From 43df706e66d16c38fa16d4f409cd297c7a0e5f61 Mon Sep 17 00:00:00 2001
From: Tobias Reich <tobias.reich.ich@gmail.com>
Date: Fri, 4 Apr 2014 21:10:32 +0200
Subject: [PATCH] Session class

---
 php/access/admin.php     |  14 +++--
 php/access/guest.php     |   8 +--
 php/api.php              |   2 +-
 php/modules/_session.php | 110 +++++++++++++++++++++++++++++++++++++++
 php/modules/session.php  |  69 ------------------------
 5 files changed, 125 insertions(+), 78 deletions(-)
 create mode 100755 php/modules/_session.php
 delete mode 100755 php/modules/session.php

diff --git a/php/access/admin.php b/php/access/admin.php
index 1d2c8b3..d283aa6 100644
--- a/php/access/admin.php
+++ b/php/access/admin.php
@@ -108,17 +108,21 @@ switch ($_POST['function']) {
 
 	// Session Function
 
-	case 'init':			echo json_encode(init('admin', $_POST['version']));
+	case 'init':			if (!isset($_POST['version'])) exit();
+							$session = new Session($plugins, $settings);
+							echo json_encode($session->init(false, $_POST['version']));
 							break;
 
-	case 'login':			if (isset($_POST['user'], $_POST['password']))
-								echo login($_POST['user'], $_POST['password']);
+	case 'login':			if (!isset($_POST['user'], $_POST['password'])) exit();
+							$session = new Session($plugins, $settings);
+							echo $session->login($_POST['user'], $_POST['password']);
 							break;
 
-	case 'logout':			logout();
+	case 'logout':			$session = new Session($plugins, $settings);
+							echo $session->logout();
 							break;
 
-	// Settings
+	// Settings Function
 
 	case 'setLogin':		if (isset($_POST['username'], $_POST['password']))
 								if (!isset($_POST['oldPassword'])) $_POST['oldPassword'] = '';
diff --git a/php/access/guest.php b/php/access/guest.php
index ab00b13..0725087 100644
--- a/php/access/guest.php
+++ b/php/access/guest.php
@@ -53,11 +53,13 @@ switch ($_POST['function']) {
 
 	// Session Functions
 
-	case 'init':			echo json_encode(init('public', $_POST['version']));
+	case 'init':			$session = new Session($plugins, $settings);
+							echo json_encode($session->init(true, $_POST['version']));
 							break;
 
-	case 'login':			if (isset($_POST['user'], $_POST['password']))
-								echo login($_POST['user'], $_POST['password']);
+	case 'login':			if (!isset($_POST['user'], $_POST['password'])) exit();
+							$session = new Session($plugins, $settings);
+							echo $session->login($_POST['user'], $_POST['password']);
 							break;
 
 	// Miscellaneous
diff --git a/php/api.php b/php/api.php
index 1fe582f..6b7fe8e 100755
--- a/php/api.php
+++ b/php/api.php
@@ -25,7 +25,7 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
 	require('modules/db.php');
 	require('modules/misc.php');
 	require('modules/photo.php');
-	require('modules/session.php');
+	require('modules/_session.php');
 	require('modules/settings.php');
 	require('modules/upload.php');
 
diff --git a/php/modules/_session.php b/php/modules/_session.php
new file mode 100755
index 0000000..5258827
--- /dev/null
+++ b/php/modules/_session.php
@@ -0,0 +1,110 @@
+<?php
+
+###
+# @name		Session Module
+# @author		Tobias Reich
+# @copyright	2014 by Tobias Reich
+###
+
+if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
+
+class Session {
+
+	private $plugins	= null;
+	private $settings	= null;
+
+	public function __construct($plugins, $settings) {
+
+		# Init vars
+		$this->plugins	= $plugins;
+		$this->settings	= $settings;
+
+		return true;
+
+	}
+
+	private function plugins($name, $location, $args) {
+
+		if (!isset($this->plugins, $name, $location, $args)) return false;
+
+		# Parse
+		$location = ($location===0 ? 'before' : 'after');
+
+		# Call plugins
+		$this->plugins->activate($name . ":" . $location, $args);
+
+		return true;
+
+	}
+
+	public function init($public, $version) {
+
+		if (!isset($this->settings, $public, $version)) return false;
+
+		global $configVersion;
+
+		# Update
+		if ($configVersion!==$version)
+			if (!update($version)) exit('Error: Updating the database failed!');
+
+		# Return settings
+		$return['config'] = $this->settings;
+		unset($return['config']['password']);
+
+		# No login
+		if ($this->settings['username']===''&&$this->settings['password']==='') $return['config']['login'] = false;
+		else $return['config']['login'] = true;
+
+		if ($public===false) {
+
+			# Logged in
+			$return['loggedIn'] = true;
+
+		} else {
+
+			# Unset unused vars
+			unset($return['config']['username']);
+			unset($return['config']['thumbQuality']);
+			unset($return['config']['sorting']);
+			unset($return['config']['dropboxKey']);
+			unset($return['config']['login']);
+
+			# Logged out
+			$return['loggedIn'] = false;
+
+		}
+
+		return $return;
+
+	}
+
+	public function login($username, $password) {
+
+		if (!isset($this->settings, $username, $password)) return false;
+
+		# Check login
+		if ($username===$this->settings['username']&&$password===$this->settings['password']) {
+			$_SESSION['login'] = true;
+			return true;
+		}
+
+		# No login
+		if ($this->settings['username']===''&&$this->settings['password']==='') {
+			$_SESSION['login'] = true;
+			return true;
+		}
+
+		return false;
+
+	}
+
+	public function logout() {
+
+		session_destroy();
+		return true;
+
+	}
+
+}
+
+?>
\ No newline at end of file
diff --git a/php/modules/session.php b/php/modules/session.php
deleted file mode 100755
index fecd555..0000000
--- a/php/modules/session.php
+++ /dev/null
@@ -1,69 +0,0 @@
-<?php
-
-/**
- * @name		Session Module
- * @author		Philipp Maurer
- * @author		Tobias Reich
- * @copyright	2014 by Philipp Maurer, Tobias Reich
- */
-
-if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
-
-function init($mode, $version) {
-
-	global $settings, $configVersion;
-
-	// Update
-	if ($configVersion!==$version)
-		if (!update($version)) exit('Error: Updating the database failed!');
-
-	$return['config'] = $settings;
-	unset($return['config']['password']);
-
-	// No login
-	if ($settings['username']===''&&$settings['password']==='') $return['config']['login'] = false;
-	else $return['config']['login'] = true;
-
-	if ($mode==='admin') {
-		$return['loggedIn'] = true;
-	} else {
-		unset($return['config']['username']);
-		unset($return['config']['thumbQuality']);
-		unset($return['config']['sorting']);
-		unset($return['config']['dropboxKey']);
-		unset($return['config']['login']);
-		$return['loggedIn'] = false;
-	}
-
-	return $return;
-
-}
-
-function login($username, $password) {
-
-	global $database, $settings;
-
-	// Check login
-	if ($username===$settings['username']&&$password===$settings['password']) {
-		$_SESSION['login'] = true;
-		return true;
-	}
-
-	// No login
-	if ($settings['username']===''&&$settings['password']==='') {
-		$_SESSION['login'] = true;
-		return true;
-	}
-
-	return false;
-
-}
-
-function logout() {
-
-	session_destroy();
-	return true;
-
-}
-
-?>
\ No newline at end of file