1: <?php
2: require_once("Conf.class.php");
3: require_once("Db.class.php");
4:
5: class Sesion {
6: 7: 8: 9:
10: private static $instance;
11:
12: 13: 14: 15: 16:
17: public $arr_permiso;
18:
19:
20: private function __construct($id_user=null) {
21: session_start ();
22: if($id_user){
23: $this->id_user = $id_user;
24: $this->arr_permiso = $this->sync_remote(null,$id_user);
25: }
26: else{
27: $this->id_user = $this->get("id_per");
28: $this->arr_permiso = $this->sync_remote(null,$this->id_user);
29: }
30:
31: }
32:
33: 34: 35: 36:
37: public function set($nombre, $valor) {
38: $_SESSION [$nombre] = $valor;
39: }
40:
41: 42: 43: 44: 45:
46: public static function get($nombre) {
47: if (isset ( $_SESSION [$nombre] )) {
48: return $_SESSION [$nombre];
49: } else {
50: return false;
51: }
52: }
53:
54:
55: private function __clone(){ }
56:
57: private function __wakeup(){ }
58:
59: 60: 61: 62: 63:
64: public static function getInstance($id_user=null){
65: if (!(self::$instance instanceof self)){
66: self::$instance=new self(self::get("id_per"));
67: }
68: else{
69: if($id_user){
70: self::sync_remote(null,self::get("id_per"));
71: }
72: }
73: return self::$instance;
74: }
75:
76: public function validar_acceso($url_origen='', $url_destino='')
77: {
78: $url_origen = (empty($url_origen)) ? 'http://funsepa.net/edu?' : $url_origen.'?';
79: $url_origen .= (empty($url_destino)) ? 'destino='.$url_destino : '';
80:
81: if(!($this->get('id_user'))){
82: header( 'Location: '.$url_origen );
83: }
84: else{
85: return false;
86: }
87: }
88:
89: public function elimina_variable($nombre) {
90: unset ( $_SESSION [$nombre] );
91: }
92:
93: public function termina_sesion() {
94: $_SESSION = array();
95: session_destroy ();
96: return true;
97: }
98:
99: public function mostrar_permisos($id_fun=null, $id_user=null)
100: {
101: if($id_user==null){
102: $this->arr_permiso["id_user"] = $this->get("id_per");
103: return $id_fun == null ? $this->arr_permiso : ($this->arr_permiso[$id_fun]);
104: }
105: else{
106: $respuesta = $this->sync_remote($id_fun, $id_user);
107: return $respuesta[$id_fun];
108: }
109: }
110:
111: public function has($id_fun, $mask, $id_user=null)
112: {
113: if($id_user==null){
114: return $this->arr_permiso[$id_fun] & $mask;
115: }
116: else{
117: $temp = $this->sync_remote($id_fun, $id_user);
118: return $temp[$id_fun] & $mask;
119: }
120: }
121:
122: public function give($id_fun, $mask, $id_user=null)
123: {
124: if($id_user==null){
125: $this->arr_permiso[$id_fun] |= $mask;
126: $this->sync_local($id_fun, $this->id_user, $mask);
127: return ($this->arr_permiso[$id_fun]);
128: }
129: else{
130: $perm = $this->sync_remote($id_fun, $id_user);
131: $this->sync_local($id_fun, $id_user, $perm[$id_fun] | $mask);
132: }
133: }
134: public function take($id_fun, $mask, $id_user=null)
135: {
136: if($id_user==null){
137: $this->arr_permiso[$id_fun] &= ~$mask;
138: $this->sync_local($id_fun, $this->id_user, $mask);
139: return ($this->arr_permiso[$id_fun]);
140: }
141: else{
142: $perm = $this->sync_remote($id_fun, $id_user);
143: $this->sync_local($id_fun, $id_user, $perm[$id_fun] & ~$mask);
144: }
145: }
146:
147: public function sync_remote($id_fun=null, $id_user=null){
148:
149: $bd = Db::getInstance();
150: 151: 152: 153: 154: 155: 156:
157: if($id_user==null || empty($id_user) || (!$id_user)){
158: $id_user = $this->get("id_per");
159: }
160: if(!empty($id_user)){
161:
162: $query = "SELECT * FROM aut_permiso where id_user=".$id_user." ";
163: if($id_fun){
164: $query .= " and id_area=".$id_fun;
165: }
166: $stmt = $bd->ejecutar($query);
167: while ($perm = $bd->obtener_fila($stmt, 0)) {
168: $arr_temp[$perm["id_area"]] = $perm["permiso"];
169: }
170: return $arr_temp;
171: }
172: }
173:
174: private function sync_local($id_fun=null, $id_user=null, $permiso_in=null)
175: {
176: 177: 178: 179:
180: $this->bd = Db::getInstance();
181: if($id_fun!==null){
182: if($id_user==null){
183: $id_user = $this->id_user;
184: $permiso_in = $this->arr_permiso[$id_fun];
185: }
186: $query_select = "SELECT _id FROM aut_permiso where id_user=".$id_user." and id_area=".$id_fun;
187: $stmt_select = $this->bd->ejecutar($query_select);
188: if($select = $this->bd->obtener_fila($stmt_select, 0)){
189: $query = "UPDATE aut_permiso SET permiso=".$permiso_in." where id=".$select["id"];
190: $stmt = $this->bd->ejecutar($query);
191: }
192: else{
193: $query = "INSERT INTO aut_permiso (id_user, id_area, permiso) VALUES ('".$id_user."', '".$id_fun."', '".$permiso_in."')";
194: $stmt = $this->bd->ejecutar($query);
195: }
196: }
197: else{
198: foreach ($this->arr_permiso as $key => $permiso) {
199: $query_select = "SELECT _id FROM aut_permiso where id_user=".$this->id_user." and id_area=".$key;
200: $stmt_select = $this->bd->ejecutar($query_select);
201: if($select = $this->bd->obtener_fila($stmt_select, 0)){
202: $query = "UPDATE aut_permiso SET permiso=".$permiso." where id=".$select["id"];
203: $stmt = $this->bd->ejecutar($query);
204: }
205: else{
206: $query = "INSERT INTO aut_permiso (id_user, id_area, permiso) VALUES ('".$this->id_user."', '".$key."', '".$permiso."')";
207: $stmt = $this->bd->ejecutar($query);
208: }
209: }
210: }
211: }
212: }
213: ?>