/**
* Instantiate class
* @param $db object
* @param $table string
* @param $force bool
* @param $onsuspect callback
**/
function __construct(\DB\SQL $db, $table = 'sessions', $force = TRUE, $onsuspect = NULL)
{
if ($force) {
$eol = "\n";
$tab = "\t";
$db->exec((preg_match('/mssql|sqlsrv|sybase/', $db->driver()) ? 'IF NOT EXISTS (SELECT * FROM sysobjects WHERE ' . 'name=' . $db->quote($table) . ' AND xtype=\'U\') ' . 'CREATE TABLE dbo.' : 'CREATE TABLE IF NOT EXISTS ' . (($name = $db->name()) && $db->driver() != 'pgsql' ? $name . '.' : '')) . $table . ' (' . $eol . $tab . $db->quotekey('session_id') . ' VARCHAR(40),' . $eol . $tab . $db->quotekey('data') . ' TEXT,' . $eol . $tab . $db->quotekey('csrf') . ' TEXT,' . $eol . $tab . $db->quotekey('ip') . ' VARCHAR(40),' . $eol . $tab . $db->quotekey('agent') . ' VARCHAR(255),' . $eol . $tab . $db->quotekey('stamp') . ' INTEGER,' . $eol . $tab . 'PRIMARY KEY (' . $db->quotekey('session_id') . ')' . $eol . ');');
}
parent::__construct($db, $table);
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'cleanup'));
register_shutdown_function('session_commit');
@session_start();
$fw = \Base::instance();
$headers = $fw->get('HEADERS');
if (($ip = $this->ip()) && $ip != $fw->get('IP') || ($agent = $this->agent()) && (!isset($headers['User-Agent']) || $agent != $headers['User-Agent'])) {
if (isset($onsuspect)) {
$fw->call($onsuspect, array($this));
} else {
session_destroy();
$fw->error(403);
}
}
$csrf = $fw->hash($fw->get('ROOT') . $fw->get('BASE')) . '.' . $fw->hash(mt_rand());
if ($this->load(array('session_id=?', $this->sid = session_id()))) {
$this->set('csrf', $csrf);
$this->save();
}
}