Commit e22db2e4 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Create class for Session handling

parent 8afc4275
......@@ -20,11 +20,18 @@ class File {
*/
private $store = null;
/**
* @var Session
*/
private $session = null;
/**
* @param bool|false $phpUnit
*/
public function __construct($phpUnit = false) {
$this->store = Store::getInstance('', $phpUnit);
$this->session = Session::getInstance($phpUnit);
// $sessionName = $this->store->getVar(SYSTEM_SESSION_NAME, STORE_SYSTEM);
// $this->sip = new Sip($sessionName);
$this->store = Store::getInstance('', $phpUnit);
$this->uploadErrMsg = [
UPLOAD_ERR_INI_SIZE => "The uploaded file exceeds the upload_max_filesize directive in php.ini",
......
......@@ -25,6 +25,7 @@ use qfq;
require_once(__DIR__ . '/../qfq/store/Store.php');
require_once(__DIR__ . '/../qfq/store/FillStoreForm.php');
require_once(__DIR__ . '/../qfq/store/Session.php');
require_once(__DIR__ . '/../qfq/Constants.php');
require_once(__DIR__ . '/../qfq/Save.php');
require_once(__DIR__ . '/../qfq/helper/KeyValueStringParser.php');
......@@ -58,14 +59,17 @@ require_once(__DIR__ . '/../qfq/BodytextParser.php');
* @package qfq
*/
class QuickFormQuery {
/**
* @var \qfq\Store instantiated class
*/
protected $store = null;
/**
* @var Database instantiated class
*/
protected $db = null;
/**
* @var Evaluate instantiated class
*/
......@@ -73,13 +77,22 @@ class QuickFormQuery {
protected $formSpec = array();
protected $feSpecAction = array(); // Form Definition: copy of the loaded form
protected $feSpecNative = array(); // FormEelement Definition: all formElement.class='action' of the loaded form
/**
* @var array
*/
private $t3data = array(); // FormEelement Definition: all formElement.class='native' of the loaded form
/**
* @var bool
*/
private $phpUnit = false;
/**
* @var Session
*/
private $session = null;
/*
* TODO:
* Preparation: setup logging, database access, record locking
......@@ -117,7 +130,7 @@ class QuickFormQuery {
// $arr1['session.name'] = ini_get('session.name');
// Refresh the session even if no new data saved.
$_SESSION['LAST_ACTIVITY'] = time();
Session::set('LAST_ACTIVITY', time());
set_error_handler("\\qfq\\ErrorHandler::exception_error_handler");
......@@ -133,6 +146,7 @@ class QuickFormQuery {
$bodytext = $this->t3data['bodytext'];
$this->session = Session::getInstance($phpUnit);
$this->store = Store::getInstance($bodytext, $phpUnit);
$this->store->setVar(TYPO3_TT_CONTENT_UID, $t3data['uid'], STORE_TYPO3);
$this->db = new Database();
......
......@@ -121,9 +121,10 @@ class SqlReportException extends \Exception {
public function errorMessage() {
// global $BE_USER; TA: Du sollst kein global verwenden!!
//error message
// if ($BE_USER->user["uid"]>0) { TA: Du sollst kein global verwenden!!
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $_SESSION[FORMREPORT]['be_user_uid'] > 0) {
$formreport = Session::get(FORMREPORT);
$beUserUid = ($formreport !== false && isset($formreport['be_user_uid'])) ? $formreport['be_user_uid'] : 0;
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $beUserUid > 0) {
$errorMsg = nl2br("<hr />Error: <strong>" . htmlentities($this->getMessage()) . "</strong><br />MySQL: <strong>" . mysql_error() . "</strong><hr />");
$errorMsg .= "SQL: <strong>" . htmlentities($this->sql) . "</strong><hr />";
$errorMsg .= "Formreport: <strong>" . $this->fr_error["row"] . "</strong><hr />";
......@@ -168,8 +169,9 @@ class CodeReportException extends \Exception {
public function errorMessage() {
// global $BE_USER; TA: Du sollst kein global verwenden!!
// if ($BE_USER->user["uid"]>0) { TA: Du sollst kein global verwenden!!
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $_SESSION[FORMREPORT]['be_user_uid'] > 0) {
$formreport = Session::get(FORMREPORT);
$beUserUid = ($formreport !== false && isset($formreport['be_user_uid'])) ? $formreport['be_user_uid'] : 0;
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $beUserUid > 0) {
$errorMsg = nl2br("<hr />Error: <strong>" . $this->getMessage() . "</strong><br />File: <strong>" . $this->file . "</strong><br />Line: <strong>" . $this->line . "</strong><hr />");
$errorMsg .= "StackTrace<pre>" . nl2br($this->getTraceAsString()) . "</pre><hr />";
} else {
......@@ -208,7 +210,9 @@ class UserReportExceptionUnused extends \Exception {
* @return string
*/
public function errorMessage() {
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $_SESSION[FORMREPORT]['be_user_uid'] > 0) {
$formreport = Session::get(FORMREPORT);
$beUserUid = ($formreport !== false && isset($formreport['be_user_uid'])) ? $formreport['be_user_uid'] : 0;
if ($GLOBALS['BE_USER']->user["uid"] > 0 || $beUserUid > 0) {
$errorMsg = nl2br("<hr />Error: <strong>" . $this->getMessage() . "</strong><br />File: <strong>" . $this->file . "</strong><br />Line: <strong>" . $this->line . "</strong><hr />");
$errorMsg .= "StackTrace<pre>" . nl2br($this->getTraceAsString()) . "</pre><hr />";
} else {
......
<?php
/**
* Created by PhpStorm.
* User: crose
* Date: 5/4/16
* Time: 1:34 PM
*/
namespace qfq;
class Session {
private static $instance = null;
private static $phpUnit = null;
private static $sessionLocal = array();
/**
* @param bool|false $phpUnit
*/
private function __construct($phpUnit = false) {
if (self::$phpUnit !== null)
throw new CodeException("Try to set flag phpunit again - that should not happen.", ERROR_CODE_SHOULD_NOT_HAPPEN);
self::$phpUnit = $phpUnit;
if (self::$phpUnit) {
self::$sessionLocal = array();
} else {
session_name();
session_start();
}
}
/**
* @param bool|false $phpUnit
* @return null|\qfq\Store
*/
public static function getInstance($phpUnit = false) {
// Design Pattern: Singleton
if (self::$instance === null) {
self::$instance = new self($phpUnit);
}
return self::$instance;
}
/**
* @param $key
* @return bool
*/
public static function get($key) {
if (self::$phpUnit) {
if (isset(self::$sessionLocal[$key]))
$value = self::$sessionLocal[$key];
else
$value = false;
} else {
if (isset($_SESSION[$key]))
$value = $_SESSION[$key];
else
$value = false;
}
return $value;
}
/**
* @param $key
* @param $value
*/
public static function set($key, $value) {
if (self::$phpUnit) {
self::$sessionLocal[$key] = $value;
} else {
$_SESSION[$key] = $value;
}
}
/**
*/
public static function clear() {
if (self::$phpUnit) {
self::$sessionLocal = array();
} else {
unset($_SESSION);
}
}
}
\ No newline at end of file
......@@ -16,6 +16,8 @@ use qfq\KeyValueStringParser;
require_once(__DIR__ . '/../../qfq/helper/OnArray.php');
require_once(__DIR__ . '/../../qfq/Constants.php');
require_once(__DIR__ . '/../../qfq/exceptions/CodeException.php');
require_once(__DIR__ . '/Session.php');
/**
* Class Sip
......@@ -34,24 +36,23 @@ class Sip {
$this->phpUnit = $phpUnit;
if ($sessionname == "") {
throw new CodeException('Missing "sessionname"', ERROR_MISSING_SESSIONNAME);
}
session_name();
// if ($sessionname == "") {
// throw new CodeException('Missing "sessionname"', ERROR_MISSING_SESSIONNAME);
// }
//
// session_name();
//
// if ($phpUnit) {
// $_SESSION = null;
// } else {
// session_start();
// }
if ($phpUnit) {
$_SESSION = null;
// @session_start();
} else {
// session_name($sessionname);
session_start();
}
$feUserUid = Session::get(SESSION_FE_USER_UID);
// Typo3: remember logged in FE User
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && !isset($_SESSION[SESSION_FE_USER_UID])) {
$_SESSION[SESSION_FE_USER_UID] = $GLOBALS["TSFE"]->fe_user->user["uid"];
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"]) && $feUserUid === false) {
Session::set(SESSION_FE_USER_UID, $GLOBALS["TSFE"]->fe_user->user["uid"]);
}
}
......@@ -74,11 +75,7 @@ class Sip {
public function queryStringToSip($queryString, $mode = RETURN_URL, $scriptName = 'index.php') {
// Validate: Check if still the same fe_user is logged in.
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
unset($_SESSION);
}
}
$this->checkFeUserUid();
$clientArray = array();
$sipArray = array();
......@@ -95,13 +92,14 @@ class Sip {
// Generate keyname for $_SESSION[]
$sipParamString = OnArray::toString($sipArray);
if (isset($_SESSION[$sipParamString])) {
$s = $_SESSION[$sipParamString];
$sessionParamSip = Session::get($sipParamString);
if ($sessionParamSip !== false) {
$s = $sessionParamSip;
} else {
// Not found: create new entry
$s = $this->sipUniqId();
$_SESSION[$sipParamString] = $s;
$_SESSION[$s] = $sipParamString;
Session::set($sipParamString, $s);
Session::set($s, $sipParamString);
}
// Append SIP to final parameter
......@@ -129,6 +127,22 @@ class Sip {
return $rc;
}
/**
*
*/
private function checkFeUserUid() {
// Validate: Check if still the same fe_user is logged in.
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
$feUserUid = Session::get(SESSION_FE_USER_UID);
if ($feUserUid !== false && $feUserUid != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
Session::clear();
}
}
}
/**
* Splits the $paramArray in &$clientArray and &$sipArray. $sipArray contains all key/values pairs wich are not belong to Typo3.
*
......@@ -236,20 +250,18 @@ class Sip {
throw new UserFormException("Broken Parameter", ERROR_BROKEN_PARAMETER);
}
# Check if still the same fe_user is logged in.
if (isset($GLOBALS["TSFE"]->fe_user->user["uid"])) {
if ($_SESSION[SESSION_FE_USER_UID] != $GLOBALS["TSFE"]->fe_user->user["uid"]) {
throw new UserFormException("No user logged in or user changed - please reload the previous site.", ERROR_FE_USER_UID_CHANGED);
}
}
// Validate: Check if still the same fe_user is logged in.
$this->checkFeUserUid();
# Check if index 's' exists.
if (!isset($_SESSION[$s])) {
$sessionVar = Session::get($s);
if ($sessionVar === false) {
throw new UserFormException("SIP '$s' not registered - please reload the previous site and try again.", ERROR_SIP_NOT_FOUND);
}
// Decode parameter
return KeyValueStringParser::parse($_SESSION[$s], "=", "&");
return KeyValueStringParser::parse($sessionVar, "=", "&");
}
/**
......@@ -259,10 +271,7 @@ class Sip {
* @return mixed
*/
public function getSipFromQueryString($queryString) {
if (isset($_SESSION[$queryString])) {
return $_SESSION[$queryString];
}
return false;
return Session::get($queryString);
}
/**
......@@ -272,10 +281,7 @@ class Sip {
* @return bool
*/
public function getQueryStringFromSip($sip) {
if (isset($_SESSION[$sip])) {
return $_SESSION[$sip];
}
return false;
return Session::get($sip);
}
}
\ No newline at end of file
......@@ -374,11 +374,11 @@ class Store {
* @throws \qfq\CodeException
*/
private static function fillStoreExtra() {
if (isset($_SESSION[STORE_EXTRA]))
self::setVarArray($_SESSION[STORE_EXTRA], STORE_EXTRA, true);
else
$value = Session::get(STORE_EXTRA);
if ($value === false)
self::setVarArray(array(), STORE_EXTRA, true);
else
self::setVarArray($_SESSION[STORE_EXTRA], STORE_EXTRA, true);
}
/**
......@@ -390,7 +390,7 @@ class Store {
if ($phpUnit) {
if (self::$instance !== null) {
// fake to have a clean environment for the next test.
self::unsetStore(STORE_TYPO3);
self::fillStoreTypo3($bodytext);
......@@ -463,8 +463,12 @@ class Store {
// The STORE_EXTRA saves arrays and is persistent
if ($store === STORE_EXTRA) {
$store = Session::get(STORE_EXTRA);
if ($store === false)
$store = array();
$store[$key] = $value;
Session::set(STORE_EXTRA, $store);
$_SESSION[STORE_EXTRA][$key] = $value;
}
}
......
<?php
namespace qfq;
require_once(__DIR__ . '/../../qfq/Constants.php');
require_once(__DIR__ . '/../../qfq/store/Session.php');
/**
* Created by PhpStorm.
* User: crose
* Date: 1/10/16
* Time: 10:55 PM
*/
class SessionTest extends \PHPUnit_Framework_TestCase {
public function testGetSession() {
$session1 = Session::getInstance();
$session2 = Session::getInstance();
$this->assertEquals($session1, $session2);
// should not be null
$this->assertEquals(false, $session2 === null);
// changing of 'phpUnit' should not fire an exception
Session::getInstance(false);
// changing of 'phpUnit' should not fire an exception
Session::getInstance(true);
}
public function testGet() {
// write/read data1
Session::set('var1', 'data1');
$val = Session::get('var1');
$this->assertEquals('data1', $val);
// write/read data2
Session::set('var2', 'data2');
$val = Session::get('var2');
$this->assertEquals('data2', $val);
// read data1 again
$val = Session::get('var1');
$this->assertEquals('data1', $val);
// rewrite/read data1
Session::set('var1', 'data1again');
$val = Session::get('var1');
$this->assertEquals('data1again', $val);
// read non existing
$val = Session::get('var3');
$this->assertEquals(false, $val);
}
public function testClear() {
// write/read data1
Session::set('var1', 'data1');
Session::clear();
$val = Session::get('var1');
$this->assertEquals(false, $val);
}
public function setup() {
Session::getInstance(true);
}
}
\ No newline at end of file
......@@ -2,10 +2,7 @@
namespace qfq;
//use qfq\Sip;
require_once(__DIR__ . '/../../qfq/Constants.php');
//require_once(__DIR__ . '/../../qfq/QuickFormQuery.php');
require_once(__DIR__ . '/../../qfq/store/Sip.php');
/**
......@@ -89,6 +86,14 @@ class SipTest extends \PHPUnit_Framework_TestCase {
}
public function testFakeUniqId() {
$sip = new Sip('fakesessionname', true);
$this->assertEquals('badcaffee1234', $sip->sipUniqId('badcaffee1234'));
$sip = new Sip('fakesessionname', true);
$this->assertEquals('badcaffee5678', $sip->sipUniqId('badcaffee5678'));
}
public function testGetSipFromUrlParam() {
$sip = new Sip('fakesessionname', true);
......@@ -102,8 +107,8 @@ class SipTest extends \PHPUnit_Framework_TestCase {
$this->assertFalse($s);
$sip->sipUniqId('badcaffee1111');
$url = $sip->queryStringToSip("a=1&b=2&c=3", RETURN_SIP);
$s = $sip->getSipFromQueryString('a=1&b=2&c=3');
$url = $sip->queryStringToSip("a=10&b=20&c=30", RETURN_SIP);
$s = $sip->getSipFromQueryString('a=10&b=20&c=30');
$this->assertEquals('badcaffee1111', $s);
}
......@@ -120,9 +125,9 @@ class SipTest extends \PHPUnit_Framework_TestCase {
$sip = new Sip('fakesessionname', true);
$sip->sipUniqId('badcaffee1234');
$s = $sip->queryStringToSip("http://example.com/index.php?id=input&r=1&form=person", RETURN_SIP);
$s = $sip->queryStringToSip("http://example.com/index.php?id=input&r=20&form=person", RETURN_SIP);
$result = $sip->getQueryStringFromSip($s);
$this->assertEquals('form=person&r=1', $result);
$this->assertEquals('form=person&r=20', $result);
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment