source: trunk/include/functions_session.inc.php @ 2299

Last change on this file since 2299 was 2299, checked in by plg, 16 years ago

Bug fixed: as rvelices notified me by email, my header replacement script was
bugged (r2297 was repeating new and old header).

By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 6.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// The function generate_key creates a string with pseudo random characters.
25// the size of the string depends on the $conf['session_id_size'].
26// Characters used are a-z A-Z and numerical values. Examples :
27//                    "Er4Tgh6", "Rrp08P", "54gj"
28// input  : none (using global variable)
29// output : $key
30function generate_key($size)
31{
32  global $conf;
33
34  $md5 = md5(substr(microtime(), 2, 6));
35  $init = '';
36  for ( $i = 0; $i < strlen( $md5 ); $i++ )
37  {
38    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
39  }
40  $init = substr( $init, 0, 8 );
41  mt_srand( $init );
42  $key = '';
43  for ( $i = 0; $i < $size; $i++ )
44  {
45    $c = mt_rand( 0, 2 );
46    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
47    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
48    else                $key .= mt_rand( 0, 9 );
49  }
50  return $key;
51}
52
53if (isset($conf['session_save_handler'])
54  and ($conf['session_save_handler'] == 'db')
55  and defined('PHPWG_INSTALLED'))
56{
57  session_set_save_handler('pwg_session_open',
58    'pwg_session_close',
59    'pwg_session_read',
60    'pwg_session_write',
61    'pwg_session_destroy',
62    'pwg_session_gc'
63  );
64  if ( function_exists('ini_set') )
65  {
66    ini_set('session.use_cookies', $conf['session_use_cookies']);
67    ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
68    ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
69  }
70  session_name($conf['session_name']);
71  session_set_cookie_params(0, cookie_path());
72}
73
74/**
75 * returns true; used when the session_start() function is called
76 *
77 * @params not use but useful for php engine
78 */
79function pwg_session_open($path, $name)
80{
81  return true;
82}
83
84/**
85 * returns true; used when the session is closed (unset($_SESSION))
86 *
87 */
88function pwg_session_close()
89{
90  return true;
91}
92
93/**
94 * this function returns
95 * a string corresponding to the value of the variable save in the session
96 * or an empty string when the variable doesn't exist
97 *
98 * @param string session id
99 */
100function pwg_session_read($session_id)
101{
102  $query = '
103SELECT data
104  FROM '.SESSIONS_TABLE.'
105  WHERE id = \''.$session_id.'\'
106;';
107  $result = pwg_query($query);
108  if ($result)
109  {
110    $row = mysql_fetch_assoc($result);
111    return $row['data'];
112  }
113  else
114  {
115    return '';
116  }
117}
118
119/**
120 * returns true; writes set a variable in the active session
121 *
122 * @param string session id
123 * @data string value of date to be saved
124 */
125function pwg_session_write($session_id, $data)
126{
127  $query = '
128UPDATE '.SESSIONS_TABLE.'
129  SET expiration = now(),
130  data = \''.$data.'\'
131  WHERE id = \''.$session_id.'\'
132;';
133  pwg_query($query);
134  if ( mysql_affected_rows()>0 )
135  {
136    return true;
137  }
138  $query = '
139INSERT INTO '.SESSIONS_TABLE.'
140  (id,data,expiration)
141  VALUES(\''.$session_id.'\',\''.$data.'\',now())
142;';
143  mysql_query($query);
144  return true;
145}
146
147/**
148 * returns true; delete the active session
149 *
150 * @param string session id
151 */
152function pwg_session_destroy($session_id)
153{
154  $query = '
155DELETE
156  FROM '.SESSIONS_TABLE.'
157  WHERE id = \''.$session_id.'\'
158;';
159  pwg_query($query);
160  return true;
161}
162
163/**
164 * returns true; delete expired sessions
165 * called each time a session is closed.
166 */
167function pwg_session_gc()
168{
169  global $conf;
170
171  $query = '
172DELETE
173  FROM '.SESSIONS_TABLE.'
174  WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > '
175  .$conf['session_length'].'
176;';
177  pwg_query($query);
178  return true;
179}
180
181
182/**
183 * persistently stores a variable for the current session
184 * currently we use standard php sessions but it might change
185 * @return boolean true on success
186 * @see pwg_get_session_var, pwg_unset_session_var
187 */
188function pwg_set_session_var($var, $value)
189{
190  if ( !isset($_SESSION) )
191    return false;
192  $_SESSION['pwg_'.$var] = $value;
193  return true;
194}
195
196/**
197 * retrieves the value of a persistent variable for the current session
198 * currently we use standard php sessions but it might change
199 * @return mixed
200 * @see pwg_set_session_var, pwg_unset_session_var
201 */
202function pwg_get_session_var($var, $default = null)
203{
204  if (isset( $_SESSION['pwg_'.$var] ) )
205  {
206    return $_SESSION['pwg_'.$var];
207  }
208  return $default;
209}
210
211/**
212 * deletes a persistent variable for the current session
213 * currently we use standard php sessions but it might change
214 * @return boolean true on success
215 * @see pwg_set_session_var, pwg_get_session_var
216 */
217function pwg_unset_session_var($var)
218{
219  if ( !isset($_SESSION) )
220    return false;
221  unset( $_SESSION['pwg_'.$var] );
222  return true;
223}
224
225?>
Note: See TracBrowser for help on using the repository browser.