source: branches/1.6/include/functions_session.inc.php @ 27047

Last change on this file since 27047 was 1554, checked in by nikrou, 18 years ago

Fix bug 451: Auto login does not work properly
svn merge r1492:1493 from trunk
svn merge r1510:1511 from trunk
svn merge r1521:1522 from trunk
svn merge r1523:1524 from trunk
svn merge r1525:1526 from trunk
auto_login key add to users table:

  • add update script
  • update upgrade_1.5.0.php script

(related to svn:1553)
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-10-04 20:50:20 +0000 (Wed, 04 Oct 2006) $
10// | last modifier : $Author: nikrou $
11// | revision      : $Revision: 1554 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// The function generate_key creates a string with pseudo random characters.
29// the size of the string depends on the $conf['session_id_size'].
30// Characters used are a-z A-Z and numerical values. Examples :
31//                    "Er4Tgh6", "Rrp08P", "54gj"
32// input  : none (using global variable)
33// output : $key
34function generate_key($size)
35{
36  global $conf;
37
38  $md5 = md5(substr(microtime(), 2, 6));
39  $init = '';
40  for ( $i = 0; $i < strlen( $md5 ); $i++ )
41  {
42    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
43  }
44  $init = substr( $init, 0, 8 );
45  mt_srand( $init );
46  $key = '';
47  for ( $i = 0; $i < $size; $i++ )
48  {
49    $c = mt_rand( 0, 2 );
50    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
51    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
52    else                $key .= mt_rand( 0, 9 );
53  }
54  return $key;
55}
56
57if (isset($conf['session_save_handler'])
58  and ($conf['session_save_handler'] == 'db')
59  and defined('PHPWG_INSTALLED'))
60{
61  session_set_save_handler('pwg_session_open',
62    'pwg_session_close',
63    'pwg_session_read',
64    'pwg_session_write',
65    'pwg_session_destroy',
66    'pwg_session_gc'
67  );
68  if ( function_exists('ini_set') )
69  {
70    ini_set('session.use_cookies', $conf['session_use_cookies']);
71    ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
72    ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
73  }
74  session_name($conf['session_name']);
75  session_set_cookie_params(0, cookie_path());
76}
77
78// cookie_path returns the path to use for the PhpWebGallery cookie.
79// If PhpWebGallery is installed on :
80// http://domain.org/meeting/gallery/category.php
81// cookie_path will return : "/meeting/gallery"
82function cookie_path()
83{
84  if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and 
85       !empty($_SERVER['REDIRECT_SCRIPT_NAME']) )
86  {
87    $scr = $_SERVER['REDIRECT_SCRIPT_NAME'];
88  }
89  else if ( isset($_SERVER['REDIRECT_URL']) )
90  { // mod_rewrite is activated for upper level directories. we must set the
91    // cookie to the path shown in the browser otherwise it will be discarded.
92    if ( isset($_SERVER['PATH_INFO']) and !empty($_SERVER['PATH_INFO']) )
93    {
94      $idx = strpos( $_SERVER['REDIRECT_URL'], $_SERVER['PATH_INFO'] );
95      if ($idx !== false)
96      {
97        $scr = substr($_SERVER['REDIRECT_URL'], 0, $idx);
98      }
99      else
100      {//this should never happen
101        $scr='//';
102      }
103    }
104    else
105    {
106      $scr = $_SERVER['REDIRECT_URL'];
107    }
108  }
109  else
110  {
111    $scr = $_SERVER['SCRIPT_NAME'];
112  }
113  $scr = substr($scr,0,strrpos( $scr,'/'));
114  // add a trailing '/' if needed
115  return ($scr{strlen($scr)-1} == '/') ? $scr : $scr . '/';
116}
117
118/**
119 * returns true; used when the session_start() function is called
120 *
121 * @params not use but useful for php engine
122 */
123function pwg_session_open($path, $name)
124{
125  return true;
126}
127
128/**
129 * returns true; used when the session is closed (unset($_SESSION))
130 *
131 */
132function pwg_session_close()
133{
134  return true;
135}
136
137/**
138 * this function returns
139 * a string corresponding to the value of the variable save in the session
140 * or an empty string when the variable doesn't exist
141 *
142 * @param string session id
143 */
144function pwg_session_read($session_id)
145{
146  $query = '
147SELECT data
148  FROM '.SESSIONS_TABLE.'
149  WHERE id = \''.$session_id.'\'
150;';
151  $result = pwg_query($query);
152  if ($result)
153  {
154    $row = mysql_fetch_assoc($result);
155    return $row['data'];
156  }
157  else
158  {
159    return '';
160  }
161}
162
163/**
164 * returns true; writes set a variable in the active session
165 *
166 * @param string session id
167 * @data string value of date to be saved
168 */
169function pwg_session_write($session_id, $data)
170{
171  $query = '
172UPDATE '.SESSIONS_TABLE.'
173  SET expiration = now(),
174  data = \''.$data.'\'
175  WHERE id = \''.$session_id.'\'
176;';
177  pwg_query($query);
178  if ( mysql_affected_rows()>0 )
179  {
180    return true;
181  }
182  $query = '
183INSERT INTO '.SESSIONS_TABLE.'
184  (id,data,expiration)
185  VALUES(\''.$session_id.'\',\''.$data.'\',now())
186;';
187  mysql_query($query);
188  return true;
189}
190
191/**
192 * returns true; delete the active session
193 *
194 * @param string session id
195 */
196function pwg_session_destroy($session_id)
197{
198  $query = '
199DELETE
200  FROM '.SESSIONS_TABLE.'
201  WHERE id = \''.$session_id.'\'
202;';
203  pwg_query($query);
204  return true;
205}
206
207/**
208 * returns true; delete expired sessions
209 * called each time a session is closed.
210 */
211function pwg_session_gc()
212{
213  global $conf;
214
215  $query = '
216DELETE
217  FROM '.SESSIONS_TABLE.'
218  WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > '
219  .$conf['session_length'].'
220;';
221  pwg_query($query);
222  return true;
223}
224?>
Note: See TracBrowser for help on using the repository browser.