(e) {
if (document.layers||document.getElementById&&!document.all){
if (e.which==2||e.which==3) {
alert(message);
return false;
}
}
}
if (document.layers) {
document.captureEvents(Event.MOUSEDOWN);
document.onmousedown=clickNS4;
}
else if (document.all&&!document.getElementById){
document.onmousedown=clickIE4;
}
document.oncontextmenu=new Function("alert(message);return false")
//document.onkeydown = disableF5Key
//document.onkeydown = CtrlCutCopyPaste
document.onkeydown=doc_onKeyDown ; // new Function("disableF5Key();CtrlCutCopyPaste();return false")
function doc_onKeyDown(e) {
if( typeof e == 'undefined' )
e = window.event ;
if ( disableF5Key(e) == true )
return CtrlCutCopyPaste(e);
else
return false;
}
</script>
<?php endif;
}
}
?>