X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=session.php;h=9dc3f4e855b76fcb81fc11f0727edadc00259d93;hb=bf91aed8316e74c8d80c1c4b5e4645eeb6ba9dcd;hp=4bbaea92ebfe134816e02d1a7ac073bb78b5c30b;hpb=8355c5788f7179a3674ab1121c859530e838bb64;p=wfpl.git diff --git a/session.php b/session.php index 4bbaea9..9dc3f4e 100644 --- a/session.php +++ b/session.php @@ -2,34 +2,21 @@ # Copyright (C) 2006 Jason Woofenden # -# This file is part of wfpl. -# -# wfpl is free software; you can redistribute it and/or modify it under the -# terms of the GNU Lesser General Public License as published by the Free -# Software Foundation; either version 2.1 of the License, or (at your option) -# any later version. -# -# wfpl is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for -# more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with wfpl; if not, write to the Free Software Foundation, Inc., 51 -# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -# you'll need this file that calls db_connect() -if(!isset($GLOBALS['wfpl_db_handle'])) { - if(file_exists('db_connect.php')) { - require_once('db_connect.php'); - } elseif(file_exists('code/db_connect.php')) { - require_once('code/db_connect.php'); - } else { - die("session.php requires a file db_connect.php or that you call db_connect() first. See code/wfpl/db.php for more information."); - } -} - -# and these database tables: +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +# you'll need these database tables: # create table wfpl_sessions (id int unique auto_increment, session_key varchar(16), length int, expires int); # create table wfpl_session_data (id int unique auto_increment, session_id int, name varchar(100), value text); # run this command to install/clear the tables: @@ -48,7 +35,7 @@ if(!isset($GLOBALS['wfpl_db_handle'])) { # generate a new random 16-character string function session_generate_key() { - $character_set = "abcdefghijklmnopqrstuvwqyzABCDEFGHIJKLMNOPQRSTUVWQYZ0123456789"; + $character_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $id = " "; # PHP 4.2.0 and up seed the random number generator for you. @@ -71,10 +58,11 @@ function session_new($length = 86400) { $GLOBALS['session_key'] = $session_key; $_REQUEST['session_key'] = $session_key; #just in case someone calls session_exists() after session_new() session_touch($length); + return $GLOBALS['session_key']; } # call to renew the timeout for the session. -# assumes there's a session. call session_init() if you'd like one auto-create one if not found. +# assumes there's a session. call init_session() if you'd like one auto-create one if not found. function session_touch($length = false) { if(!$length) { $length = db_get_value('wfpl_sessions', 'length', 'where id=%i', $GLOBALS['session_id']); @@ -137,8 +125,13 @@ function session_exists() { return true; } -# return username if a session exists and is authenticated +# depricated function session_exists_and_authed() { + return logged_in(); +} + +# return username if a session exists and is authenticated +function logged_in() { if(!session_exists()) { return false; } @@ -147,6 +140,20 @@ function session_exists_and_authed() { } + +# return username if a session exists and is authenticated +function logged_in_as_admin() { + if(!session_exists()) { + return false; + } + + if(session_get('auth_admin')) { + return true; + } + return false; +} + + # find existing session, or make one function init_session() { if(!session_exists()) {