|
|
|---|
| [ Index ] |
Source Code Reference for V1.00 |
[Summary view] [Print] [Text view]
1 <?php /* $Id: session.php 102 2008-03-18 19:52:59Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/includes/session.php $ */ 2 ## 3 ## Session Handling Functions 4 ## 5 /* 6 * Please note that these functions assume that the database 7 * is accessible and that a table called 'sessions' (with a prefix 8 * if necessary) exists. It also assumes MySQL date and time 9 * functions, which may make it less than easy to port to 10 * other databases. You may need to use less efficient techniques 11 * to make it more generic. 12 * 13 * NOTE: index.php and fileviewer.php MUST call w2PsessionStart 14 * instead of trying to set their own sessions. 15 */ 16 17 if (!defined('W2P_BASE_DIR')) { 18 die('You should not access this file directly.'); 19 } 20 21 require_once W2P_BASE_DIR . '/includes/main_functions.php'; 22 require_once W2P_BASE_DIR . '/includes/db_adodb.php'; 23 require_once W2P_BASE_DIR . '/classes/query.class.php'; 24 require_once W2P_BASE_DIR . '/classes/ui.class.php'; 25 require_once W2P_BASE_DIR . '/classes/event_queue.class.php'; 26 27 function w2PsessionOpen($save_path, $session_name) { 28 return true; 29 } 30 31 function w2PsessionClose() { 32 return true; 33 } 34 35 function w2PsessionRead($id) { 36 $q = new DBQuery; 37 $q->addTable('sessions'); 38 $q->addQuery('session_data'); 39 $q->addQuery('UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_created) as session_lifespan'); 40 $q->addQuery('UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_updated) as session_idle'); 41 $q->addWhere('session_id = \''.$id.'\''); 42 $qid = &$q->exec(); 43 if (!$qid || $qid->EOF) { 44 dprint(__file__, __line__, 11, 'Failed to retrieve session ' . $id); 45 $data = ''; 46 } else { 47 $max = w2PsessionConvertTime('max_lifetime'); 48 $idle = w2PsessionConvertTime('idle_time'); 49 // dprint(__file__, __line__, 11, "Found session $id, max=$max/" . $qid->fields['session_lifespan'] . ", idle=$idle/" . $qid->fields['session_idle']); 50 // If the idle time or the max lifetime is exceeded, trash the 51 // session. 52 if ($max < $qid->fields['session_lifespan'] || $idle < $qid->fields['session_idle']) { 53 dprint(__file__, __line__, 11, "session $id expired"); 54 w2PsessionDestroy($id); 55 $data = ''; 56 } else { 57 $data = $qid->fields['session_data']; 58 } 59 } 60 $q->clear(); 61 return $data; 62 } 63 64 function w2PsessionWrite($id, $data) { 65 global $AppUI; 66 67 $q = new DBQuery; 68 $q->addQuery('count(session_id) as row_count'); 69 $q->addTable('sessions'); 70 $q->addWhere('session_id = \''.$id.'\''); 71 72 if ($qid = &$q->exec() && ($qid->fields['row_count'] > 0 || $qid->fields[0] > 0)) { 73 //dprint(__file__, __line__, 11, "Updating session $id"); 74 $q->query = null; 75 $q->addUpdate('session_data', $data); 76 if (isset($AppUI)) { 77 $q->addUpdate('session_user', (int)$AppUI->last_insert_id); 78 } 79 } else { 80 //dprint(__file__, __line__, 11, "Creating new session $id"); 81 $q->query = null; 82 $q->where = null; 83 $q->addInsert('session_id', $id); 84 $q->addInsert('session_data', $data); 85 $q->addInsert('session_created', date('Y-m-d H:i:s')); 86 } 87 $q->exec(); 88 $q->clear(); 89 return true; 90 } 91 92 function w2PsessionDestroy($id, $user_access_log_id = 0) { 93 global $AppUI; 94 95 $q = new DBQuery; 96 97 //dprint(__file__, __line__, 11, "Killing session $id"); 98 $q->addTable('user_access_log'); 99 $q->addUpdate('date_time_out', date('Y-m-d H:i:s')); 100 $q2 = new DBQuery; 101 $q2->addTable('sessions'); 102 $q2->addQuery('session_user'); 103 $q2->addWhere('session_id = \'' . $id . '\''); 104 $q->addWhere('user_access_log_id = ( ' . $q2->prepare() . ' )'); 105 $q->exec(); 106 $q->clear(); 107 $q2->clear(); 108 109 $q->setDelete('sessions'); 110 $q->addWhere('session_id = \''.$id.'\''); 111 $q->exec(); 112 $q->clear(); 113 114 return true; 115 } 116 117 function w2PsessionGC($maxlifetime) { 118 global $AppUI; 119 120 //dprint(__file__, __line__, 11, 'Session Garbage collection running'); 121 $now = time(); 122 $max = w2PsessionConvertTime('max_lifetime'); 123 $idle = w2PsessionConvertTime('idle_time'); 124 // First pass is to kill any users that are logged in at the time of the session. 125 $where = 'UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_updated) > ' . $idle . ' OR UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_created) > ' . $max; 126 $q = new DBQuery; 127 $q->addTable('user_access_log'); 128 $q->addUpdate('date_time_out', date('Y-m-d H:i:s')); 129 $q2 = new DBQuery; 130 $q2->addTable('sessions'); 131 $q2->addQuery('session_user'); 132 $q2->addWhere($where); 133 $q->addWhere('user_access_log_id IN ( ' . $q2->prepare() . ' )'); 134 $q->exec(); 135 $q->clear(); 136 $q2->clear(); 137 138 // Now we simply delete the expired sessions. 139 $q->setDelete('sessions'); 140 $q->addWhere($where); 141 $q->exec(); 142 $q->clear(); 143 if (w2PgetConfig('session_gc_scan_queue')) { 144 // We need to scan the event queue. If $AppUI isn't created yet 145 // And it isn't likely that it will be, we create it and run the 146 // queue scanner. 147 if (!isset($AppUI)) { 148 $AppUI = new CAppUI; 149 $queue = new EventQueue; 150 $queue->scan(); 151 } 152 } 153 return true; 154 } 155 156 function w2PsessionConvertTime($key) { 157 $key = 'session_' . $key; 158 159 // If the value isn't set, then default to 1 day. 160 if (w2PgetConfig($key) == null || w2PgetConfig($key) == null) { 161 return 86400; 162 } 163 164 $numpart = (int)w2PgetConfig($key); 165 $modifier = substr(w2PgetConfig($key), -1); 166 if (!is_numeric($modifier)) { 167 switch ($modifier) { 168 case 'h': 169 $numpart *= 3600; 170 break; 171 case 'd': 172 $numpart *= 86400; 173 break; 174 case 'm': 175 $numpart *= (86400 * 30); 176 break; 177 case 'y': 178 $numpart *= (86400 * 365); 179 break; 180 } 181 } 182 return $numpart; 183 } 184 185 function w2PsessionStart($start_vars = 'AppUI') { 186 session_name('web2project'); 187 if (ini_get('session.auto_start') > 0) { 188 session_write_close(); 189 } 190 if (w2PgetConfig('session_handling') == 'app') { 191 ini_set('session.save_handler', 'user'); 192 // PHP 5.2 workaround 193 if (version_compare(phpversion(), '5.0.0', '>=')) { 194 register_shutdown_function('session_write_close'); 195 } 196 session_set_save_handler('w2PsessionOpen', 'w2PsessionClose', 'w2PsessionRead', 'w2PsessionWrite', 'w2PsessionDestroy', 'w2PsessionGC'); 197 $max_time = w2PsessionConvertTime('max_lifetime'); 198 } else { 199 $max_time = 0; // Browser session only. 200 } 201 // Try and get the correct path to the base URL. 202 preg_match('_^(https?://)([^/]+)(:0-9]+)?(/.*)?$_i', w2PgetConfig('base_url'), $url_parts); 203 $cookie_dir = $url_parts[4]; 204 if (substr($cookie_dir, 0, 1) != '/') { 205 $cookie_dir = '/' . $cookie_dir; 206 } 207 if (substr($cookie_dir, -1) != '/') { 208 $cookie_dir .= '/'; 209 } 210 session_set_cookie_params($max_time, $cookie_dir); 211 session_start(); 212 if (is_array($start_vars)) { 213 foreach ($start_vars as $var) { 214 session_register($var); 215 } 216 } else 217 if (!empty($start_vars)) { 218 session_register($start_vars); 219 } 220 } 221 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Nov 20 03:00:14 2008 | Cross-referenced by PHPXref 0.7 |