Changeset 1005 for branches/branch-1_5/include/functions_session.inc.php
- Timestamp:
- Jan 15, 2006, 2:49:29 PM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/branch-1_5/include/functions_session.inc.php
r1003 r1005 26 26 // +-----------------------------------------------------------------------+ 27 27 28 if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) { 29 session_set_save_handler('pwg_session_open', 30 'pwg_session_close', 31 'pwg_session_read', 32 'pwg_session_write', 33 'pwg_session_destroy', 34 'pwg_session_gc' 35 ); 36 } 37 38 ini_set('session.use_cookies', $conf['session_use_cookies']); 39 ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); 40 ini_set('session.use_trans_sid', $conf['session_use_trans_sid']); 41 ini_set('session.name', $conf['session_name']); 42 43 function pwg_session_open($path, $name) 44 { 45 return true; 46 } 47 48 function pwg_session_close() 49 { 50 pwg_session_gc(); 51 return true; 52 } 53 54 function pwg_session_read($session_id) 55 { 56 $query = "SELECT data FROM " . SESSIONS_TABLE; 57 $query .= " WHERE id = '$session_id'"; 58 $result = pwg_query($query); 59 if ($result) { 60 $row = mysql_fetch_assoc($result); 61 return $row['data']; 62 } else { 63 return ''; 64 } 65 } 66 67 function pwg_session_write($session_id, $data) 68 { 69 $query = "SELECT id FROM " . SESSIONS_TABLE; 70 $query .= " WHERE id = '$session_id'"; 71 $result = pwg_query($query); 72 if (mysql_num_rows($result)) { 73 $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()"; 74 $query .= " WHERE id = '$session_id'"; 75 pwg_query($query); 76 } else { 77 $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)"; 78 $query .= " VALUES('$session_id','$data',now())"; 79 pwg_query($query); 80 } 81 return true; 82 } 83 84 function pwg_session_destroy($session_id) 85 { 86 $query = "DELETE FROM " . SESSIONS_TABLE; 87 $query .= " WHERE id = '$session_id'"; 88 pwg_query($query); 89 return true; 90 } 91 92 function pwg_session_gc() 28 // The function generate_key creates a string with pseudo random characters. 29 // the size of the string depends on the $conf['session_id_size']. 30 // Characters used are a-z A-Z and numerical values. Examples : 31 // "Er4Tgh6", "Rrp08P", "54gj" 32 // input : none (using global variable) 33 // output : $key 34 function generate_key($size) 93 35 { 94 36 global $conf; 95 37 96 $query = "DELETE FROM " . SESSIONS_TABLE; 97 $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length']; 38 $md5 = md5(substr(microtime(), 2, 6)); 39 $init = ''; 40 for ( $i = 0; $i < strlen( $md5 ); $i++ ) 41 { 42 if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i]; 43 } 44 $init = substr( $init, 0, 8 ); 45 mt_srand( $init ); 46 $key = ''; 47 for ( $i = 0; $i < $size; $i++ ) 48 { 49 $c = mt_rand( 0, 2 ); 50 if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) ); 51 else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) ); 52 else $key .= mt_rand( 0, 9 ); 53 } 54 return $key; 55 } 56 57 /** 58 * create a new session and returns the session identifier 59 * 60 * - find a non-already-used session key 61 * - create a session in database 62 * - return session identifier 63 * 64 * @param int userid 65 * @param int session_lentgh : in seconds 66 * @return string 67 */ 68 function session_create($userid, $session_length) 69 { 70 global $conf; 71 72 // 1. searching an unused session key 73 $id_found = false; 74 while (!$id_found) 75 { 76 $generated_id = generate_key($conf['session_id_size']); 77 $query = ' 78 SELECT id 79 FROM '.SESSIONS_TABLE.' 80 WHERE id = \''.$generated_id.'\' 81 ;'; 82 $result = pwg_query($query); 83 if (mysql_num_rows($result) == 0) 84 { 85 $id_found = true; 86 } 87 } 88 // 3. inserting session in database 89 $query = ' 90 INSERT INTO '.SESSIONS_TABLE.' 91 (id,user_id,expiration) 92 VALUES 93 (\''.$generated_id.'\','.$userid.', 94 ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND)) 95 ;'; 98 96 pwg_query($query); 99 return true; 97 98 $expiration = $session_length + time(); 99 setcookie('id', $generated_id, $expiration, cookie_path()); 100 101 return $generated_id; 102 } 103 104 // add_session_id adds the id of the session to the string given in 105 // parameter as $url. If the session id is the first parameter to the url, 106 // it is preceded by a '?', else it is preceded by a '&'. If the 107 // parameter $redirect is set to true, '&' is used instead of '&'. 108 function add_session_id( $url, $redirect = false ) 109 { 110 global $page, $user, $conf; 111 112 if ($user['is_the_guest'] 113 or $user['has_cookie'] 114 or $conf['apache_authentication']) 115 { 116 return $url; 117 } 118 119 if (preg_match('/\.php\?/', $url)) 120 { 121 $separator = $redirect ? '&' : '&'; 122 } 123 else 124 { 125 $separator = '?'; 126 } 127 128 return $url.$separator.'id='.$page['session_id']; 129 } 130 131 // cookie_path returns the path to use for the PhpWebGallery cookie. 132 // If PhpWebGallery is installed on : 133 // http://domain.org/meeting/gallery/category.php 134 // cookie_path will return : "/meeting/gallery" 135 function cookie_path() 136 { 137 return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/')); 100 138 } 101 139 ?>
Note: See TracChangeset
for help on using the changeset viewer.