v0.9.8 - minor bugfix in the auth method in the framework library, and some additions for the controller.php in order to handle sessions better.

core/c/auth.php

@@ -44,13 +44,12 @@ class Auth extends Controller implements IAuth
      * @param $password
      * @return bool
      */
-	public function auth( $login, $password )
+    public function auth( $login, $password ): bool
     {
         // TODO: Implement auth($username, $password) method.
         $this->_setPassword($password);
         $this->_setUsername($login);
-
+        if(!array_key_exists('auth', $_SESSION) || $_SESSION['auth'] == null)
-		if(!array_key_exists('auth', $_SESSION))
         {
             $user_password = Pdo::query("SELECT user_account_active, DES_DECRYPT(user_pass, '".Config::getInstance()->getConfig()[IView::NIBIRU_SECURITY]["password_hash"]."') AS pass, user_id FROM user WHERE user_login = '".$login."';");
             if( $user_password["pass"] == $password && $user_password['user_account_active'] == 1 )
@@ -70,6 +69,17 @@ class Auth extends Controller implements IAuth
                 return false;
             }
         }
+        else
+        {
+            if($_SESSION['auth']['login'] == $login)
+            {
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
     }
 
     /**

core/c/controller.php

@@ -219,17 +219,64 @@ class Controller extends View
     /**
      * @param string $param
      * @param bool $params
+     * @param bool $checkForActiveSession
      * @return string|array
      */
-    public function getSession( string $param, bool $params = false )
+    public function getSession( string $param, bool $params = false, bool $checkForActiveSession = false ): string|array
+    {
+        if($checkForActiveSession)
+        {
+            if(session_status() == PHP_SESSION_DISABLED || sizeof($_SESSION) == 0)
+            {
+                return IController::SESSION_DISABLED;
+            }
+            elseif(session_status() == PHP_SESSION_NONE && sizeof($_SESSION) == 0)
+            {
+                return IController::SESSION_DISABLED;
+            }
+            else
+            {
+                return IController::SESSION_ACTIVE;
+            }
+        }
+        else
         {
             if($param!="")
+            {
+                if(session_status() == PHP_SESSION_NONE)
+                {
+                    session_start();
+                }
+                if(session_status() == PHP_SESSION_ACTIVE)
+                {
+                    if (array_key_exists($param, $_SESSION))
+                    {
+                        if($_SESSION[$param] != null)
                         {
                             return $_SESSION[$param];
+                        } else {
+                            return IController::SESSION_KEY_VALUE_NOT_FOUND;
+                        }
+                    } else {
+                        return IController::SESSION_KEY_NOT_FOUND;
+                    }
+                }
+                else
+                {
+                    return IController::SESSION_DISABLED;
+                }
             }
             elseif($params)
+            {
+                if(session_status() == PHP_SESSION_ACTIVE)
                 {
                     return $_SESSION;
                 }
+                else
+                {
+                    return IController::SESSION_DISABLED;
+                }
+            }
+        }
     }
 }

core/i/controller.php

@@ -11,6 +11,10 @@ namespace Nibiru;
 interface IController
 {
     const START_CONTROLLER_NAME = "index";
+    const SESSION_ACTIVE = 'SESSION ACTIVE';
+    const SESSION_DISABLED = 'SESSION DISABLED';
+    const SESSION_KEY_NOT_FOUND = 'KEY NOT FOUND';
+    const SESSION_KEY_VALUE_NOT_FOUND = 'KEY VALUE NOT FOUND';
 
     /**
      * This should be part of any extended controller