SessionHandler - Code Metrics - kkumar326/CSRF-XSRF - Measure and Improve Code Quality continuously with Scrutinizer

SessionHandler A
last analyzed 2019-02-14 09:43 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	106
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	23
dl	0
loc	106
rs	10
c	0
b	0
f	0
wmc	9

5 Methods

Rating	Name	Size	Complexity
A	unsetSession()	14	3
A	getSessionValue()	5	1
A	checkSessionStatus()	11	2
A	isSessionValueSet()	10	2
A	setSessionValue()	13	1

<?php
namespace ScienceHook\Security\CSRF\Dependency\SessionHandler;

use ScienceHook\Security\CSRF\Exception as Issues;

/**
 * Class SessionHandler
 *
 * @package ScienceHook\Security\Dependency\SessionHandler
 * @author Kshitij Kumar
 */
class SessionHandler
{
    /**
     * Checks whether SESSION is active or not
     *
     * @return object
     * @throws Issues\SessionNotActiveException
     */
    private function &checkSessionStatus(): object
    {
        // If SESSION is not active throw Exception
        if (session_status() !== PHP_SESSION_ACTIVE) {
            throw new Issues\SessionNotActiveException(
                'Session is not active. Please run session_start()
                on top of your file.'
            );
        }

        return $this;
    }

    /**
     * Checks if SESSION value is set
     *
     * @param  mixed $session_variable Session value to be verified
     * @return bool
     * @throws Issues\SessionValueNotSet
     */
    private function isSessionValueSet($session_variable): bool
    {
        if (!isset($session_variable)) {
            throw new Issues\SessionValueNotSet(
                'Token value is empty. Please refresh your page
                and try submitting form again.'
            );
        }

        return true;
    }

    /**
     * Sets SESSION value
     *
     * @param string $form_name                  Form identifier e.g. name or id
     * @param string $token_prefix               Token Prefix
     * @param string $time_token_prefix          Time Token Prefix
     * @param int $byte_length                   Byte length for random_bytes
     * @throws Issues\SessionNotActiveException
     * @throws \Exception
     * @throws \TypeError
     * @throws \Error
     */
    public function setSessionValue(
        string $form_name,
        string $token_prefix,
        string $time_token_prefix,
        int $byte_length
    ) {
        $this->checkSessionStatus();

        // random_bytes can throw Exceptions or Errors
        $_SESSION[$token_prefix . $form_name] = bin2hex(random_bytes($byte_length));

        // Set current time with the token
        $_SESSION[$time_token_prefix . $form_name] = time();
    }

    /**
     * Returns session value
     *
     * @param string $form_name
     * @param string $prefix
     * @return mixed
     * @throws Issues\SessionNotActiveException
     * @throws Issues\SessionValueNotSet
     */
    public function getSessionValue(string $form_name, string $prefix)
    {
        $this->checkSessionStatus()->isSessionValueSet($_SESSION[$prefix . $form_name]);

        return $_SESSION[$prefix . $form_name];
    }

    /**
     * Unsets both token SESSIONs for the Form
     *
     * @param string $form_name
     * @param string $token_prefix
     * @param string $time_token_prefix
     * @throws Issues\SessionNotActiveException
     * @throws Issues\SessionValueNotSet
     */
    public function unsetSession(
        string $form_name,
        string $token_prefix,
        string $time_token_prefix
    ) {
        // Unsets SESSION if tokens are found
        if ($this->checkSessionStatus()->isSessionValueSet($_SESSION[$token_prefix .
        $form_name])) {
            unset($_SESSION[$token_prefix . $form_name]);
        }

        if ($this->checkSessionStatus()->isSessionValueSet($_SESSION[$time_token_prefix
        . $form_name])) {
            unset($_SESSION[$time_token_prefix . $form_name]);
        }
    }
}


1			<?php
2			namespace ScienceHook\Security\CSRF\Dependency\SessionHandler;
3
4			use ScienceHook\Security\CSRF\Exception as Issues;
5
6			/**
7			* Class SessionHandler
8			*
9			* @package ScienceHook\Security\Dependency\SessionHandler
10			* @author Kshitij Kumar
11			*/
12			class SessionHandler
13			{
14			/**
15			* Checks whether SESSION is active or not
16			*
17			* @return object
18			* @throws Issues\SessionNotActiveException
19			*/
20			private function &checkSessionStatus(): object
21			{
22			// If SESSION is not active throw Exception
23			if (session_status() !== PHP_SESSION_ACTIVE) {
24			throw new Issues\SessionNotActiveException(
25			'Session is not active. Please run session_start()
26			on top of your file.'
27			);
28			}
29
30			return $this;
31			}
32
33			/**
34			* Checks if SESSION value is set
35			*
36			* @param mixed $session_variable Session value to be verified
37			* @return bool
38			* @throws Issues\SessionValueNotSet
39			*/
40			private function isSessionValueSet($session_variable): bool
41			{
42			if (!isset($session_variable)) {
43			throw new Issues\SessionValueNotSet(
44			'Token value is empty. Please refresh your page
45			and try submitting form again.'
46			);
47			}
48
49			return true;
50			}
51
52			/**
53			* Sets SESSION value
54			*
55			* @param string $form_name Form identifier e.g. name or id
56			* @param string $token_prefix Token Prefix
57			* @param string $time_token_prefix Time Token Prefix
58			* @param int $byte_length Byte length for random_bytes
59			* @throws Issues\SessionNotActiveException
60			* @throws \Exception
61			* @throws \TypeError
62			* @throws \Error
63			*/
64			public function setSessionValue(
65			string $form_name,
66			string $token_prefix,
67			string $time_token_prefix,
68			int $byte_length
69			) {
70			$this->checkSessionStatus();
71
72			// random_bytes can throw Exceptions or Errors
73			$_SESSION[$token_prefix . $form_name] = bin2hex(random_bytes($byte_length));
74
75			// Set current time with the token
76			$_SESSION[$time_token_prefix . $form_name] = time();
77			}
78
79			/**
80			* Returns session value
81			*
82			* @param string $form_name
83			* @param string $prefix
84			* @return mixed
85			* @throws Issues\SessionNotActiveException
86			* @throws Issues\SessionValueNotSet
87			*/
88			public function getSessionValue(string $form_name, string $prefix)
89			{
90			$this->checkSessionStatus()->isSessionValueSet($_SESSION[$prefix . $form_name]);
91
92			return $_SESSION[$prefix . $form_name];
93			}
94
95			/**
96			* Unsets both token SESSIONs for the Form
97			*
98			* @param string $form_name
99			* @param string $token_prefix
100			* @param string $time_token_prefix
101			* @throws Issues\SessionNotActiveException
102			* @throws Issues\SessionValueNotSet
103			*/
104			public function unsetSession(
105			string $form_name,
106			string $token_prefix,
107			string $time_token_prefix
108			) {
109			// Unsets SESSION if tokens are found
110			if ($this->checkSessionStatus()->isSessionValueSet($_SESSION[$token_prefix .
111			$form_name])) {
112			unset($_SESSION[$token_prefix . $form_name]);
113			}
114
115			if ($this->checkSessionStatus()->isSessionValueSet($_SESSION[$time_token_prefix
116			. $form_name])) {
117			unset($_SESSION[$time_token_prefix . $form_name]);
118			}
119			}
120			}
121

kkumar326 / CSRF-XSRF

SessionHandler A last analyzed 2019-02-14 09:43 UTC

Complexity

Size/Duplication

Importance

5 Methods

Duplication Side-by-Side

Filter issues like

SessionHandler A
last analyzed 2019-02-14 09:43 UTC