UNB Components Code Reference

UnbSession class

The session class manages a user session and thus logically connects multiple web page requests. It can establish, configure and terminate sessions as well as generate and validate login information.

UnbSession is a static class, there is no instance of it. All methods are static, so that session information can be used from multiple classes without passing a reference everywhere.

It depends on the UnbUser class for user account related tasks.

Public methods

S CheckUrlKey

Checks a given URL key.

S ConvertPassword

Converts a plain password for storing it in the database.

S Decrypt

Decrypts data with the system encrpytion key.

S DeleteSession

Deletes an active session.

S EnableSession

Enables using a session.

S Encrypt

Encrypts data with the system encrpytion key.

S GeneratePassword

Generates a new random password.

S GetSessionUser

Gets the currently active session user.

S GetSessionUserId

Gets the ID of the currently active session user.

S GetSessionUserKeys

Gets all the session user's keys, that is the user ID and all additional keys.

S GetUrlKey

Gets a URL key that identifies a request as valid for the current session.

S GetVar

Gets a variable from the session variable space.

S IsAdministrator

Gets a value indicating whether the active session user is an administrator.

S IsLoggedIn

Gets a value indicating whether the active session user is logged in.

S IsModerator

Gets a value indicating whether the active session user is a moderator.

S IsTrusted

Gets a value indicating whether the active session user is called "trusted".

S SetCookie

Sends a cookie to the browser.

S SetSessionUser

Sets a new active session user.

S SetVar

Sets a variable in the session variable space.

S ValidateSessionUserPassword

Validates the current session user's password.

Private methods

   Class constructor

Private constructor, does nothing but preventing an instantiation of this class.

S GetCookieDomain

Gets the cookie domain to be used.

S GetCookiePath

Gets the cookie path to be used.

S InitialiseSession

Initialises required internal session variables.

S StartPhpSession

Does everything required to use PHP's session support.

S ValidatePassword

Validates a plain password against a stored password hash.

Private fields

sessionUser  –  default: null

Currently active session user (UnbUser object)

Constants

SessionName ''

Session name. Set to '' to use an automatic name. See PHP's session_name() for details.

File: session.class.php, line 25
SessionIpNetMask 0xFFFFFF00

Session IP address netmask. Set to 0 to disable this security check. TODO: Support IPv6

File: session.class.php, line 28
SessionExpireTimeout 60

Session expiration timeout in minutes. Set to 0 to disable this security check.

File: session.class.php, line 30
CookieDomain ''

Session cookie domain. Set to '' to use the default value.

File: session.class.php, line 32
CookiePath ''

Session cookie path. Set to '' to use the URL path of the calling script.

File: session.class.php, line 34
SessionArrayVar 'UNB'

Name of the array in $_SESSION where all UNB session data is stored into

File: session.class.php, line 36
DefaultEncryptionKey 'UNB2_Key_1234567890'

Default system encryption key. Set a different key via the configuration setting "encryption.key". At maximum 32 bytes are used as key. Any additional length is ignored and does not enhance security. TODO: Make this a variable and use some constant system information for the default key.

File: session.class.php, line 40

Implementation file: session.class.php, line 22

© 2011 Yves Goergen. UNB Components Homepage. Reference generated on 2011-02-06.