jerry
/
src.dualinventive.com
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
src.dualinventive.com/mtinfo/dist/webroot/main/include/session.php

317 lines
9.4 KiB
PHP
Raw Blame History

<?php
/** \file include\session.php
* \brief DI webinterface session functions
* \author Rob Schalken, Core|Vision
* \version 1.0
* \date 17-10-2008
*
* This file contains the session functions.
*/
/*
* Required pages
*/
require_once("db.php");
/*
* Function called when session started
*/
function on_session_start($save_path, $session_name)
{
GLOBAL $_PAGE_INFO;
// Setup database connection
db_connect("default", "session");
}
/*
* Function called when session ends
*/
function on_session_end()
{
}
/*
* Function called when session read
*/
function on_session_read($key)
{
GLOBAL $_PAGE_INFO;
// Intial values
$result = "";
// Find session info
$query = "SELECT data FROM session WHERE id ='" . $key . "' ";
$query .= "AND expiration > unix_timestamp(now())";
// Execute query
$row = db_fetch_data($query, "session");
if (!empty($row)) {
$result = $row[0]['data'];
}
// Return result
return $result;
}
/*
* Function called when session write
*/
function on_session_write($key, $val)
{
GLOBAL $_PAGE_INFO;
// Read only session?
if (!isset($_PAGE_INFO['session_read_only'])) {
$nr_hours = ((is_dev("RS3000")) || (is_dev("APP"))) ? 8 : 1;
// Update/insert new session info
$query = "REPLACE INTO session (id, data, expiration) VALUES('" . $key . "', ";
$query .= "'" . addslashes($val) . "',unix_timestamp(date_add(now(), interval " . $nr_hours . " hour)))";
db_store_data($query, "session");
// Commit transaction
db_store_data("COMMIT", "session");
}
}
/*
* Function called when session destroyed
*/
function on_session_destroy($key)
{
}
/*
* Function called when session garbage collector is active
*/
function on_session_gc($max_lifetime)
{
// Debug info
DBG("Session garbage collector start");
// Setup connection with the database
db_connect("default", "session");
// Find unused session info, limit to 10 sessions at a time to prevent slow page loads
$sessions = db_fetch_data("SELECT id FROM session WHERE expiration < unix_timestamp(now()) LIMIT 10", "session");
if (is_array($sessions)) {
// Start transaction
db_store_data("START TRANSACTION", "session");
foreach ($sessions as $session) {
// Remove old sessions (Garbage collector functionality)
db_store_data("DELETE FROM session WHERE id='" . $session['id'] . "'", "session");
}
// Commit transaction
db_store_data("COMMIT", "session");
}
// Debug info
DBG("Session garbage collector");
}
/*
* Create unique session id
*/
function UniqSessionId()
{
do {
$id = uniqid("");
} while (is_array($_SESSION[$id]));
return $id;
}
/*
* Stop session, only needed for non-readonly session
*/
function SessionStop()
{
// Valid session?
if (strlen(session_id())) {
// Unlock session
session_write_close();
}
}
/*
* Start session
*/
function SessionStart($session_id = "", $skip_checks = FALSE)
{
GLOBAL $_PAGE_INFO;
// Initial values
$SaveSession = FALSE;
// Use $_GET or other session id?
$_PAGE_INFO['id'] = (strlen($session_id)) ? $session_id : $_GET['id'];
// Register session handle (Called here because of php bug)
session_set_save_handler("on_session_start",
"on_session_end",
"on_session_read",
"on_session_write",
"on_session_destroy",
"on_session_gc");
// Start session
session_start();
// Skip new_id checks??
if (!$skip_checks) {
// Skip extended menu
if ((isset($_PAGE_INFO['id'])) && (strlen($_PAGE_INFO['id']))) {
// New session?
if (isset($_GET['new_id'])) {
// Store old session id
$_PAGE_INFO['old_id'] = $_PAGE_INFO['id'];
// Copy original session info
$_SESSION[$_GET['new_id']] = $_SESSION[$_PAGE_INFO['id']];
// Store main id
$_SESSION[$_GET['new_id']]['main_id'] = $_PAGE_INFO['id'];
// Set global id
$_PAGE_INFO['id'] = $_GET['new_id'];
// Extended menu?
if ($_GET['extended_menu']) {
$_SESSION[$_PAGE_INFO['id']]['extended_menu'] = $_GET['extended_menu'];
}
// Store original id => Needed for support portal
if (!isset($_SESSION[$_PAGE_INFO['id']]['original_id'])) {
$_SESSION[$_PAGE_INFO['id']]['original_id'] = $_SESSION[$_GET['new_id']]['main_id'];
}
// Store session info
$SaveSession = TRUE;
} // Renew session => Duplicate session info
else if (isset($_GET['renew'])) {
// Store old session id
$_PAGE_INFO['old_id'] = $_PAGE_INFO['id'];
// Get new session id
$_PAGE_INFO['id'] = UniqSessionId();
// Copy old data to new array
$_SESSION[$_PAGE_INFO['id']] = $_SESSION[$_PAGE_INFO['old_id']];
// Store original id => Needed for support portal
if (!isset($_SESSION[$_PAGE_INFO['id']]['original_id'])) {
$_SESSION[$_PAGE_INFO['id']]['original_id'] = $_PAGE_INFO['old_id'];
}
// extended menu id available?
if (isset($_SESSION[$_PAGE_INFO['id']]['extended_menu_id'])) {
// Store old extended menu session id
$old_extended_menu_id = $_SESSION[$_PAGE_INFO['id']]['extended_menu_id'];
// Generate new id
$_SESSION[$_PAGE_INFO['id']]['extended_menu_id'] = UniqSessionId();
// Copy old data to new array
$_SESSION[$_SESSION[$_PAGE_INFO['id']]['extended_menu_id']] = $_SESSION[$old_extended_menu_id];
}
// Store session info
$SaveSession = TRUE;
}
} else {
// Generate new id
$_PAGE_INFO['id'] = UniqSessionId();
}
// Update timestamp (needed for online tooling)
$_SESSION[$_PAGE_INFO['id']]['last_access'] = time();
// Store session in between?
if ($SaveSession) {
// Update global variables => Otherwhise the user logged in will be unknown!!
UpdateGlobals();
// Log action in db
db_log_user("login", "original_session_id: " . session_id() . "_" . $_PAGE_INFO['old_id']);
// Remove previous user log
if (isset($_GET['user_log_id'])) {
$user_log_entry = db_fetch_user_log(NULL, $_GET['user_log_id']);
if (is_array($user_log_entry)) {
if ($user_log_entry[0]['session_id'] == (session_id() . "_" . $_PAGE_INFO['old_id'])) {
// Delete user_log_id => We detected to late that this was a new session
db_delete_user_log(NULL, $_GET['user_log_id']);
}
}
}
// Remove history!
unset($_SESSION[$_PAGE_INFO['id']]['href_history_prev']);
unset($_SESSION[$_PAGE_INFO['id']]['href_history']);
// "Stop" session => store new session info => Needed for fetch_info user_rights check!!
// Otherwhise we got a logout!
SessionStop();
// Restart session
SessionStart($_PAGE_INFO['id'], TRUE);
}
}
// Session expired?
if (!isset($_PAGE_INFO['session_read_only'])) {
if (is_array($_SESSION)) {
// Store session info
$tmp = $_SESSION;
foreach ($tmp as $session_identifier => $session_value) {
// Skip this session
if ($session_identifier != $_PAGE_INFO['id']) {
// Skip extended menu
if ((isset($_SESSION[$session_identifier]['last_access'])) && (!isset($_SESSION[$session_identifier]['extended_menu']))) {
// Expired? 1 minute?
if (abs(time() - $_SESSION[$session_identifier]['last_access']) > 60) {
// Extended menu avaiable
if (isset($_SESSION[$session_identifier]['extended_menu_id'])) {
// remove session
unset($_SESSION[$_SESSION[$session_identifier]['extended_menu_id']]);
// Debug info
Dbg("SESSION removed: " . $_SESSION[$session_identifier]['extended_menu_id'] . " (extended menu)");
}
// remove session
unset($_SESSION[$session_identifier]);
// Debug info
Dbg("SESSION removed: " . $session_identifier . ", PAGE_INFO['id']: " . $_PAGE_INFO['id'] . ", GET['id']: " . $_GET['id']);
}
}
}
}
}
}
}
/*
* Call Start of session
*/
SessionStart();
?>
Reference in New Issue View Git Blame Copy Permalink