source: trunk/include/functions_session.inc.php @ 364

Last change on this file since 364 was 364, checked in by gweltas, 20 years ago

Split of langage files
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// |                       functions_session.inc.php                       |
4// +-----------------------------------------------------------------------+
5// | application   : PhpWebGallery <http://phpwebgallery.net>              |
6// | branch        : BSF (Best So Far)                                     |
7// +-----------------------------------------------------------------------+
8// | file          : $RCSfile$
9// | last update   : $Date: 2004-02-19 00:31:09 +0000 (Thu, 19 Feb 2004) $
10// | last modifier : $Author: gweltas $
11// | revision      : $Revision: 364 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// The function generate_key creates a string with pseudo random characters.
29// the size of the string depends on the $conf['session_id_size'].
30// Characters used are a-z A-Z and numerical values. Examples :
31//                    "Er4Tgh6", "Rrp08P", "54gj"
32// input  : none (using global variable)
33// output : $key
34function generate_key()
35{
36  global $conf;
37
38  $md5 = md5( substr( microtime(), 2, 6 ).$conf['session_keyword'] );
39  $init = '';
40  for ( $i = 0; $i < strlen( $md5 ); $i++ )
41  {
42    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
43  }
44  $init = substr( $init, 0, 8 );
45  mt_srand( $init );
46  $key = '';
47  for ( $i = 0; $i < $conf['session_id_size']; $i++ )
48  {
49    $c = mt_rand( 0, 2 );
50    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
51    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
52    else                $key .= mt_rand( 0, 9 );
53  }
54  return $key;
55}
56
57// The function create_session finds a non-already-used session key and
58// returns it once found for the given user.
59function session_create( $username )
60{
61  global $conf;
62  // 1. searching an unused session key
63  $id_found = false;
64  while ( !$id_found )
65  {
66    $generated_id = generate_key();
67    $query = 'select id';
68    $query.= ' from '.PREFIX_TABLE.'sessions';
69    $query.= " where id = '".$generated_id."';";
70    $result = mysql_query( $query );
71    if ( mysql_num_rows( $result ) == 0 )
72    {
73      $id_found = true;
74    }
75  }
76  // 2. retrieving id of the username given in parameter
77  $query = 'select id';
78  $query.= ' from '.USERS_TABLE;
79  $query.= " where username = '".$username."';";
80  $row = mysql_fetch_array( mysql_query( $query ) );
81  $user_id = $row['id'];
82  // 3. inserting session in database
83  $expiration = $conf['session_time'] * 60 + time();
84  $query = 'insert into '.PREFIX_TABLE.'sessions';
85  $query.= ' (id,user_id,expiration,ip) values';
86  $query.= "('".$generated_id."','".$user_id;
87  $query.= "','".$expiration."','".$_SERVER['REMOTE_ADDR']."');";
88  mysql_query( $query );
89               
90  return $generated_id;
91}
92
93// add_session_id adds the id of the session to the string given in
94// parameter as $url. If the session id is the first parameter to the url,
95// it is preceded by a '?', else it is preceded by a '&amp;'. If the
96// parameter $redirect is set to true, '&' is used instead of '&'.
97function add_session_id( $url, $redirect = false )
98{
99  global $page, $user;
100
101  if ( $user['has_cookie'] ) return $url;
102
103  $amp = '&amp;';
104  if ( $redirect )
105  {
106    $amp = '&';
107  }
108  if ( !$user['is_the_guest'] )
109  {
110    if ( preg_match( '/\.php\?/',$url ) )
111    {
112      return $url.$amp.'id='.$page['session_id'];
113    }
114    else
115    {
116      return $url.'?id='.$page['session_id'];
117    }
118  }
119  else
120  {
121    return $url;
122  }
123}
124
125// cookie_path returns the path to use for the PhpWebGallery cookie.
126// If PhpWebGallery is installed on :
127// http://domain.org/meeting/gallery/category.php
128// cookie_path will return : "/meeting/gallery"
129function cookie_path()
130{
131  return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/'));
132}
133?>
Note: See TracBrowser for help on using the repository browser.