0
I’m creating my own mvc php to acquire more knowledge.
But I’m running into something very strange, I miss the $_SESSION of a view to another view.
a. php ----- view a.php
<?php
session_start();
$_SESSION['teste'] = 'Funcionou';
echo $_SESSION['teste'];
?>
b. php ----- view b.php
<?php
session_start();
echo $_SESSION['teste'];
// Notice: Undefined variable: _SESSION in
var_dump($_SESSION);
// Notice: Undefined variable: _SESSION in NULL
?>
My Class of Session
<?php
namespace Sis\Classes;
use App\Model\ClassLogin;
use Sis\Traits\TraitGetIp;
class ClassSession {
private $login;
private $timeSession = 1200;
private $timeCanary = 300;
public function __construct(){
if(session_id() == ''){
ini_set("session.save_handler", "files"); //Cabeçalhos somente atraves de arquivos
ini_set("session.use_cookies", 1); //Habilita o uso de cookies
ini_set("session.use_only_cookies", 1); //Só pode habilitar a seção atraves de coockies
ini_set("session.cookie_domain", DOMAIN); //Só aceita coockies vindo do nosso sistema
ini_set("session.cookie_httponly", 1); //Só aceita script php e não deixa o javascript alterar o sistema
if(DOMAIN != "localhost"){
ini_set("session.cookie_secure", 1); //Para trabalhar com o SSL do servidor ativo
}
/*Criptografia das nossas sessions*/
ini_set("session.entropy_length", 512); //
ini_set("session.entropy_file","/dev/urandom");
ini_set("session.hash_function", "sha256");
ini_set("session.hash_bits_per_character", 5);
session_start();
}
$this->login = new ClassLogin();
}
#Proteger contra roubo de sessão
public function setSessionCanary($par=null){
session_regenerate_id(true);
if($par == null){
$_SESSION['canary']=[
"birth" => time(),
"IP" => TraitGetIp::getUserIp() //Pega o ip do usuario
];
}else{
$_SESSION['canary']['birth']=time();
}
}
#Verificar a integridade da sessão
public function verifyIdSessions(){
if(!isset($_SESSION['canary'])){
$this->setSessionCanary();
}
if($_SESSION['canary']['IP'] !== TraitGetIp::getUserIp()){
$this->destructSessions();
$this->setSessionCanary();
}
if($_SESSION['canary']['birth'] < time() - $this->timeCanary){
$this->setSessionCanary("Time");
}
}
#Setar as sessões do nosso sistema
public function setSessions($Email){
$this->verifyIdSessions();
$_SESSION['Login'] = true;
$_SESSION['Time'] = time();
$_SESSION['Nome'] = $this->login->getIssetSession($Email)['data']['Nome'];
$_SESSION['Email'] = $this->login->getIssetSession($Email)['data']['Email'];
$_SESSION['Permissoes'] = $this->login->getIssetSession($Email)['data']['Permissoes'];
}
#Validar as páginas internas do sistema
public function verifyInsideSession(){
$this->verifyIdSessions();
if(!isset($_SESSION['Login']) || !isset($_SESSION['Permissoes']) || !isset($_SESSION['canary'])){
$this->destructSessions();
header("Location: ".DIRPAGE."NaoAutorizado");
}else{
if($_SESSION['Time'] >= time() - $this->timeSession){
$_SESSION['Time']=time();
}else{
$this->destructSessions();
header("Location: ".DIRPAGE."NaoAutorizado");
}
}
}
#Destruir as sessions existentes
public function destructSessions(){
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
}
#testar
public function testarSessions(){
echo 'oiiiiiiiiiiiiiiiiiiiiiiooooooooooo';
}
}
Is that exactly the code? These files run directly from the browser?
– Woss
Hi Anderson I have the controller structure strange if I call everything on the login screen works, more if I send to Adm view after logging it loses the Session
– jonas
Then there should be more influencing things. Try to simplify the question how everything works, routes, controllers, views, etc by seeking to make a [mcve].
– Woss
So that’s right everything works the routes everything ok ...... I will edit and put my class of Ssion
– jonas
Hi Anderson added my class
– jonas
Run directly in the browser...
– jonas