karsten/scattport-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Handle ajax requests correctly

Browse Source
This commit is contained in:
Eike Foken
2011-08-10 19:26:44 +02:00
parent 5140deaca8
commit 24fbe455a1
2 changed files with 75 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
application/hooks/global.php
View File

@@ -2,17 +2,17 @@
/* /*
* Copyright (c) 2011 Karsten Heiken <karsten@disposed.de> * Copyright (c) 2011 Karsten Heiken <karsten@disposed.de>
* *
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -33,9 +33,9 @@ function check_login() {
// whitelisted (publicly available) controllers // whitelisted (publicly available) controllers
$public_controllers = array('auth'); $public_controllers = array('auth');
$CI = & get_instance(); $CI = & get_instance();
if (!$CI->access->loggedIn() && !in_array($CI->router->class, $public_controllers)) { if (!$CI->input->is_ajax_request() && !$CI->access->loggedIn() && !in_array($CI->router->class, $public_controllers)) {
redirect('auth/login'); redirect('auth/login');
} }
} }

129
application/libraries/MY_Session.php
View File

@@ -7,83 +7,92 @@
*/ */
class MY_Session extends CI_Session { class MY_Session extends CI_Session {
/** /**
* Calls the parent constructor. * Calls the parent constructor.
*/ */
public function __construct() { public function __construct() {
parent::__construct(); parent::__construct();
} }
/** /**
* Generates a random and unique session ID. * Generates a random and unique session ID.
* *
* @return string * @return string
*/ */
private function generateHash() { private function generateHash() {
return sha1(uniqid(microtime() . $this->CI->input->ip_address(), true)); return sha1(uniqid(microtime() . $this->CI->input->ip_address(), true));
} }
/** /**
* Creates a new session. * Creates a new session.
*/ *
public function sess_create() { * @see CI_Session::sess_create()
$this->userdata = array( */
public function sess_create() {
$this->userdata = array(
'session_id' => $this->generateHash(), 'session_id' => $this->generateHash(),
'ip_address' => $this->CI->input->ip_address(), 'ip_address' => $this->CI->input->ip_address(),
'user_agent' => substr($this->CI->input->user_agent(), 0, 50), 'user_agent' => substr($this->CI->input->user_agent(), 0, 50),
'last_activity' => $this->now 'last_activity' => $this->now
); );
// save data to the DB if needed // save data to the DB if needed
if ($this->sess_use_database === true) { if ($this->sess_use_database === true) {
$this->CI->db->insert($this->sess_table_name, $this->userdata); $this->CI->db->insert($this->sess_table_name, $this->userdata);
} }
// write the cookie // write the cookie
$this->_set_cookie(); $this->_set_cookie();
} }
/** /**
* Updates an existing session. * Updates an existing session.
*/ *
public function sess_update() { * @see CI_Session::sess_update()
// skip the session update in case of an ajax call */
if ($this->CI->input->is_ajax_request()) { public function sess_update() {
return; // we only update the session every five minutes by default
} if ($this->userdata['last_activity'] + $this->sess_time_to_update >= $this->now) {
return;
}
// we only update the session every five minutes by default $oldSessionID = $this->userdata['session_id'];
if ($this->userdata['last_activity'] + $this->sess_time_to_update >= $this->now) { $newSessionID = $this->generateHash();
return;
}
$oldSessionID = $this->userdata['session_id']; $this->userdata['session_id'] = $newSessionID;
$newSessionID = $this->generateHash(); $this->userdata['last_activity'] = $this->now;
$this->userdata['session_id'] = $newSessionID; $cookieData = null;
$this->userdata['last_activity'] = $this->now;
$cookieData = null; // update the DB if needed
if ($this->sess_use_database === true) {
// set cookie explicitly to only have our session data
$cookieData = array();
foreach (array('session_id', 'user_id', 'ip_address', 'user_agent', 'last_activity') as $val) {
$cookieData[$val] = $this->userdata[$val];
}
// update the DB if needed $this->CI->db->update($this->sess_table_name, array('last_activity' => $this->now, 'user_id' => $this->userdata['user_id'], 'session_id' => $newSessionID), array('session_id' => $oldSessionID));
if ($this->sess_use_database === true) {
// set cookie explicitly to only have our session data
$cookieData = array();
foreach (array('session_id', 'user_id', 'ip_address', 'user_agent', 'last_activity') as $val) {
$cookieData[$val] = $this->userdata[$val];
}
$this->CI->db->update($this->sess_table_name, array('last_activity' => $this->now, 'user_id' => $this->userdata['user_id'], 'session_id' => $newSessionID), array('session_id' => $oldSessionID)); // update users table if user is logged in
if (array_key_exists('user_id', $this->userdata) && $this->userdata['user_id'] > 0) {
$this->CI->db->update('users', array('last_activity' => $this->now), array('id' => $this->userdata['user_id']));
}
}
// update users table if user is logged in // write the cookie
if (array_key_exists('user_id', $this->userdata) && $this->userdata['user_id'] > 0) { $this->_set_cookie($cookieData);
$this->CI->db->update('users', array('last_activity' => $this->now), array('id' => $this->userdata['user_id'])); }
}
}
// write the cookie /**
$this->_set_cookie($cookieData); * Destroys an existing session.
} *
* @see CI_Session::sess_destroy()
*/
public function sess_destroy() {
parent::sess_destroy();
$this->userdata = array();
}
} }
/* End of file MY_Session.php */ /* End of file MY_Session.php */