Login   Register  
PHP Classes

File: config.DB_eSession.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Lawrence Osiris  >  DB eSession  >  config.DB_eSession.php  >  Download  
File: config.DB_eSession.php
Role: Configuration script
Content type: text/plain
Description: Configuration file used to pass parameters to class
Class: DB eSession
MySQL based session management
Author: By
Last change:
Date: 2004-05-06 17:04
Size: 16,618 bytes


Class file image Download
<?PHP //Make sure there are no whitespaces before '<' on this line.
// +----------------------------------------------------------------------+
// | DB_eSession, Copyright (c) 2004 Lawrence Osiris, All Rights Reserved |
// +----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation; either version 2 of the License, or    |
// | (at your option) any later version. Read the full included license.  |
// |                                                                      |
// | This configuration file is optional for the DB_eSession class but    |
// | probably needed (and recommended).                                   |
// |                                                                      |
// | All the parameter settings here are set to the same defaults the     |
// | DB_eSession class would set them to (when not specified here).       |
// +----------------------------------------------------------------------+

$sess_param = array();

 * Set the path and filename of the file containing the errors array constants.
 * You can use relative (recommended) or absolute file paths. For security,
 * specify a filename without the '.php' because the class will automatically
 * add '.php' to the end. i.e. If you specify 'errors.php' the class will try
 * to locate a file called 'errors.php.php'. So, just specify 'errors'. The
 * default path is the current directory (where your script is running from),
 * but recommend to put the errors file off the web directory along with the
 * class.DB_eSession.php file.
$sess_param['errors_path'] = './';
$sess_param['errors_file'] = 'errors.DB_eSession';

 * Set the default and current language codes for displaying error and
 * warning messages. Default is 'en' for English.
$sess_param['default_lang'] = 'en';

// i.e: Gets 'en' out of 'en-us...' possible value, otherwise assigns 'en'.
$sess_param['current_lang'] = IsSet($_SERVER['HTTP_ACCEPT_LANGUAGE']) ?
                       substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : 'en';

 * To have the class initiate a session_start(). You may want to turn
 * it off when using the maintenance type of member functions. A database
 * connection will still be opened, but you will have to initiate the
 * session_start() from within your script.
$sess_param['session_start'] = TRUE;

 * Set $sess_param['stop_on_error'] = FALSE to not have the class
 * stop execution upon an error. Default is to stop (TRUE).
 * This can be turned on and off at any time by using stopOnErrors()
 * or endStopOnErrors().
$sess_param['stop_on_error'] = TRUE;

 * Set the font color and size for error messages (any valid HTML syntax)
$sess_param['error_color'] = 'RED';
$sess_param['error_size']  = '+0';

 * Set $sess_param['stop_on_warn'] = TRUE to have the class
 * stop execution upon a warning. Default is not to stop (FALSE).
 * This can be turned on and off at any time by using stopOnWarnings()
 * or endStopOnWarnings().
$sess_param['stop_on_warn'] = FALSE;

 * Set the font color and size for warning messages (any valid HTML syntax)
$sess_param['warn_color'] = 'BLUE';
$sess_param['warn_size']  = '+0';

 * Set to TRUE to display SQL syntax and other values when displaying
 * errors or warning messages encountered. Default is FALSE for security
 * purposes. Turn on mostly when in development or testing your site,
 * but remember to turn it off for a production ready site.
$sess_param['detail_err_msgs'] = FALSE;

 * Set $sess_param['buffer'] = TRUE to have the class
 * execute the ob_start() command to start buffering the output.
 * You may want to use if you can't resolve the 'headers already sent'
 * warning message generated by PHP or the class. The ob_end_flush()
 * is called implicitly at the end of your script. It flushes out the
 * contents of the buffer to the browser, and destroys the current
 * output buffer. The default is not to execute ob_start() (FALSE).
$sess_param['buffer'] = FALSE;

 * Set any arbitrary value for MD5 hashing keys. Don't make too long.
$sess_param['key_prefix'] = 'O9R^3mp#i|34';
$sess_param['key_suffix'] = '+t97!u0K-2L5';

 * A password used to pass to the delete all session/lock functions as a way
 * to confirm the intent of modifying all rows in the sessions table.
$sess_param['confirm_pswd'] = '!*CONFIRMED*!';

 * Whether or not to encrypt/decrypt the whole session data. The other built-in
 * encrypt/decrypt functions are used if no mcrypt library is installed.
$sess_param['encrypt'] = FALSE;

 * The key used to encrypt/decrypt individual field data or the whole
 * session data. Keep this key a secret (keep this config file off the web
 * directory). Use readable characters and make at least 62 characters long.
 * The key default specified is made up of single UNIQUE characters of:
 *           "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
 *Ruler-Tens:          1         2         3         4         5         6
 *Ruler-Ones: 12345678901234567890123456789012345678901234567890123456789012
$sess_param['encrypt_key'] =
                  // /\--- EACH CHARACTER MUST BE UNIQUE. NO DUPS ---/\

 * Assign these fields if you have libmcrypt installed. Otherwise, just ignore
 * these fields. For algorithm/cipher, set to one that supports up to 256 bits
 * (32 byte) keys. Important: If you have ver 2.2.x installed, then make sure
 * you select a cipher that will be supported by a newer version as well.
 * For the encryption mode, this class only supports ECB, CBC, CFB, or OFB.
 * Cipher default is MCRYPT_GOST, and encryption mode is: MCRYPT_MODE_CFB
 * Once set, do not change often (or at least don't change while sessions active
 * or you have session rows still in the table, otherwise decryption will fail).
$sess_param['encrypt_cipher'] = (defined('MCRYPT_GOST')) ? MCRYPT_GOST : NULL;
$sess_param['encrypt_mode']   = (defined('MCRYPT_MODE_CFB')) ?
                                          MCRYPT_MODE_CFB    : NULL;

 * When set to TRUE, locked session rows will be deleted right
 * away, regardless of their current expiry or timeout settings when
 * the Garbage Collection cleanup/delete function is invoked.
$sess_param['gc_del_locked'] = FALSE;

 * Database related variables with assigned default values.
 * Assign these necessary fields to allow connection to your database.
 * Remember to give 'sess_user' access privileges to 'db_esessions'.
 * Make sure the password is correct (sess1234 is the default).
$sess_param['db_host'] = 'localhost';       // Your host name

$sess_param['db_user'] = 'sess_user';       // Your user name assigned

$sess_param['db_pswd'] = 'sess1234';        // Your assigned password

$sess_param['db_name'] = 'db_esessions';    // Your database name

 * MySQL database connection type; Normal or persistent.
 * The default is for a normal connection (FALSE).
$sess_param['db_persistent'] = FALSE;

 * Optionally supply a database resource link. The class will NOT
 * attempt to connect to MySQL and use the link you provide instead.
 * This overrides the 'db_persistent' option above.
 * The default is NULL (to force the class to make a MySQL connection).
$sess_param['db_resource'] = NULL;

  * Table related variables with assigned default values.
  * Assign these necessary fields to allow connection to the 'sessions'
  * table. Specify what each column name is defined as in the table.
$sess_param['tb_name']    = 'eSessions';        // Session table name

$sess_param['tb_id_col']  = 'sess_id';          // Session ID key column name

$sess_param['tb_sl_col']  = 'sess_sec_level';   // Security level column name

$sess_param['tb_cr_col']  = 'sess_created';     // Session created column name

$sess_param['tb_ex_col']  = 'sess_expiry';      // Expiry column name

$sess_param['tb_to_col']  = 'sess_timeout';     // Session timeout column name

$sess_param['tb_lk_col']  = 'sess_locked';      // Session locked column name

$sess_param['tb_vl_col']  = 'sess_value';       // Session data column name

$sess_param['tb_iv_col']  = 'sess_enc_iv';      // Session encrypt IV col. name

$sess_param['tb_si_col']  = 'sess_sec_id';      // Session security ID column

$sess_param['tb_tr_col']  = 'sess_trace';       // Session trace column name

 * Security Level: A numerical method to represent access authority for
 * current session/web page. The lower the number means the higher the
 * security clearance. In other words, security level 5 can only access
 * all level 5 or higher session/web pages, and nothing lower than 5.
 * Range 0-255. The default is 128. For administration or sensitive pages
 * use 0 (zero) or 1 (one) as a value. For example: Set a member area page to
 * 10, and an employee area page to 5. The employees will be able to access
 * their own area, plus the members area. The members will be able to access
 * their own area, but not the employee area because the security level number
 * required to access the employee area is lower. Members can only access any
 * session/web pages with security level number of 10 or higher.
 * Remember, a security level can't be changed after a session has been
 * created. So, the first time the session is created with a set security
 * level, it dictates the access authority for the rest of that active session.
$sess_param['security_level'] = 128;             // Range 0-255

 * Set $sess_param['new_sid'] = TRUE to force a new session ID to be created.
 * Default is FALSE. Takes effect before a session_start().
 * This can be set TRUE without setting $_param['sess_id'], in which case,
 * a session ID will be automatically generated by the class/PHP.
$sess_param['new_sid'] = FALSE;

 * Optionally set $sess_param['sess_id'] to a valid session ID you created.
 * Works in conjunction with $sess_param['new_sid'], which must be set to TRUE.
 * The default is NULL (no custom session ID specified).
$sess_param['sess_id'] = NULL;

 * Set $sess_param['sess_id_len'] to be the length of the session ID.
 * Defaults to PHP's 32 character session ID. Highly recommended to keep at 32.
$sess_param['sess_id_len'] = 32;

 * There is a form bug in IE v6 while using PHP sessions which causes
 * the loss of filled-in information when returning to the form, after
 * already leaving the form page (by any means). A work around is to use
 * the HTTP 1.1 header "Cache-Control: private".
 * Set $sess_param['ie_fix'] = TRUE (default) to send a header output to
 * fix the IE bug.
$sess_param['ie_fix'] = TRUE;

 * Set TRUE to force addslashes() to occur on session data regardless
 * of the magic quotes GPC option setting. Default is on (TRUE).
 * If you find that data has slashes incorrectly, then turn this off.
$sess_param['slash_anyway'] = TRUE;

 * Set TRUE to force stripslashes() to occur on encrypted session data
 * regardless of the magic quotes GPC option setting. The default
 * is on (TRUE). If you find that data is saved incorrectly, then
 * turn this off.
$sess_param['strip_anyway'] = TRUE;

 * Session Runtime Configurations. See:
 * http://us2.php.net/manual/en/ref.session.php
 * Not all can be set or take effect outside of the php.ini
 * configuration file. Some options can be set at runtime without
 * an error produced, but have no effect. i.e. session.auto_start
 * All session options are used here in case there is future support
 * to make option take effect at runtime. i.e. session.use_trans_sid
 * Uncomment and assign the values you need set. Don't add 'session.' to key.
$sess_param['save_path'] = 'db_esessions';      // Set to name of database

 * For security reasons, it's recommended you use a different session name than
 * PHP's default of PHPSESSID. Once set, don't change it for the life of the
 * session. Defaults to eSESSION.
$sess_param['name'] = 'eSESSION';               // Assign your own session name

 * Let $sess_param['save_handler'] be set to the default of 'user'. Do not try
 * to change it here.

//$sess_param['auto_start'] = '1';                // 1 = auto start, 0 = off

 * PHP's garbage collection default is 1. It's recommended you use at least 10.
//$sess_param['gc_probability'] = 10;             // Garbage Collection

//$sess_param['gc_divisor'] = 100;

//$sess_param['gc_maxlifetime'] = 1440;

 * As a security feature, there's an absolute session life timeout.
 * This helps in reducing the risk of session hijacking for extend periods of
 * time. It is recommend that you don't set this value too high.
//$sess_param['timeout'] = $sess_param['gc_maxlifetime'] * 3;

//$sess_param['serialize_handler'] = 'php';

 * cookie_lifetime specifies the lifetime of the cookie in seconds which is sent
 * to the browser. The value 0 means "until the browser is closed." Defaults to
 * 0 (zero).
//$sess_param['cookie_lifetime'] = 0;

//$sess_param['cookie_path'] = '/';

//$sess_param['cookie_domain'] = '';

//$sess_param['cookie_secure'] = '0';

//$sess_param['use_cookies'] = 1;

//$sess_param['use_only_cookies'] = 0;      // For PHP version >= 4.3.0

//$sess_param['referer_check'] = '';

//$sess_param['entropy_file'] = '';

//$sess_param['entropy_length'] = 0;

//$sess_param['cache_limiter'] = 'nocache';

//$sess_param['cache_expire'] = 180;        // For PHP version >= 4.2.0

//$sess_param['bug_compat_42'] = 1;

//$sess_param['bug_compat_warn'] = 1;

//$sess_param['use_trans_sid'] = 1;

//$sess_param['hash_function'] = 0;

//$sess_param['hash_bits_per_character'] = 4;

 * Support for url_rewriter.tags option since it relates to sessions.
 * Example: Like you might want to add the iframe=src to it, as in:
 * a=href,area=href,frame=src,iframe=src,form=,fieldset=,input=src
//$sess_param['tags'] = 'a=href,area=href,frame=src,iframe=src,form=,fieldset=,input=src';

 * These defined constants are optional and can be removed. They are here to
 * help facilitate your coding when invoking class methods/functions.
define('LOCK_SESS', TRUE);        // For: changeSessLock(), changeAllSessLocks()
define('UNLOCK_SESS', FALSE);     // For: changeSessLock(), changeAllSessLocks()

define('FULL_EXP', TRUE);         // For: getSessInfo()
define('HALF_EXP', FALSE);        // For: getSessInfo()

define('ASCENDING', TRUE);        // For: getAllSessInfo()
define('DESCENDING', FALSE);      // For: getAllSessInfo()

define('KEEP_OPEN', TRUE);        // For: sessEncrypt(), sessDecrypt()
define('KEEP_CLOSED', FALSE);     // For: sessEncrypt(), sessDecrypt()

define('SHOW_MIN', TRUE);         // For: getSessLife(), getSessTimeout()
define('SHOW_SEC', FALSE);        // For: getSessLife(), getSessTimeout()

define('ENCRYPT_VALUE', TRUE);    // For: setSessVar()
define('DONT_ENCRYPT', FALSE);    // For: setSessVar()
define('EXTRA_FIELD', TRUE);      // For: setSessVar()
define('NO_EXTRA', FALSE);        // For: setSessVar()
define('ENC_SFX', '_enc');        // For: setSessVar(), getSessVar()
define('ENC_IV_SFX', '_enc_iv');  // For: setSessVar(), getSessVar()

define('_BLANK', '_blank');       // For: createLink() - new, unnamed window
define('_SELF', '_self');         // For: createLink() - in the current frame
define('_PARENT', '_parent');     // For: createLink() - FRAMESET parent frame
define('_TOP', '_top');           // For: createLink() - full, unframed window
define('ADD_SESS', TRUE);         // For: createLink()
define('NO_SESS', FALSE);         // For: createLink()

define('ADD_LINK', TRUE);         // For: getSiteWarn()
define('NO_LINK', FALSE);         // For: getSiteWarn()

// Make sure there are no whitespaces after the '>' character on the last line.