Advanced Search

Secure Static Session Class (Handles Arrays)

/ Published in: PHP
Save to your folder(s)
This is a static session wrapper that handles single variables and arrays. It allows setting, resetting, and deleting session variables (without destroying the session). It regenerates the session id every time a session is started to prevent session hijacking. See Examples of use below the code or (https://gist.github.com/4128373)

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. /**
  2. * Session
  3. * -Static Session Wrapper Class
  4. * -Convienience Methods (do Error Checking),
  5. * -Measures To Prevent Session Hijacking,
  6. * -Handles Single Variables or Associative
  7. * Arrays through autodetecting the type
  8. * passed in.
  9. * @package sandboxphp
  10. * @author hskitts
  11. * @copyright 2012
  12. * @version $Id$
  13. * @access public
  14. */
  15. class Session{
  16.     /**
  17. * Session::start()
  18. * Start A Secure Session
  19. * Helps Prevent Session Hijacking
  20. * @return void
  21. */
  22.     public static function start(){
  23.         if (session_id() == false){
  24.             session_start();
  25.             session_regenerate_id();//vs session hijacking
  26.         }
  27.     }
  28.  
  29.     /**
  30. * Session::set()
  31. * Sets Session Variables
  32. * Handles Arrays and Single Variables by detecting $key type
  33. * in the case of $key being an array:
  34. * $value will be an array of key value
  35. * pairs in the $key array
  36. * @param mixed $key
  37. * @param mixed $value if key is an array $value must be array
  38. * @return void
  39. */
  40.     public static function set($key, $value) {
  41.         if (is_array($value)){ //if value is an array update and existing variable
  42.             $ARRAY = $_SESSION[$key]; //save the current session array
  43.             foreach($value as $k => $v){ //for each key=value pair in the value passed in
  44.                 $ARRAY[$k] = $v; //push
  45.             }
  46.             $_SESSION[$key] = $ARRAY;
  47.             return;
  48.         }
  49.         $_SESSION[$key] = $value;
  50.     }
  51.  
  52.     /**
  53. * Session::get()
  54. * Get The Value Of A Session Variable
  55. * (Handles Arrays As well)
  56. * @param mixed $key session variable to get
  57. * @param bool $key2 only to access an array
  58. * @return
  59. */
  60.     public static function get($key,$key2=false){
  61.         if(isset($_SESSION[$key])){
  62.             if($key2){
  63.                return $_SESSION[$key][$key2];
  64.             }else{
  65.                return $_SESSION[$key];
  66.             }
  67.  
  68.         }else{
  69.             return false;
  70.         }
  71.     }
  72.  
  73.     /**
  74. * Session::del()
  75. * Delete A Session Variable
  76. * (This Does Not Destroy The
  77. * Whole Session)
  78. * @param mixed $key
  79. * @return void
  80. */
  81.     public static function del($key,$key2=false){
  82.         if(isset($_SESSION[$key])){
  83.             if($key2){
  84.                unset($_SESSION[$key][$key2]);
  85.             }else{
  86.                unset($_SESSION[$key]);
  87.             }
  88.         }
  89.     }
  90.  
  91.     /**
  92. * Session::destroy()
  93. * Destroy The Current Session With All Variables
  94. * @return void
  95. */
  96.     public static function destroy(){
  97.         if (session_id() == true){
  98.             session_destroy();
  99.         }
  100.     }
  101.  
  102.     /**
  103. * Session::dump()
  104. * Display The Current $_SESSION Array
  105. * (for debugging purposes)
  106. * @return void
  107. */
  108.     public static function dump(){
  109.         if (session_id() == true){
  110.             echo '<pre>';
  111.             print_r($_SESSION);
  112.             echo '</pre>';
  113.         }
  114.     }
  115. }
  116.  
  117. //EXAMPLES OF USE
  118. Session::start(); //Start  a Session
  119. $session_array = array(
  120.                 "username"=>"brucewayne",
  121.                 "logged_in"=>"10/21/12",
  122.                 "role"=>"Super-User Admin"
  123.         );
  124. Session::set("user",$session_array);
  125. Session::set("singleton","one");        
  126. Session::set("user",array("role"=>"head honcho","specialty"=>"vigilante crime fighting"));
  127. $singleton = Session::get("singleton");
  128. $username = Session::get("user","username");
  129. Session::del("user","role");
  130. Session::del("singleton");
  131. Session::destroy();

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.