source: trunk/include/functions_session.inc.php @ 1034

Last change on this file since 1034 was 1034, checked in by nikrou, 19 years ago

The session garbage collector should not be called when a session is closed

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 5.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-02-12 14:08:57 +0000 (Sun, 12 Feb 2006) $
10// | last modifier : $Author: nikrou $
11// | revision      : $Revision: 1034 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// The function generate_key creates a string with pseudo random characters.
29// the size of the string depends on the $conf['session_id_size'].
30// Characters used are a-z A-Z and numerical values. Examples :
31//                    "Er4Tgh6", "Rrp08P", "54gj"
32// input  : none (using global variable)
33// output : $key
34function generate_key($size)
35{
36  global $conf;
37
38  $md5 = md5(substr(microtime(), 2, 6));
39  $init = '';
40  for ( $i = 0; $i < strlen( $md5 ); $i++ )
41  {
42    if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
43  }
44  $init = substr( $init, 0, 8 );
45  mt_srand( $init );
46  $key = '';
47  for ( $i = 0; $i < $size; $i++ )
48  {
49    $c = mt_rand( 0, 2 );
50    if ( $c == 0 )      $key .= chr( mt_rand( 65, 90 ) );
51    else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
52    else                $key .= mt_rand( 0, 9 );
53  }
54  return $key;
55}
56
57if (isset($conf['session_save_handler']) 
58  and ($conf['session_save_handler'] == 'db')
59  and defined('PHPWG_INSTALLED')) 
60{
61  session_set_save_handler('pwg_session_open', 
62    'pwg_session_close',
63    'pwg_session_read',
64    'pwg_session_write',
65    'pwg_session_destroy',
66    'pwg_session_gc'
67  );
68  ini_set('session.use_cookies', $conf['session_use_cookies']);
69  ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
70  ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
71  ini_set('session.name', $conf['session_name']);
72  ini_set('session.cookie_path', cookie_path() );
73}
74
75// cookie_path returns the path to use for the PhpWebGallery cookie.
76// If PhpWebGallery is installed on :
77// http://domain.org/meeting/gallery/category.php
78// cookie_path will return : "/meeting/gallery"
79function cookie_path()
80{
81  if ( isset($_SERVER['REDIRECT_URL']) )
82  { // mod_rewrite is activated for upper level directories. we must set the
83    // cookie to the path shown in the browser otherwise it will be discarded.
84    $scr = $_SERVER['REDIRECT_URL'];
85  }
86  else
87  {
88    $scr = $_SERVER['PHP_SELF'];
89  }
90  return substr($scr,0,strrpos( $scr,'/'));
91}
92
93/**
94 * returns true; used when the session_start() function is called
95 *
96 * @params not use but useful for php engine
97 */
98function pwg_session_open($path, $name) 
99{
100  return true;
101}
102
103/**
104 * returns true; used when the session is closed (unset($_SESSION))
105 *
106 */
107function pwg_session_close() 
108{
109  return true;
110}
111
112/**
113 * this function returns
114 * a string corresponding to the value of the variable save in the session
115 * or an empty string when the variable doesn't exist
116 *
117 * @param string session id
118 */
119function pwg_session_read($session_id) 
120{
121  $query = '
122SELECT data
123  FROM '.SESSIONS_TABLE.'
124  WHERE id = \''.$session_id.'\'
125;';
126  $result = pwg_query($query);
127  if ($result) 
128  {
129    $row = mysql_fetch_assoc($result);
130    return $row['data'];
131  } 
132  else 
133  {
134    return '';
135  }
136}
137
138/**
139 * returns true; writes set a variable in the active session
140 *
141 * @param string session id
142 * @data string value of date to be saved
143 */
144function pwg_session_write($session_id, $data) 
145{
146  $query = '
147SELECT id
148  FROM '.SESSIONS_TABLE.'
149  WHERE id = \''.$session_id.'\'
150;';
151  $result = pwg_query($query);
152  if (mysql_num_rows($result)) 
153  {
154    $query = '
155UPDATE '.SESSIONS_TABLE.'
156  SET expiration = now(),
157  data = \''.$data.'\'
158  WHERE id = \''.$session_id.'\'
159;';   
160    pwg_query($query);
161  } 
162  else 
163  {
164    $query = '
165INSERT INTO '.SESSIONS_TABLE.'
166  (id,data,expiration)
167  VALUES(\''.$session_id.'\',\''.$data.'\',now())
168;';
169    pwg_query($query);   
170  }
171  return true;
172}
173
174/**
175 * returns true; delete the active session
176 *
177 * @param string session id
178 */
179function pwg_session_destroy($session_id) 
180{
181  $query = '
182DELETE
183  FROM '.SESSIONS_TABLE.'
184  WHERE id = \''.$session_id.'\'
185;';
186  pwg_query($query);
187  return true;
188}
189
190/**
191 * returns true; delete expired sessions
192 * called each time a session is closed.
193 */
194function pwg_session_gc() 
195{
196  global $conf;
197
198  $query = '
199DELETE
200  FROM '.SESSIONS_TABLE.'
201  WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > '
202  .$conf['session_length'].'
203;';
204  pwg_query($query);
205  return true;
206}
207?>
Note: See TracBrowser for help on using the repository browser.