lib/class/core.class.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

<?php
/*

 Copyright (c) Ampache.org
 All rights reserved.

 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License v2
 as published by the Free Software Foundation.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

*/

/**
 * Core
 * This is really just a namespace class, it's full of static functions
 * would be replaced by a namespace library once that exists in php
 */
class Core {

	/**
	 * constructor
	 * This doesn't do anything
	 */
	private function __construct() { 

		return false; 

	} // construction

	/**
	 * form_register
	 * This registers a form with a SID, inserts it into the session variables
	 * and then returns a string for use in the HTML form
	 */
	public static function form_register($name) { 

		// Make ourselves a nice little sid
		$sid =  md5(uniqid(rand(), true));

		// Register it
		$_SESSION['forms'][$name] = array('sid'=>$sid,'expire'=>time() + Config::get('session_length')); 

		$string = '<input type="hidden" name="form_validation" value="' . $sid . '" />'; 

		return $string; 

	} // form_register

	/**
	 * form_verify
	 * This takes a form name and then compares it with the posted sid, if they don't match
	 * then it returns false and doesn't let the person continue
	 */
	public static function form_verify($name,$method='post') { 

		switch ($method) { 
			case 'post': 
				$source = $_POST['form_validation']; 
			break; 
			case 'get': 
				$source = $_GET['form_validation'];
			break; 
			case 'cookie': 
				$source = $_COOKIE['form_validation']; 
			break; 
			case 'request': 
				$source = $_REQUEST['form_validation']; 
			break; 
		} 

		if ($source == $_SESSION['forms'][$name]['sid'] AND $_SESSION['forms'][$name]['expire'] > time()) { 
			unset($_SESSION['forms'][$name]); 
			return true; 
		} 

		unset($_SESSION['forms'][$name]); 
		return false; 

	} // form_verify

} // Core
?>