Ik ben pas begonnen met OOP en probeer nu een login + session systeem te maken.
De bedoeling is dat een gebruiker in kan loggen er dan een cookie gemaakt word met als inhoud een hash.
Deze hash word ook opgeslagen in de database en ook word het user object opgeslagen in de database.
Verder wil in de cookie ook weer opslaan in een session met session_set_save_handler()
Nu was mijn vraag aan jullie ben ik goed op weg? Wat zijn mijn verbeter punten tot nu toe? Waar moet ik rekening mee houden? Wat moet ik anders doen?
LoginAction.class.php
<?php
/**
* LoginAction klasse
*
* @author Tom Swinkels
* @version v1.0 last edit on 26-02-2012
*/
class LoginAction
{
private $_userMapper;
private $_sessionMapper;
public function __construct(UserMapper $userMapper, $sessionMapper)
{
$this->_userMapper = $userMapper;
$this->_sessionMapper = $sessionMapper;
}
public function execute(Request $request)
{
$errors = array();
if(isset($request->postData['submit']))
{
/** Form are submit **/
$user = $this->_userMapper->login($request->postData['user_name'], $request->postData['user_password']);
if($user != null)
{
/** Make new session **/
$session = new Session('user', $user);
$this->_sessionMapper->save($session);
$this->_sessionMapper->saveCookie($session);
/** Redirect user to an page **/
//header("location:" . SITE_PATH);
return $user;
}
else
{
$errors[] = 'Login gegevens kloppen niet';
return $errors[0];
}
}
}
}
?>
Session.class.php
<?php
/**
* Session klasse
*
* @author Tom Swinkels
* @version v1.0 last edit on 26-02-2012
*/
class Session
{
private $_name;
private $_data;
private $_timestamp;
private $_hash;
public function __construct($name, $data)
{
$this->generateHash();
$this->_name = $name;
$this->_data = $data;
$this->_timestamp = time();
}
public function generateHash()
{
$this->_hash = hash("sha512", time() . uniqid() . session_id());
}
public function getData()
{
return array('name' => $this->_name,
'hash' => $this->_hash,
'data' => $this->_data,
'timestamp' => $this->_timestamp);
}
}
?>
SessionMapper.class.php
<?php
/**
* SessionMapper klasse
*
* @author Tom Swinkels
* @version v1.0 last edit on 26-02-2012
*/
class SessionMapper
{
private $_db;
private $_cookieData;
const COOKIE_NAME = 'SESSION_ID';
public function __construct(PDO $db, array $cookieData)
{
$this->_db = $db;
$this->_cookieData = $cookieData;
}
public function getSession($name)
{
$resultWebs = $this->_db->prepare("SELECT
webs_id,
webs_name,
webs_data
FROM
web_session
WHERE
webs_hash = ?
AND
webs_name = ?
");
$resultWebs->execute(array($this->getSessionId(),
$name));
$listWebs = $resultWebs->fetch(PDO::FETCH_ASSOC);
$session = new Session($name, unserialize($listWebs['webs_data']));
return $session;
}
public function getSessionId()
{
return $this->_cookieData[self::COOKIE_NAME];
}
public function save(Session $session)
{
/** Get the session data **/
$dataArray = $session->getData();
$resultUsrs = $this->_db->prepare("INSERT INTO
web_session
SET
webs_date_add = NOW(),
webs_name = ?,
webs_hash = ?,
webs_data = ?,
webs_timestamp = ?
");
$resultUsrs->execute(array($dataArray['name'],
$dataArray['hash'],
serialize($dataArray['data']),
$dataArray['timestamp']));
}
public function saveCookie(Session $session)
{
/** Get the session data **/
$dataArray = $session->getData();
setcookie(self::COOKIE_NAME, $dataArray['hash'], strtotime("+20 years"));
}
}
?>
