X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=session.php;h=b36af68660469156d8059a3bac5f3f5d8c34ab8c;hb=456602c35b5550a0ab8cbaf4c74ca6d00a3be076;hp=7f5d52e828f21278db33d40a59022ad9cb6453a8;hpb=59c2d4dd864a724f0940405fed4d61bb8aa1864c;p=wfpl.git diff --git a/session.php b/session.php index 7f5d52e..b36af68 100644 --- a/session.php +++ b/session.php @@ -2,36 +2,26 @@ # Copyright (C) 2006 Jason Woofenden # -# This file is part of wfpl. -# -# wfpl is free software; you can redistribute it and/or modify it under the -# terms of the GNU Lesser General Public License as published by the Free -# Software Foundation; either version 2.1 of the License, or (at your option) -# any later version. -# -# wfpl is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for -# more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with wfpl; if not, write to the Free Software Foundation, Inc., 51 -# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -# you'll need this file that calles db_connect() -if(!isset($GLOBALS['wfpl_db_handle'])) { - if(file_exists('db_connect.php') { - require_once('db_connect.php'); - } elseif(file_exists('code/db_connect.php') { - require_once('code/db_connect.php'); - } else { - die("session.php requires a file db_connect.php or that you call db_connect() first. See code/wfpl/db.php for more information."); - } -} - -# and these database tables: +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +# you'll need these database tables: # create table wfpl_sessions (id int unique auto_increment, session_key varchar(16), length int, expires int); # create table wfpl_session_data (id int unique auto_increment, session_id int, name varchar(100), value text); +# run this command to install/clear the tables: +# mysql DATABASE_NAME < code/wfpl/examples/session.sql +# note: you may need these parameters for mysql: -u USERNAME -p # GLOSSARY # @@ -45,7 +35,7 @@ if(!isset($GLOBALS['wfpl_db_handle'])) { # generate a new random 16-character string function session_generate_key() { - $character_set = "abcdefghijklmnopqrstuvwqyzABCDEFGHIJKLMNOPQRSTUVWQYZ0123456789"; + $character_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $id = " "; # PHP 4.2.0 and up seed the random number generator for you. @@ -68,10 +58,11 @@ function session_new($length = 86400) { $GLOBALS['session_key'] = $session_key; $_REQUEST['session_key'] = $session_key; #just in case someone calls session_exists() after session_new() session_touch($length); + return $GLOBALS['session_key']; } # call to renew the timeout for the session. -# assumes there's a session. call session_init() if you'd like one auto-create one if not found. +# assumes there's a session. call init_session() if you'd like one auto-create one if not found. function session_touch($length = false) { if(!$length) { $length = db_get_value('wfpl_sessions', 'length', 'where id=%i', $GLOBALS['session_id']); @@ -83,15 +74,26 @@ function session_touch($length = false) { db_update('wfpl_sessions', 'expires', $expires, 'where id=%i', $GLOBALS['session_id']); } +# delete the current session +function kill_session() { + if(!session_exists()) { + return; + } + _kill_session($GLOBALS['session_id']); +} + +# for internal use. use kill_session() above +function _kill_session($id) { + db_delete('wfpl_session_data', 'where session_id=%i', $id); + db_delete('wfpl_sessions', 'where id=%i', $id); +} + # delete expired sessions from database function session_purge_old() { $now = time(); - $exired_sessions = db_get_column('wfpl_sessions', 'id', 'where expires < %i', $now); - db_delete('wfpl_sessions', 'where expires < %i', $now); - if($expired_sessions) { - foreach($expired_sessions as $expired_session) { - db_delete('wfpl_session_data', 'where session_id=%i', $expired_session); - } + $expired_sessions = db_get_column('wfpl_sessions', 'id', 'where expires < %i', $now); + if($expired_sessions) foreach($expired_sessions as $expired_session) { + _kill_session($expired_session); } } @@ -101,6 +103,10 @@ function session_exists() { return false; } + if(isset($GLOBALS['session_id'])) { + return true; + } + $session_key = ereg_replace('[^a-zA-Z0-9]', '', $_REQUEST['session_key']); if(!strlen($session_key) == 16) { @@ -136,21 +142,17 @@ function init_session() { } } -# delete the current session -function kill_session() { - if(!session_exists()) { - return; - } - db_delete('wfpl_session_data', 'where session_id=%i', $GLOBALS['session_id']); - db_delete('wfpl_sessions', 'where id=%i', $GLOBALS['session_id']); -} - # save a variable into the session function session_set($name, $value) { - db_delete('wfpl_session_data', 'where session_id=%i && name=%"', $GLOBALS['session_id'], $name); + session_clear($name); db_insert('wfpl_session_data', 'session_id,name,value', $GLOBALS['session_id'], $name, $value); } +# remove variable from the session +function session_clear($name) { + db_delete('wfpl_session_data', 'where session_id=%i && name=%"', $GLOBALS['session_id'], $name); +} + # get a variable into the session function session_get($name) { return db_get_value('wfpl_session_data', 'value', 'where session_id=%i && name=%"', $GLOBALS['session_id'], $name);