isHttps ()) ini_set ('session.cookie_secure', TRUE); session_start (); // Setting the locale if (isset ($_SERVER['HTTP_ACCEPT_LANGUAGE'])) if (!isset ($_SESSION['http_language']) || $_SESSION['http_language'] != $_SERVER['HTTP_ACCEPT_LANGUAGE']) { $_SESSION['http_language'] = $_SERVER['HTTP_ACCEPT_LANGUAGE']; $regexp = '/([a-z]{1,4})(?:-[a-z]{1,4})?\s*(?:;\s*q\s*=\s*(?:1|0\.[0-9]+))?,?/i'; preg_match_all ($regexp, $_SERVER['HTTP_ACCEPT_LANGUAGE'], $languages); foreach ($languages[1] as $lang) if (stream_resolve_include_path ("locale/$lang")) { $_SESSION['lang'] = $lang; break; } } if (!isset ($_SESSION['lang'])) $_SESSION['lang'] = NULL; Locale::set ($_SESSION['lang']); // Registering the visit if (!isset ($_COOKIE['PHPSESSID']) || isset ($_SESSION['access']) || isset ($_SESSION['skipVisit'])) return; $agent = $_SERVER['HTTP_USER_AGENT']; $browser = get_browser ($agent, TRUE); if (isset ($browser['crawler']) && $browser['crawler']) { $_SESSION['skipVisit'] = TRUE; return; } if (isset ($_SERVER['REMOTE_ADDR'])) $ip = ip2long ($_SERVER['REMOTE_ADDR']); $sysConn = $this->getSysConn (); $row = $sysConn->getRow ( 'CALL visit_register (#, #, #, #, #, #, #, #, #)', [ nullIf ($_COOKIE, 'vn_visit') ,nullIf ($browser, 'platform') ,nullIf ($browser, 'browser') ,nullIf ($browser, 'version') ,nullIf ($browser, 'javascript') ,nullIf ($browser, 'cookies') ,isset ($agent) ? $agent : NULL ,isset ($ip) && $ip ? $ip : NULL ,nullIf ($_SERVER, 'HTTP_REFERER') ] ); if (isset ($row['access'])) { setcookie ('vn_visit', $row['visit'], time () + 31536000); // 1 Year $_SESSION['access'] = $row['access']; } else $_SESSION['skipVisit'] = TRUE; } /** * Checks if the HTTP connection is secure. * * @return boolean Return %TRUE if its secure, %FALSE otherwise **/ function isHttps () { return isset ($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'; } /** * Obtains the application version number. It is based on de last * modification date of the main script. **/ function getVersion () { return (int) strftime ('%G%m%d%H%M%S', filectime ($_SERVER['SCRIPT_FILENAME'])); } /** * Gets the configuration file name. **/ function getConfigFile () { if (!empty ($_SERVER['SERVER_NAME']) && preg_match ('/^[\w\-\.]+$/', $_SERVER['SERVER_NAME'])) { $hostSplit = explode ('.', $_SERVER['SERVER_NAME']); $configDir = _CONFIG_DIR .'/'. $this->name; $hostFile = $configDir .'/config.'. $hostSplit[0] .'.php'; } if (isset ($hostFile) && file_exists ($hostFile)) return $hostFile; else return parent::getConfigFile (); } /** * Tries to retrieve user credentials from many sources such as POST, * SESSION or COOKIES. If $_POST['remember'] is defined the user credentials * are saved on the client brownser for future logins, cookies names are * 'vn_user' for the user name and 'vn_pass' for user password, the * password is encoded using base64_encode() function and should be decoded * using base64_decode(). **/ function login () { if ($this->conn) return $this->conn; $user = NULL; $password = NULL; $rememberUser = TRUE; $rememberPass = FALSE; $credentialsChanged = TRUE; $wasLoged = isset ($_SESSION['user']); if (isset ($_POST['guest'])) { $sysConn = $this->getSysConn (); $row = $sysConn->getRow ( 'SELECT guest_user, guest_pass FROM config'); if ($row) { $user = $row['guest_user']; $password = base64_decode ($row['guest_pass']); $rememberUser = FALSE; } } elseif (isset ($_POST['user']) && isset ($_POST['password'])) { $user = $_POST['user']; $password = $_POST['password']; if (isset ($_POST['remember']) && $_POST['remember']) $rememberPass = TRUE; } elseif (isset ($_SESSION['user'])) { $user = $_SESSION['user']; $password = $_SESSION['password']; $credentialsChanged = FALSE; } elseif (isset ($_COOKIE['vn_user']) && isset ($_COOKIE['vn_pass'])) { $user = $_COOKIE['vn_user']; $password = base64_decode ($_COOKIE['vn_pass']); $rememberPass = TRUE; } if (!isset ($user)) throw new SessionExpiredException (); try { $db = $this->createConnection ($user, $password); $db->query ('CALL user_session_start (#)', [session_id ()]); $this->conn = $db; if ($rememberUser) { $cookieLife = time () + 7 * 86400; // 7 Days setcookie ('vn_user', $user, $cookieLife); if ($rememberPass) setcookie ('vn_pass', base64_encode ($password), $cookieLife); } $_SESSION['user'] = $user; $_SESSION['password'] = $password; } catch (\Exception $e) { $this->conn = NULL; throw new BadLoginException (); } // Registering the user access if (!$wasLoged) unset ($_SESSION['visitUser']); if (isset ($_SESSION['access']) && !isset ($_SESSION['visitUser'])) { $sysConn = $this->getSysConn (); $_SESSION['visitUser'] = $sysConn->getValue ( 'CALL visit_user_new (#, #, #)', [ $_SESSION['access'] ,nullIf ($_SESSION, 'visitUser') ,session_id () ] ); if (!isset ($_SESSION['visitUnknown'])) $_SESSION['visitUnknown'] = $_SESSION['visitUser']; } return $db; } /** * Cleans the last saved used credentials. **/ function logout () { $_SESSION['visitUser'] = nullIf ($_SESSION, 'visitUnknown'); setcookie ('vn_pass', '', -1); unset ($_COOKIE['vn_pass']); unset ($_SESSION['user']); unset ($_SESSION['password']); if ($this->conn) { $this->conn->query ( 'DELETE FROM user_session_view ' .'WHERE connection_id = CONNECTION_ID()' ); $this->conn->close (); $this->conn = NULL; } } /** * Deinitializes the Application. When init method is called, this * function is called automatically at the end of the script . **/ function deinit () { if ($this->conn) $this->conn->query ('CALL user_session_end ()'); parent::deinit (); } } ?>