lychee/php/Modules/Session.php

<?php

namespace Lychee\Modules;

final class Session {

	public function init($public = true) {

		// Call plugins
		Plugins::get()->activate(__METHOD__, 0, func_get_args());

		// Return settings
		$return['config'] = Settings::get();

		// Path to Lychee for the server-import dialog
		$return['config']['location'] = LYCHEE;

		// Remove username and password from response
		unset($return['config']['username']);
		unset($return['config']['password']);

		// Remove identifier from response
		unset($return['config']['identifier']);

		// Check if login credentials exist and login if they don't
		if ($this->noLogin()===true) {
			$public = false;
			$return['config']['login'] = false;
		} else {
			$return['config']['login'] = true;
		}

		if ($public===false) {

			// Logged in
			$return['status'] = LYCHEE_STATUS_LOGGEDIN;

		} else {

			// Logged out
			$return['status'] = LYCHEE_STATUS_LOGGEDOUT;

			// Unset unused vars
			unset($return['config']['skipDuplicates']);
			unset($return['config']['thumbQuality']);
			unset($return['config']['sortingAlbums']);
			unset($return['config']['sortingPhotos']);
			unset($return['config']['dropboxKey']);
			unset($return['config']['login']);
			unset($return['config']['location']);
			unset($return['config']['imagick']);
			unset($return['config']['medium']);
			unset($return['config']['plugins']);

		}

		// Call plugins
		Plugins::get()->activate(__METHOD__, 1, func_get_args());

		return $return;

	}

	public function login($username, $password) {

		// Call plugins
		Plugins::get()->activate(__METHOD__, 0, func_get_args());

		$username = crypt($username, Settings::get()['username']);
		$password = crypt($password, Settings::get()['password']);

		// Check login with crypted hash
		if (Settings::get()['username']===$username&&
			Settings::get()['password']===$password) {
				$_SESSION['login']      = true;
				$_SESSION['identifier'] = Settings::get()['identifier'];
				return true;
		}

		// No login
		if ($this->noLogin()===true) return true;

		// Call plugins
		Plugins::get()->activate(__METHOD__, 1, func_get_args());

		return false;

	}

	private function noLogin() {

		// Check if login credentials exist and login if they don't
		if (Settings::get()['username']===''&&
			Settings::get()['password']==='') {
				$_SESSION['login']      = true;
				$_SESSION['identifier'] = Settings::get()['identifier'];
				return true;
		}

		return false;

	}

	public function logout() {

		// Call plugins
		Plugins::get()->activate(__METHOD__, 0, func_get_args());

		$_SESSION['login']      = null;
		$_SESSION['identifier'] = null;

		session_destroy();

		// Call plugins
		Plugins::get()->activate(__METHOD__, 1, func_get_args());

		return true;

	}

}

?>
Session class 2014-04-04 19:10:32 +00:00			`<?php`

Namespaces, Plugins via Namespaces, API entry file renamned, Settings::set() 2016-01-26 14:31:53 +00:00			`namespace Lychee\Modules;`
Session class 2014-04-04 19:10:32 +00:00
Added Validator, removed Module, changed Access classes 2016-01-30 20:33:31 +00:00			`final class Session {`
Session class 2014-04-04 19:10:32 +00:00
Default param for Session init 2016-01-30 19:18:10 +00:00			`public function init($public = true) {`
Session class 2014-04-04 19:10:32 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 0, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Return settings`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 2016-01-24 21:14:20 +00:00			`$return['config'] = Settings::get();`
Stop init from returning username 2015-04-17 20:50:35 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Path to Lychee for the server-import dialog`
PHP code style adjustments 2016-01-19 10:03:28 +00:00			`$return['config']['location'] = LYCHEE;`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Remove username and password from response`
Stop init from returning username 2015-04-17 20:50:35 +00:00			`unset($return['config']['username']);`
Session class 2014-04-04 19:10:32 +00:00			`unset($return['config']['password']);`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Remove identifier from response`
Use identifier to prevent login of multiple instances of lychee #344 2015-05-14 19:07:42 +00:00			`unset($return['config']['identifier']);`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Check if login credentials exist and login if they don't`
Auto login after installation 2015-01-23 20:00:27 +00:00			`if ($this->noLogin()===true) {`
			`$public = false;`
			`$return['config']['login'] = false;`
			`} else {`
			`$return['config']['login'] = true;`
			`}`
Session class 2014-04-04 19:10:32 +00:00
			`if ($public===false) {`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Logged in`
Simplified response of session init 2015-03-06 22:29:55 +00:00			`$return['status'] = LYCHEE_STATUS_LOGGEDIN;`
Session class 2014-04-04 19:10:32 +00:00
			`} else {`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Logged out`
Simplified response of session init 2015-03-06 22:29:55 +00:00			`$return['status'] = LYCHEE_STATUS_LOGGEDOUT;`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Unset unused vars`
Remove skipDuplicates from init response when logged out 2016-01-30 19:18:24 +00:00			`unset($return['config']['skipDuplicates']);`
Session class 2014-04-04 19:10:32 +00:00			`unset($return['config']['thumbQuality']);`
Added album sorting #98 2015-05-14 15:20:33 +00:00			`unset($return['config']['sortingAlbums']);`
Updated default tables and changed sorting var/entry to sortingPhotos #98 2015-05-14 15:47:17 +00:00			`unset($return['config']['sortingPhotos']);`
Session class 2014-04-04 19:10:32 +00:00			`unset($return['config']['dropboxKey']);`
			`unset($return['config']['login']);`
Server returns location of lychee Used for the new server-import dialog 2014-07-23 19:24:25 +00:00			`unset($return['config']['location']);`
Added album sorting #98 2015-05-14 15:20:33 +00:00			`unset($return['config']['imagick']);`
			`unset($return['config']['medium']);`
Do not return list of plugins when logged out 2014-07-27 12:17:01 +00:00			`unset($return['config']['plugins']);`
Session class 2014-04-04 19:10:32 +00:00
			`}`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 1, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
Session class 2014-04-04 19:10:32 +00:00			`return $return;`

			`}`

			`public function login($username, $password) {`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 0, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 2016-01-24 21:14:20 +00:00			`$username = crypt($username, Settings::get()['username']);`
			`$password = crypt($password, Settings::get()['password']);`
Session class 2014-04-04 19:10:32 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Check login with crypted hash`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 2016-01-24 21:14:20 +00:00			`if (Settings::get()['username']===$username&&`
			`Settings::get()['password']===$password) {`
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`$_SESSION['login'] = true;`
			`$_SESSION['identifier'] = Settings::get()['identifier'];`
Removed useless md5 hashing in front-end and added username hashing in back-end 2015-02-08 14:36:13 +00:00			`return true;`
[Feature] don't hash passwords with MD5 in DB #114 All newly set and resetted passwords will now be stored as blowfish hashed string generated via crypt(). Refs: #114 2014-04-21 00:19:23 +00:00			`}`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// No login`
Use identifier to prevent login of multiple instances of lychee #344 2015-05-14 19:07:42 +00:00			`if ($this->noLogin()===true) return true;`
Session class 2014-04-04 19:10:32 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 1, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
Session class 2014-04-04 19:10:32 +00:00			`return false;`

			`}`

Auto login after installation 2015-01-23 20:00:27 +00:00			`private function noLogin() {`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Check if login credentials exist and login if they don't`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 2016-01-24 21:14:20 +00:00			`if (Settings::get()['username']===''&&`
			`Settings::get()['password']==='') {`
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`$_SESSION['login'] = true;`
			`$_SESSION['identifier'] = Settings::get()['identifier'];`
Removed useless md5 hashing in front-end and added username hashing in back-end 2015-02-08 14:36:13 +00:00			`return true;`
Auto login after installation 2015-01-23 20:00:27 +00:00			`}`

			`return false;`

			`}`

Session class 2014-04-04 19:10:32 +00:00			`public function logout() {`

// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 0, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`$_SESSION['login'] = null;`
			`$_SESSION['identifier'] = null;`
Use identifier to prevent login of multiple instances of lychee #344 2015-05-14 19:07:42 +00:00
Session class 2014-04-04 19:10:32 +00:00			`session_destroy();`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
// for comments and spaces for alignment 2016-01-30 20:43:57 +00:00			`// Call plugins`
Activate plugins directly without extending Module 2016-01-29 23:27:50 +00:00			`Plugins::get()->activate(__METHOD__, 1, func_get_args());`
Added plugin-call to Session 2014-04-04 19:12:49 +00:00
Session class 2014-04-04 19:10:32 +00:00			`return true;`

			`}`

			`}`

			`?>`