Changeset 541 for trunk/include/functions_session.inc.php
- Timestamp:
- Oct 3, 2004, 1:12:50 AM (20 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/functions_session.inc.php
r518 r541 32 32 // input : none (using global variable) 33 33 // output : $key 34 function generate_key( )34 function generate_key($size) 35 35 { 36 36 global $conf; … … 45 45 mt_srand( $init ); 46 46 $key = ''; 47 for ( $i = 0; $i < $ conf['session_id_size']; $i++ )47 for ( $i = 0; $i < $size; $i++ ) 48 48 { 49 49 $c = mt_rand( 0, 2 ); … … 55 55 } 56 56 57 // The function create_session finds a non-already-used session key and 58 // returns it once found for the given user. 59 function session_create( $username ) 57 /** 58 * create a new session and returns the session identifier 59 * 60 * - find a non-already-used session key 61 * - create a session in database 62 * - return session identifier 63 * 64 * @param int userid 65 * @param string method : cookie or URI 66 * @param int session_lentgh : in seconds 67 * @return string 68 */ 69 function session_create($userid, $method, $session_length) 60 70 { 61 71 global $conf; 72 62 73 // 1. searching an unused session key 63 74 $id_found = false; 64 while ( !$id_found)75 while (!$id_found) 65 76 { 66 $generated_id = generate_key(); 67 $query = 'select id'; 68 $query.= ' from '.PREFIX_TABLE.'sessions'; 69 $query.= " where id = '".$generated_id."';"; 70 $result = mysql_query( $query ); 71 if ( mysql_num_rows( $result ) == 0 ) 77 $generated_id = generate_key($conf['session_id_size_'.$method]); 78 $query = ' 79 SELECT id 80 FROM '.SESSIONS_TABLE.' 81 WHERE id = \''.$generated_id.'\' 82 ;'; 83 $result = mysql_query($query); 84 if (mysql_num_rows($result) == 0) 72 85 { 73 86 $id_found = true; 74 87 } 75 88 } 76 // 2. retrieving id of the username given in parameter77 $query = 'select id';78 $query.= ' from '.USERS_TABLE;79 $query.= " where username = '".$username."';";80 $row = mysql_fetch_array( mysql_query( $query ) );81 $user_id = $row['id'];82 89 // 3. inserting session in database 83 $expiration = $conf['session_time'] * 60 + time(); 84 $query = 'insert into '.PREFIX_TABLE.'sessions'; 85 $query.= ' (id,user_id,expiration,ip) values'; 86 $query.= "('".$generated_id."','".$user_id; 87 $query.= "','".$expiration."','".$_SERVER['REMOTE_ADDR']."');"; 88 mysql_query( $query ); 90 $expiration = $session_length + time(); 91 $query = ' 92 INSERT INTO '.SESSIONS_TABLE.' 93 (id,user_id,expiration,ip) 94 VALUES 95 (\''.$generated_id.'\','.$userid.','.$expiration.', 96 \''.$_SERVER['REMOTE_ADDR'].'\') 97 ;'; 98 mysql_query($query); 99 100 if ($method == 'cookie') 101 { 102 setcookie('id', $generated_id, $session_length+time(), cookie_path()); 103 } 89 104 90 105 return $generated_id;
Note: See TracChangeset
for help on using the changeset viewer.