phplib-commit Mailing List for PHPLIB (Page 2)
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
phplib-commit — A list for automatically mailed CVS Commits
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(76) |
Sep
(7) |
Oct
(2) |
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(7) |
Feb
(7) |
Mar
(14) |
Apr
(27) |
May
(2) |
Jun
(2) |
Jul
(5) |
Aug
(6) |
Sep
(1) |
Oct
(9) |
Nov
(4) |
Dec
|
| 2003 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
(2) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2005 |
Jan
|
Feb
(7) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
(1) |
Apr
(3) |
May
|
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2007 |
Jan
(6) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Layne W. <lay...@us...> - 2004-08-17 23:04:42
|
Update of /cvsroot/phplib/php-lib-stable/php In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9180/php Modified Files: db_oci8.inc Log Message: added optional shortcut var $Host: if set, will build full db connect string placing $Host and $Database into $full_connection_string keeping a minimalistic and more legible sub-class configuration Index: db_oci8.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_oci8.inc,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** db_oci8.inc 23 Jul 2004 20:36:29 -0000 1.6 --- db_oci8.inc 17 Aug 2004 20:58:50 -0000 1.7 *************** *** 18,24 **** --- 18,27 ---- var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) + var $Host = ""; + /* traditionally the full TNS name is placed in $Database; if having trouble with TNS resolution (and desiring a more legible configuration), place the host IP address in $Host and the Oracle SID in $Database as a shortcut - connect() will build a valid connection string using $full_connection_string */ var $Database = ""; var $User = ""; var $Password = ""; + var $full_connection_string = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=%s)(PORT=1521)))(CONNECT_DATA=(SID=%s)))"; var $Link_ID = 0; *************** *** 57,61 **** if ( 0 == $this->Link_ID ) { if ($this->Debug) { ! printf("<br>Connecting to $this->Database...<br>\n"); } if($this->share_connections) { --- 60,64 ---- if ( 0 == $this->Link_ID ) { if ($this->Debug) { ! printf("<br>Connecting to $this->Database%s...<br>\n", (($this->Host) ? " ($this->Host)" : "")); } if($this->share_connections) { *************** *** 71,75 **** } } ! $this->Link_ID = OCIPLogon($this->User, $this->Password, $this->Database); if (!$this->Link_ID) { --- 74,78 ---- } } ! $this->Link_ID = OCIPLogon($this->User, $this->Password, (($this->Host) ? sprintf($this->full_connection_string, $this->Host, $this->Database) : $this->Database)); if (!$this->Link_ID) { *************** *** 88,92 **** function connect_failed() { $this->Halt_On_Error = "yes"; ! $this->halt("connect ($this->User, \$Password, $this->Database) failed"); } --- 91,95 ---- function connect_failed() { $this->Halt_On_Error = "yes"; ! $this->halt(sprintf("connect ($this->User, \$Password, $this->Database%s) failed", (($this->Host) ? ", $this->Host" : ""))); } |
|
From: Layne W. <lay...@us...> - 2004-08-17 22:56:45
|
Update of /cvsroot/phplib/php-lib-stable In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9469 Modified Files: CHANGES Log Message: Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.31 retrieving revision 1.32 diff -C2 -d -r1.31 -r1.32 *** CHANGES 23 Jul 2004 20:36:29 -0000 1.31 --- CHANGES 17 Aug 2004 20:59:29 -0000 1.32 *************** *** 1,4 **** --- 1,9 ---- $Id$ + 17-Aug-2004 layne_weathers + - db_oci8.inc - added optional shortcut var $Host: if set, will build full db + connect string placing $Host and $Database into $full_connection_string + keeping a minimalistic and more legible sub-class configuration + 23-Jul-2004 layne_weathers - all db classes |
Update of /cvsroot/phplib/php-lib-stable/php In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18134/php Modified Files: db_msql.inc db_mssql.inc db_mysql.inc db_oci8.inc db_odbc.inc db_oracle.inc db_pgsql.inc db_sybase.inc template.inc Log Message: db classes - cleaned up and allowed a bit more flexibility template.inc - allow alternate variable name regex matching Index: db_msql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_msql.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** db_msql.inc 14 Mar 2002 20:41:07 -0000 1.4 --- db_msql.inc 23 Jul 2004 20:36:29 -0000 1.5 *************** *** 12,16 **** */ ! class DB_Sql { var $Host = ""; var $Database = ""; --- 12,16 ---- */ ! class DB_msql { var $Host = ""; var $Database = ""; *************** *** 22,25 **** --- 22,26 ---- var $Error = ""; + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) var $Auto_Free = 0; ## Set this to 1 for automatic msql_free_result() *************** *** 27,32 **** /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 28,35 ---- /* public: constructor */ ! function DB_msql($query = "") { ! if($query) { $this->query($query); + } } *************** *** 48,60 **** // Still not connected? Raise error. if ( 0 == $this->Link_ID ) { ! $this->halt("connect($this->Host) failed."); } // Select current database if (!msql_select_db($this->Database, $this->Link_ID)) { ! $this->halt("cannot use database ".$this->Database); } } ! function query($Query_String) { --- 51,68 ---- // Still not connected? Raise error. if ( 0 == $this->Link_ID ) { ! $this->connect_failed("connect ($this->Host) failed"); } // Select current database if (!msql_select_db($this->Database, $this->Link_ID)) { ! $this->connect_failed("cannot use database ".$this->Database); } } ! ! function connect_failed($message) { ! $this->Halt_On_Error = "yes"; ! $this->halt($message); ! } ! function query($Query_String) { *************** *** 157,164 **** function halt($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MSQL Error</b>: %s<br>\n", $this->Error); ! die("Session halted."); } } ?> --- 165,193 ---- function halt($msg) { ! if ("no" == $this->Halt_On_Error) ! return; ! ! $this->haltmsg($msg); ! ! if ("report" != $this->Halt_On_Error) ! die("Session halted."); ! } ! ! function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MSQL Error</b>: %s</p>\n", $this->Error); } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_msql + { + function DB_Sql($query = "") + { + $this->DB_msql($query); + } + } + } + unset($_php_major_version); ?> Index: db_mssql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_mssql.inc,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** db_mssql.inc 19 Mar 2002 22:26:12 -0000 1.5 --- db_mssql.inc 23 Jul 2004 20:36:29 -0000 1.6 *************** *** 11,15 **** # echo "<BR>This is using the MSSQL class<BR>"; ! class DB_Sql { var $Host = ""; var $Database = ""; --- 11,15 ---- # echo "<BR>This is using the MSSQL class<BR>"; ! class DB_MSSQL { var $Host = ""; var $Database = ""; *************** *** 24,27 **** --- 24,28 ---- var $Errno = 0; var $Error = ""; + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) var $Auto_Free = 0; ## set this to 1 to automatically free results *************** *** 30,35 **** /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 31,38 ---- /* public: constructor */ ! function DB_MSSQL($query = "") { ! if($query) { $this->query($query); + } } *************** *** 42,50 **** } if (!$this->Link_ID) ! $this->halt("connect($this->Host, $this->User, \$Password) failed."); else ! mssql_select_db($this->Database, $this->Link_ID); } } function free_result(){ mssql_free_result($this->Query_ID); --- 45,60 ---- } if (!$this->Link_ID) ! $this->connect_failed("connect ($this->Host, $this->User, \$Password) failed"); else ! if (!mssql_select_db($this->Database, $this->Link_ID)) { ! $this->connect_failed("cannot use database ".$this->Database); ! } } } + function connect_failed($message) { + $this->Halt_On_Error = "yes"; + $this->halt($message); + } + function free_result(){ mssql_free_result($this->Query_ID); *************** *** 162,171 **** function halt($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MSSQL Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); - die("Session halted."); } } ?> --- 172,202 ---- function halt($msg) { ! if ("no" == $this->Halt_On_Error) ! return; ! ! $this->haltmsg($msg); ! ! if ("report" != $this->Halt_On_Error) ! die("Session halted."); ! } ! ! function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MSSQL Error</b>: %s (%s)</p>\n", $this->Errno, $this->Error); } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_MSSQL + { + function DB_Sql($query = "") + { + $this->DB_MSSQL($query); + } + } + } + unset($_php_major_version); ?> Index: db_mysql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_mysql.inc,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** db_mysql.inc 7 Aug 2002 19:33:57 -0000 1.11 --- db_mysql.inc 23 Jul 2004 20:36:29 -0000 1.12 *************** *** 10,14 **** */ ! class DB_Sql { /* public: connection parameters */ --- 10,14 ---- */ ! class DB_MySQL { /* public: connection parameters */ *************** *** 21,25 **** var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result() var $Debug = 0; ## Set to 1 for debugging messages. ! var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) var $PConnect = 0; ## Set to 1 to use persistent database connections var $Seq_Table = "db_sequence"; --- 21,25 ---- var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result() var $Debug = 0; ## Set to 1 for debugging messages. ! var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) var $PConnect = 0; ## Set to 1 to use persistent database connections var $Seq_Table = "db_sequence"; *************** *** 44,49 **** /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 44,51 ---- /* public: constructor */ ! function DB_MySQL($query = "") { ! if($query) { $this->query($query); + } } *************** *** 78,87 **** } if (!$this->Link_ID) { ! $this->halt("connect($Host, $User, \$Password) failed."); return 0; } if (!@mysql_select_db($Database,$this->Link_ID)) { ! $this->halt("cannot use database ".$Database); return 0; } --- 80,89 ---- } if (!$this->Link_ID) { ! $this->connect_failed("connect ($Host, $User, \$Password) failed"); return 0; } if (!@mysql_select_db($Database,$this->Link_ID)) { ! $this->connect_failed("cannot use database ".$Database); return 0; } *************** *** 91,94 **** --- 93,101 ---- } + function connect_failed($message) { + $this->Halt_On_Error = "yes"; + $this->halt($message); + } + /* public: discard the query result */ function free() { *************** *** 411,420 **** function haltmsg($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MySQL Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); } - } ?> --- 418,438 ---- function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>MySQL Error</b>: %s (%s)</p>\n", $this->Errno, $this->Error); } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_MySQL + { + function DB_Sql($query = "") + { + $this->DB_MySQL($query); + } + } + } + unset($_php_major_version); ?> Index: db_oci8.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_oci8.inc,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** db_oci8.inc 8 Dec 2003 12:09:59 -0000 1.5 --- db_oci8.inc 23 Jul 2004 20:36:29 -0000 1.6 *************** *** 13,19 **** */ ! class DB_Sql { var $Debug = 0; var $sqoe = 1; // show query on error var $Database = ""; --- 13,20 ---- */ ! class DB_OCI8 { var $Debug = 0; var $sqoe = 1; // show query on error + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) var $Database = ""; *************** *** 30,33 **** --- 31,38 ---- var $autoCount = 1; // Count num_rows on select + var $share_connections = false; + var $share_connection_name = ""; + // Defaults to the class name - set to another class name to share connections among different class extensions + var $last_query_text = ""; *************** *** 35,40 **** /* public: constructor */ ! function DB_Sql($query = "") { ! $this->query($query); } --- 40,47 ---- /* public: constructor */ ! function DB_OCI8($query = "") { ! if($query) { ! $this->query($query); ! } } *************** *** 52,61 **** printf("<br>Connecting to $this->Database...<br>\n"); } ! $this->Link_ID = OCIPLogon("$this->User", "$this->Password", "$this->Database"); if (!$this->Link_ID) { ! $this->halt("Link-ID == false ($this->Link_ID), OCILogon failed"); } ! if ($this->Debug) { printf("<br>Obtained the Link_ID: $this->Link_ID<br>\n"); --- 59,83 ---- printf("<br>Connecting to $this->Database...<br>\n"); } ! if($this->share_connections) { ! if(!$this->share_connection_name) { ! $this->share_connection_name = get_class($this) . "_Link_ID"; ! } else { ! $this->share_connection_name .= "_Link_ID"; ! } ! global ${$this->share_connection_name}; ! if(${$this->share_connection_name}) { ! $this->Link_ID = ${$this->share_connection_name}; ! return true; ! } ! } ! $this->Link_ID = OCIPLogon($this->User, $this->Password, $this->Database); if (!$this->Link_ID) { ! $this->connect_failed(); ! return false; } ! if($this->share_connections) { ! ${$this->share_connection_name} = $this->Link_ID; ! } if ($this->Debug) { printf("<br>Obtained the Link_ID: $this->Link_ID<br>\n"); *************** *** 64,67 **** --- 86,94 ---- } + function connect_failed() { + $this->Halt_On_Error = "yes"; + $this->halt("connect ($this->User, \$Password, $this->Database) failed"); + } + function free() { if ($this->Parse) { *************** *** 80,93 **** function query($Query_String) { - - /* No empty queries, please, since PHP4 chokes on them. */ - if ($Query_String == "") { - /* The empty query string is passed on from the constructor - * when calling the class without a query, e.g. in situations - * like these: '$db = new DB_Sql_Subclass;' - */ - return 0; - } - $this->connect(); $this->free(); --- 107,110 ---- *************** *** 98,105 **** } else { if ($this->autoCommit) { ! OCIExecute($this->Parse, "OCI_COMMIT_ON_SUCCESS"); } else { ! OCIExecute($this->Parse, "OCI_DEFAULT"); } if ($this->autoCount) { --- 115,122 ---- } else { if ($this->autoCommit) { ! OCIExecute($this->Parse, OCI_COMMIT_ON_SUCCESS); } else { ! OCIExecute($this->Parse, OCI_DEFAULT); } if ($this->autoCount) { *************** *** 108,112 **** /* On $this->num_rows I'm storing the returned rows of the query. */ $this->num_rows = OCIFetchStatement($this->Parse, $aux); - $this->Parse = OCIParse($this->Link_ID, $Query_String); OCIExecute($this->Parse, OCI_DEFAULT); } --- 125,128 ---- *************** *** 121,125 **** } ! if ($this->Error["code"] != 1403 && $this->Error["code"] != 0 && $this->sqoe) { echo "<BR><FONT color=red><B>".$this->Error["message"]."<BR>Query :\"$Query_String\"</B></FONT>"; } --- 137,141 ---- } ! if ((1403 != $this->Error["code"]) and (0 != $this->Error["code"]) and $this->sqoe) { echo "<BR><FONT color=red><B>".$this->Error["message"]."<BR>Query :\"$Query_String\"</B></FONT>"; } *************** *** 155,159 **** @OCIFetchInto($temp_q_id, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS); if ($temp_result) { ! return $temp_result['CURRVAL']; } else { --- 171,175 ---- @OCIFetchInto($temp_q_id, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS); if ($temp_result) { ! return $temp_result["CURRVAL"]; } else { *************** *** 172,176 **** function next_record() { /* IF clause added to prevent a error when tried to read an empty "$this->Parse". */ ! if ($this->num_rows() == $this->Row) { return 0; } --- 188,192 ---- function next_record() { /* IF clause added to prevent a error when tried to read an empty "$this->Parse". */ ! if ($this->autoCount and ($this->num_rows() == $this->Row)) { return 0; } *************** *** 183,187 **** $errno = OCIError($this->Parse); if (1403 == $errno) { # 1043 means no more records found ! $this->Error = ""; $this->disconnect(); $stat = 0; --- 199,203 ---- $errno = OCIError($this->Parse); if (1403 == $errno) { # 1043 means no more records found ! $this->Error = false; $this->disconnect(); $stat = 0; *************** *** 196,206 **** } } else { $totalReg = OCINumcols($this->Parse); for ($ix = 1; $ix <= $totalReg; $ix++) { $col = strtoupper(OCIColumnname($this->Parse, $ix)); $colreturn = strtolower($col); ! $this->Record[ "$colreturn" ] = $result["$col"]; if ($this->Debug) { ! echo "<b>[$col]</b>:".$result["$col"]."<br>\n"; } } --- 212,224 ---- } } else { + $this->Record = array(); $totalReg = OCINumcols($this->Parse); for ($ix = 1; $ix <= $totalReg; $ix++) { $col = strtoupper(OCIColumnname($this->Parse, $ix)); $colreturn = strtolower($col); ! $this->Record[$colreturn] = ! (is_object($result[$col])) ? $result[$col]->load() : $result[$col]; if ($this->Debug) { ! echo "<b>[$col]</b>:".$result[$col]."<br>\n"; } } *************** *** 270,288 **** $i = 0; while ($this->next_record()) { ! $res[$i]["table"] = $this->Record[table_name]; ! $res[$i]["name"] = strtolower($this->Record[column_name]); ! $res[$i]["type"] = $this->Record[data_type]; ! $res[$i]["len"] = $this->Record[data_length]; ! if ($this->Record[index_name]) { $res[$i]["flags"] = "INDEX "; } ! $res[$i]["flags"] .= ( $this->Record[nullable] == 'N') ? '' : 'NOT NULL'; ! $res[$i]["format"]= (int)$this->Record[data_precision].",". ! (int)$this->Record[data_scale]; if ("0,0" == $res[$i]["format"]) { $res[$i]["format"] = ''; } ! $res[$i]["index"] = $this->Record[index_name]; ! $res[$i]["chars"] = $this->Record[char_col_decl_length]; if ($full) { $j = $res[$i]["name"]; --- 288,306 ---- $i = 0; while ($this->next_record()) { ! $res[$i]["table"] = $this->Record["table_name"]; ! $res[$i]["name"] = strtolower($this->Record["column_name"]); ! $res[$i]["type"] = $this->Record["data_type"]; ! $res[$i]["len"] = $this->Record["data_length"]; ! if ($this->Record["index_name"]) { $res[$i]["flags"] = "INDEX "; } ! $res[$i]["flags"] .= ( $this->Record["nullable"] == 'N') ? '' : 'NOT NULL'; ! $res[$i]["format"]= (int)$this->Record["data_precision"].",". ! (int)$this->Record["data_scale"]; if ("0,0" == $res[$i]["format"]) { $res[$i]["format"] = ''; } ! $res[$i]["index"] = $this->Record["index_name"]; ! $res[$i]["chars"] = $this->Record["char_col_decl_length"]; if ($full) { $j = $res[$i]["name"]; *************** *** 304,308 **** function affected_rows() { ! return $this->num_rows(); } --- 322,326 ---- function affected_rows() { ! return OCIRowCount($this->Parse); } *************** *** 324,332 **** function f($Name) { ! if (is_object($this->Record[$Name])) { ! return $this->Record[$Name]->load(); ! } else { ! return $this->Record[$Name]; ! } } --- 342,346 ---- function f($Name) { ! return $this->Record[$Name]; } *************** *** 342,346 **** if (!@OCIExecute($Query_ID)) { $this->Error = @OCIError($Query_ID); ! if ($this->Error["code"] == 2289) { $Query_ID = OCIParse($this->Link_ID, "CREATE SEQUENCE $seqname"); if (!OCIExecute($Query_ID)) { --- 356,360 ---- if (!@OCIExecute($Query_ID)) { $this->Error = @OCIError($Query_ID); ! if (2289 == $this->Error["code"]) { $Query_ID = OCIParse($this->Link_ID, "CREATE SEQUENCE $seqname"); if (!OCIExecute($Query_ID)) { *************** *** 371,382 **** function halt($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>ORACLE Error</b>: %s<br>\n", $this->Error["message"]); ! die("Session halted."); } function haltmsg($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Oracle Error</b>: %s<br>\n", $this->Error); } --- 385,400 ---- function halt($msg) { ! if ($this->Halt_On_Error == "no") ! return; ! ! $this->haltmsg($msg); ! ! if ($this->Halt_On_Error != "report") ! die("Session halted.</body></html>"); } function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Oracle Error</b>: %s</p>\n", $this->Error["message"]); } *************** *** 421,423 **** --- 439,453 ---- } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_OCI8 + { + function DB_Sql($query = "") + { + $this->DB_OCI8($query); + } + } + } + unset($_php_major_version); ?> Index: db_odbc.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_odbc.inc,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** db_odbc.inc 11 Jul 2002 23:47:21 -0000 1.5 --- db_odbc.inc 23 Jul 2004 20:36:29 -0000 1.6 *************** *** 9,13 **** */ ! class DB_Sql { /* public: connection parameters */ --- 9,13 ---- */ ! class DB_ODBC { /* public: connection parameters */ *************** *** 21,25 **** var $PConnect = 0; ## Set to 1 to use persistent database connections var $Debug = 0; ## Set to 1 for debugging messages ! var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) var $Seq_Table = "db_sequence"; ## Name of the sequence table var $Seq_ID_Col = "p_nextid"; ## Name of the Sequence ID column in $Seq_Table --- 21,25 ---- var $PConnect = 0; ## Set to 1 to use persistent database connections var $Debug = 0; ## Set to 1 for debugging messages ! var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) var $Seq_Table = "db_sequence"; ## Name of the sequence table var $Seq_ID_Col = "p_nextid"; ## Name of the Sequence ID column in $Seq_Table *************** *** 51,56 **** /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 51,58 ---- /* public: constructor */ ! function DB_ODBC($query = "") { ! if($query) { $this->query($query); + } } *************** *** 84,88 **** } if (!$this->Link_ID) { ! $this->halt("connect($this->Database, $this->User, \$Password, $this->UseODBCCursor) failed."); } } --- 86,90 ---- } if (!$this->Link_ID) { ! $this->connect_failed(); } } *************** *** 91,94 **** --- 93,101 ---- } + function connect_failed() { + $this->Halt_On_Error = "yes"; + $this->halt("connect ($this->User, \$Password, $this->Database, $this->UseODBCCursor) failed"); + } + /* public: discard the query result */ function free() { *************** *** 576,581 **** function haltmsg($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>ODBC Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); --- 583,588 ---- function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>ODBC Error</b>: %s (%s)</p>\n", $this->Errno, $this->Error); *************** *** 583,585 **** --- 590,604 ---- } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_ODBC + { + function DB_Sql($query = "") + { + $this->DB_ODBC($query); + } + } + } + unset($_php_major_version); ?> Index: db_oracle.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_oracle.inc,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** db_oracle.inc 12 Jul 2000 18:22:34 -0000 1.3 --- db_oracle.inc 23 Jul 2004 20:36:29 -0000 1.4 *************** *** 9,13 **** */ ! class DB_Sql { var $Debug = false; var $Home = "/u01/app/oracle/product/8.0.4"; --- 9,13 ---- */ ! class DB_Oracle { var $Debug = false; var $Home = "/u01/app/oracle/product/8.0.4"; *************** *** 31,34 **** --- 31,35 ---- var $Error = ""; var $ora_no_next_fetch=false; + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) *************** *** 38,46 **** var $revision = "1.2"; - var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) - /* public: constructor */ ! function DB_Sql($query = "") { ! $this->query($query); } --- 39,47 ---- var $revision = "1.2"; /* public: constructor */ ! function DB_Oracle($query = "") { ! if($query) { ! $this->query($query); ! } } *************** *** 86,91 **** } if (!$this->Link_ID) { ! $this->halt("connect() Link-ID == false " . ! "($this->Link_ID), ora_plogon failed"); } else { //echo "commit on<p>"; --- 87,91 ---- } if (!$this->Link_ID) { ! $this->connect_failed(); } else { //echo "commit on<p>"; *************** *** 98,101 **** --- 98,106 ---- } + function connect_failed() { + $this->Halt_On_Error = "yes"; + $this->halt("connect ($this->User, \$Password, $this->Database) failed"); + } + ## In order to increase the # of cursors per system/user go edit the ## init.ora file and increase the max_open_cursors parameter. Yours is on *************** *** 400,415 **** /* private: error handling */ function halt($msg) { ! if ($this->Halt_On_Error == "no") return; $this->haltmsg($msg); ! if ($this->Halt_On_Error != "report") die("Session halted."); } function haltmsg($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Oracle Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); --- 405,420 ---- /* private: error handling */ function halt($msg) { ! if ("no" == $this->Halt_On_Error) return; $this->haltmsg($msg); ! if ("report" != $this->Halt_On_Error) die("Session halted."); } function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Oracle Error</b>: %s (%s)</p>\n", $this->Errno, $this->Error); *************** *** 431,433 **** --- 436,450 ---- } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_Oracle + { + function DB_Sql($query = "") + { + $this->DB_Oracle($query); + } + } + } + unset($_php_major_version); ?> Index: db_pgsql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_pgsql.inc,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** db_pgsql.inc 26 Aug 2002 08:27:43 -0000 1.9 --- db_pgsql.inc 23 Jul 2004 20:36:29 -0000 1.10 *************** *** 10,14 **** */ ! class DB_Sql { var $Host = ""; var $Database = ""; --- 10,14 ---- */ ! class DB_Pgsql { var $Host = ""; var $Database = ""; *************** *** 27,30 **** --- 27,31 ---- var $Error = ""; var $Debug = 0; + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) var $Auto_Free = 0; # Set this to 1 for automatic pg_freeresult on *************** *** 37,42 **** /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 38,45 ---- /* public: constructor */ ! function DB_Pgsql($query = "") { ! if($query) { $this->query($query); + } } *************** *** 54,62 **** } if (!$this->Link_ID) { ! $this->halt("connect() failed."); } } } function query($Query_String) { /* No empty queries, please, since PHP4 chokes on them. */ --- 57,70 ---- } if (!$this->Link_ID) { ! $this->connect_failed(); } } } + function connect_failed() { + $this->Halt_On_Error = "yes"; + $this->halt("connect ($this->Host" . (($this-Port) ? ":$this->Port" : "") . ", $this->User, \$Password, $this->Database) failed"); + } + function query($Query_String) { /* No empty queries, please, since PHP4 chokes on them. */ *************** *** 220,228 **** function halt($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>PostgreSQL Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); - die("Session halted."); } --- 228,245 ---- function halt($msg) { ! if ("no" == $this->Halt_On_Error) ! return; ! ! $this->haltmsg($msg); ! ! if ("report" != $this->Halt_On_Error) ! die("Session halted."); ! } ! ! function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>PostgreSQL Error</b>: %s (%s)</p>\n", $this->Errno, $this->Error); } *************** *** 240,242 **** --- 257,271 ---- } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_Pgsql + { + function DB_Sql($query = "") + { + $this->DB_Pgsql($query); + } + } + } + unset($_php_major_version); ?> Index: db_sybase.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_sybase.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** db_sybase.inc 14 Mar 2002 20:41:07 -0000 1.4 --- db_sybase.inc 23 Jul 2004 20:36:29 -0000 1.5 *************** *** 14,18 **** */ ! class DB_Sql { var $Host = ""; var $Database = ""; --- 14,18 ---- */ ! class DB_Sybase { var $Host = ""; var $Database = ""; *************** *** 25,34 **** var $Row; var $Auto_Free = 0; ## Set this to 1 for automatic sybase_free_result() var $PConnect = 0; ## Set to 1 to use persistent database connections /* public: constructor */ ! function DB_Sql($query = "") { $this->query($query); } --- 25,38 ---- var $Row; + var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore error, but spit a warning) + var $Auto_Free = 0; ## Set this to 1 for automatic sybase_free_result() var $PConnect = 0; ## Set to 1 to use persistent database connections /* public: constructor */ ! function DB_Sybase($query = "") { ! if($query) { $this->query($query); + } } *************** *** 41,52 **** } if (!$this->Link_ID) { ! $this->halt("connect($this->Host, $this->User, \$Password) failed."); } if(!sybase_select_db($this->Database, $this->Link_ID)) { ! $this->halt("cannot use database ".$this->Database); } } } function query($Query_String) { --- 45,61 ---- } if (!$this->Link_ID) { ! $this->connect_failed("connect ($this->Host, $this->User, \$Password) failed"); } if(!sybase_select_db($this->Database, $this->Link_ID)) { ! $this->connect_failed("cannot use database ".$this->Database); } } } + function connect_failed($message) { + $this->Halt_On_Error = "yes"; + $this->halt($message); + } + function query($Query_String) { *************** *** 146,153 **** function halt($msg) { ! printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Sybase Error</b><br>\n"); ! die("Session halted."); } } ?> --- 155,183 ---- function halt($msg) { ! if ("no" == $this->Halt_On_Error) ! return; ! ! $this->haltmsg($msg); ! ! if ("report" != $this->Halt_On_Error) ! die("Session halted."); ! } ! ! function haltmsg($msg) { ! printf("<p><b>Database error:</b> %s<br>\n", $msg); ! printf("<b>Sybase Error</b></p>\n", $this->Error); } } + $_php_major_version = substr(phpversion(), 0, 1); + if((4 > $_php_major_version) or !class_exists("DB_Sql")) + { + class DB_Sql extends DB_Sybase + { + function DB_Sql($query = "") + { + $this->DB_Sybase($query); + } + } + } + unset($_php_major_version); ?> Index: template.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/template.inc,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** template.inc 21 Apr 2004 10:51:09 -0000 1.14 --- template.inc 23 Jul 2004 20:36:29 -0000 1.15 *************** *** 100,103 **** --- 100,115 ---- /** + * Determines the regular expression used to find unknown variable tags. + * "loose" = traditional match all curly braces with no whitespace between + * "strict" = adopts PHP's variable naming rules + * ("loose" has a nasty habit of deleting JavaScript RegEx components) + * (should future major version releases of PHPLib default this "strict"?) + * + * @var string + * @access public + */ + var $unknown_regexp = "loose"; + + /** * The base directory from which template files are loaded. * *************** *** 209,212 **** --- 221,227 ---- */ function set_root($root) { + if(ereg('/$', $root)) { + $root = substr($root, 0, -1); + } if ($this->debug & 4) { echo "<p><b>set_root:</b> root = $root</p>\n"; *************** *** 738,742 **** } ! preg_match_all("/{([^ \t\r\n}]+)}/", $this->get_var($varname), $m); $m = $m[1]; if (!is_array($m)) { --- 753,760 ---- } ! preg_match_all( ! (("loose" == $this->unknown_regexp) ? "/{([^ \t\r\n}]+)}/" : "/{([_a-zA-Z]\\w+)}/"), ! $this->get_var($varname), ! $m); $m = $m[1]; if (!is_array($m)) { *************** *** 781,789 **** case "remove": ! $str = preg_replace('/{[^ \t\r\n}]+}/', "", $str); break; case "comment": ! $str = preg_replace('/{([^ \t\r\n}]+)}/', "<!-- Template variable \\1 undefined -->", $str); break; } --- 799,813 ---- case "remove": ! $str = preg_replace( ! (("loose" == $this->unknown_regexp) ? "/{([^ \t\r\n}]+)}/" : "/{([_a-zA-Z]\\w+)}/"), ! "", ! $str); break; case "comment": ! $str = preg_replace( ! (("loose" == $this->unknown_regexp) ? "/{([^ \t\r\n}]+)}/" : "/{([_a-zA-Z]\\w+)}/"), ! "<!-- Template variable \\1 undefined -->", ! $str); break; } |
|
From: Layne W. <lay...@us...> - 2004-07-23 20:36:38
|
Update of /cvsroot/phplib/php-lib-stable In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18134 Modified Files: CHANGES Log Message: db classes - cleaned up and allowed a bit more flexibility template.inc - allow alternate variable name regex matching Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.30 retrieving revision 1.31 diff -C2 -d -r1.30 -r1.31 *** CHANGES 31 Dec 2003 17:18:51 -0000 1.30 --- CHANGES 23 Jul 2004 20:36:29 -0000 1.31 *************** *** 1,4 **** --- 1,33 ---- $Id$ + 23-Jul-2004 layne_weathers + - all db classes + - don't call query() from constructor with an empty $query string + - implement Halt_On_Error setting from MySQL class + - output errors wrapped in <p> - previous table-closing behavior assumed + too much + - use function connect_failed() for printing connection failure notice + allows for customizable connection error handling in extension classes + (e.g. display a page that matches the site design). The default + connection error messages have been standardized across all db classes. + - primary class names are derived from database name allowing multiple + database classes in one script. If no DB_Sql class exists (or if using + PHP 3 which cannot find classes), a DB_Sql extension class is created + for backwords compatibility. + - db_oci8.inc + - allow forcing of shared database connections within scripts + (reuse Link_ID) - default off + - remove constants (OCI_COMMIT_ON_SUCCESS, OCI_DEFAULT) from quotes + - quote strings used as indexes + - start Record with empty array on each next_record(), previous behaviour + allowed Record with values from multiple queries + - load object columns on next_record instead of waiting for f() + - template.inc + - allow for loose or strict template variable regex. Loose is the default, + matching any set of curly braces with no whitespace between (this will + also match portions of certain JavaScript regular expressions). Strict + follows the PHP variable naming rules (may not start with a numeral and + may only contain numerals, letters, and underscores). + 31-Dec-2003 layne_weathers - template.inc - enabled output of filename comments as proposed on users list. |
|
From: Layne W. <lay...@us...> - 2003-12-31 17:19:01
|
Update of /cvsroot/phplib/php-lib-stable
In directory sc8-pr-cvs1:/tmp/cvs-serv27591
Modified Files:
CHANGES
Log Message:
template.inc - enabled output of filename comments as proposed on users list
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** CHANGES 27 Oct 2003 20:41:29 -0000 1.29
--- CHANGES 31 Dec 2003 17:18:51 -0000 1.30
***************
*** 1,4 ****
--- 1,7 ----
$Id$
+ 31-Dec-2003 layne_weathers
+ - template.inc - enabled output of filename comments as proposed on users list.
+
27-Oct-2003 layne_weathers
- session.inc
|
|
From: Layne W. <lay...@us...> - 2003-12-31 17:19:01
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory sc8-pr-cvs1:/tmp/cvs-serv27591/php
Modified Files:
template.inc
Log Message:
template.inc - enabled output of filename comments as proposed on users list
Index: template.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/template.inc,v
retrieving revision 1.12
retrieving revision 1.13
diff -C2 -d -r1.12 -r1.13
*** template.inc 11 Jul 2002 22:29:51 -0000 1.12
--- template.inc 31 Dec 2003 17:18:57 -0000 1.13
***************
*** 37,40 ****
--- 37,41 ----
* Changes in functionality which go beyond bug fixes:
*
+ * added ability for filename comments to be output (from phplib-users layne)
* changed debug handling so set, get and internals can be tracked separately (rha)
* added debug statements throughout to track most function calls (rha)
***************
*** 86,89 ****
--- 87,100 ----
/**
+ * Determines whether Template outputs filename comments.
+ * false = no filename outputs
+ * true = HTML comments (e.g. <!-- START FILE $filename -->) placed in output
+ *
+ * @var int
+ * @access public
+ */
+ var $filename_comments = false;
+
+ /**
* The base directory from which template files are loaded.
*
***************
*** 908,911 ****
--- 919,925 ----
}
+ if ($this->filename_comments) {
+ $str = "<!-- START FILE $filename -->\n$str<!-- END FILE $filename -->\n";
+ }
if ($this->debug & 4) {
printf("<b>loadfile:</b> loaded $filename into $varname<br>\n");
|
|
From: Joe S. <joe...@us...> - 2003-01-14 18:57:17
|
Update of /cvsroot/phplib/php-lib-stable
In directory sc8-pr-cvs1:/tmp/cvs-serv11374/php-lib-stable
Modified Files:
CHANGES
Log Message:
Released phplib 7.4-pre2
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.26
retrieving revision 1.27
diff -C2 -d -r1.26 -r1.27
*** CHANGES 14 Jan 2003 18:42:55 -0000 1.26
--- CHANGES 14 Jan 2003 18:57:05 -0000 1.27
***************
*** 1,5 ****
$Id$
! 08-Nov-2002 joestewart
- Released: phplib 7.4-pre2.
--- 1,5 ----
$Id$
! 14-Jan-2003 joestewart
- Released: phplib 7.4-pre2.
|
|
From: Joe S. <joe...@us...> - 2003-01-14 18:43:15
|
Update of /cvsroot/phplib/php-lib-stable
In directory sc8-pr-cvs1:/tmp/cvs-serv5230/php-lib-stable
Modified Files:
CHANGES VERSION
Log Message:
Released phplib 7.4-pre2
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.25
retrieving revision 1.26
diff -C2 -d -r1.25 -r1.26
*** CHANGES 8 Nov 2002 18:32:57 -0000 1.25
--- CHANGES 14 Jan 2003 18:42:55 -0000 1.26
***************
*** 2,5 ****
--- 2,8 ----
08-Nov-2002 joestewart
+ - Released: phplib 7.4-pre2.
+
+ 08-Nov-2002 joestewart
- session4.inc - changed foreach to while in freeze() for compatibility with
some php versions. changed source of return value in self_url for wider
Index: VERSION
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/VERSION,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** VERSION 5 Jan 2002 15:47:37 -0000 1.3
--- VERSION 14 Jan 2003 18:43:02 -0000 1.4
***************
*** 1 ****
! 7.4-pre1
--- 1 ----
! 7.4-pre2
|
|
From: Maxim D. <md...@us...> - 2002-11-27 08:02:32
|
Update of /cvsroot/phplib/php-lib/php/session
In directory sc8-pr-cvs1:/tmp/cvs-serv2408
Modified Files:
session4.inc
Log Message:
$_SERVER -> $HTTP_SERVER_VARS
Index: session4.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib/php/session/session4.inc,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** session4.inc 26 Nov 2002 17:39:57 -0000 1.15
--- session4.inc 27 Nov 2002 08:02:29 -0000 1.16
***************
*** 140,143 ****
--- 140,148 ----
var $allowcache = 'nocache';
+ /**
+ * @var boolean
+ * @access private
+ */
+ var $register_globals;
/**
***************
*** 226,236 ****
cause it will disappear with the next request
*/
! if(strpos($_SERVER['PHP_SELF'], $mysid)) {
// cut session info from PHP_SELF
! $new_qs = 'http://'.$_SERVER['SERVER_NAME']
! . str_replace($mysid, '', $_SERVER['PHP_SELF'])
! .(($_SERVER['QUERY_STRING'])
// and QUERY_STRING, for sure
! ? '?'.str_replace($mysid, '', $_SERVER['QUERY_STRING'])
: '');
--- 231,241 ----
cause it will disappear with the next request
*/
! if(strpos($HTTP_SERVER_VARS['PHP_SELF'], $mysid)) {
// cut session info from PHP_SELF
! $new_qs = 'http://'.$HTTP_SERVER_VARS['SERVER_NAME']
! . str_replace($mysid, '', $HTTP_SERVER_VARS['PHP_SELF'])
! .(($HTTP_SERVER_VARS['QUERY_STRING'])
// and QUERY_STRING, for sure
! ? '?'.str_replace($mysid, '', $HTTP_SERVER_VARS['QUERY_STRING'])
: '');
|
|
From: Maxim D. <md...@us...> - 2002-11-26 17:40:01
|
Update of /cvsroot/phplib/php-lib/php/session
In directory sc8-pr-cvs1:/tmp/cvs-serv32331
Modified Files:
session4.inc
Log Message:
1. Merged with -stable
2. some performance tweaks
3. added session forgery check - see in start() (needs testing)
Index: session4.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib/php/session/session4.inc,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** session4.inc 29 Aug 2001 07:26:44 -0000 1.14
--- session4.inc 26 Nov 2002 17:39:57 -0000 1.15
***************
*** 95,103 ****
/**
*
* @var string
* @deprec $Id$
*/
! var $fallback_mode;
--- 95,120 ----
/**
+ * Propagation mode is by default set to cookie
+ * The other parameter, fallback_mode, decides wether
+ * we accept ONLY cookies, or cookies and eventually get params
+ * in php4 parlance, these variables cause a setting of either
+ * the php.ini directive session.use_cookie or session.use_only_cookie
+ * The session.use_only_cookie possibility was introdiced in PHP 4.2.2, and
+ * has no effect on previous versions
*
* @var string
* @deprec $Id$
*/
! var $mode = "cookie"; ## We propagate session IDs with cookies
!
! /**
! * If fallback_mode is set to 'cookie', php4 will impose a cookie-only
! * propagation policy, which is a safer propagation method that get mode
! *
! * @var string
! * @deprec $Id$
! */
! var $fallback_mode; ## if fallback_mode is also 'ccokie'
! ## we enforce session.use_only_cookie
***************
*** 123,126 ****
--- 140,162 ----
var $allowcache = 'nocache';
+
+ /**
+ * Do we need session forgery check?
+ * This check prevents from exploiting SID-in-request vulnerability.
+ * We check the user's last IP, and start a new session if the user
+ * has no cookie with the SID, and the IP has changed during the session.
+ * We also start a new session with the new id, if the session does not exists yet.
+ * We don't check cookie-enabled clients.
+ * @var boolean
+ */
+ var $forgery_check_enabled = true;
+
+ /**
+ * the name of the variable to hold the IP of the session
+ * @see $forgery_check_enabled
+ * @var string
+ */
+ var $session_ip = '__session_ip';
+
/**
***************
*** 133,136 ****
--- 169,175 ----
function Session() {
$this->name($this->name);
+
+ // find out the register_globals setting
+ $this->register_globals = (bool) ini_get('register_globals');
} // end constructor
***************
*** 143,146 ****
--- 182,190 ----
*/
function start() {
+
+ if ( $this->mode=="cookie"
+ && $this->fallback_mode=="cookie") {
+ ini_set ("session.use_only_cookies","1");
+ }
$this->set_tokenname();
***************
*** 149,153 ****
$ok = session_start();
$this->id = session_id();
!
return $ok;
} // end func start
--- 193,268 ----
$ok = session_start();
$this->id = session_id();
!
! if($this->forgery_check_enabled && $this->session_ip) {
! $sess_forged = false;
! $mysid = $this->name.'='.$this->id;
!
! // use old-style request vars. Maybe should be new-style $_* vars already?
! global $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_POST_VARS, $HTTP_SESSION_VARS;
!
! // check cookies first.
! if(!isset($HTTP_COOKIE_VARS[$this->name])
! && (strpos($HTTP_SERVER_VARS['REQUEST_URI'],$mysid) || $HTTP_POST_VARS[$this->name]))
! {
! if(isset($HTTP_SESSION_VARS[$this->session_ip])
! && $HTTP_SESSION_VARS[$this->session_ip] <> $HTTP_SERVER_VARS['REMOTE_ADDR'])
! {
! // we have no session cookie, a SID in the request,
! // the session exists, but the saved IP is
! $sess_forged = true;
! session_write_close();
!
! } elseif (!isset($HTTP_SESSION_VARS[$this->session_ip]))
! {
! // session does not exist.
! $sess_forged = true;
! session_destroy();
! }
! }
! if ($sess_forged) {
! /* we redirect only if SID in the path part of the URL,
! to make sure they'll never hit again.
! We don't redirect when SID is in QUERY_STRING only,
! cause it will disappear with the next request
! */
! if(strpos($_SERVER['PHP_SELF'], $mysid)) {
! // cut session info from PHP_SELF
! $new_qs = 'http://'.$_SERVER['SERVER_NAME']
! . str_replace($mysid, '', $_SERVER['PHP_SELF'])
! .(($_SERVER['QUERY_STRING'])
! // and QUERY_STRING, for sure
! ? '?'.str_replace($mysid, '', $_SERVER['QUERY_STRING'])
! : '');
!
! // clear new cookie, if set
! $cprm = session_get_cookie_params();
! setcookie($sname, '', time() - 3600, $cprm['path'], $cprm['domain'], $cprm['secure']);
! header('Location: '.$new_qs);
! exit();
! }
!
! // maybe should seed better?
! $this->id(md5(uniqid(rand())));
! $ok = session_start();
! }
! }
!
! // If register_globals is off -> restore session variables to global scope
! if(!$this->register_globals) {
! if(is_array($_SESSION)) {
! foreach ($_SESSION as $key => $value) {
! $GLOBALS[$key] = $value;
! }
! }
! }
!
! if($this->forgery_check_enabled && $this->session_ip) {
! // save current IP
! $GLOBALS[$this->session_ip] = $HTTP_SERVER_VARS['REMOTE_ADDR'];
! if(!$this->is_registered($this->session_ip)) {
! $this->register($this->session_ip);
! }
! }
!
return $ok;
} // end func start
***************
*** 222,238 ****
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
- * @return boolean false if registration failed, true on success.
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
-
// spaces spoil everything
$var_names = trim($var_names);
! return session_register( preg_split('/\s*,\s*/', $var_names) );
!
}
! return session_register($var_names);
} // end func register
--- 337,360 ----
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
// spaces spoil everything
$var_names = trim($var_names);
! $var_names=explode(",", $var_names);
}
! // If register_globals is off -> store session variables values
! if(!$this->register_globals) {
! foreach ($var_names as $key => $value ) {
! if (!isset($_SESSION[$value])){
! $_SESSION[$value]= $GLOBALS[$value];
! }
! }
! }
! else {
! return session_register($var_names);
! }
} // end func register
***************
*** 245,252 ****
*/
function is_registered ($var_name) {
! $var_name = trim($var_name); // to be sure
! return session_is_registered($var_name);
} // end func is_registered
/**
--- 367,379 ----
*/
function is_registered ($var_name) {
! $var_name = trim($var_name); // to be sure
! if(!$this->register_globals) {
! return isset($_SESSION[$var_name]);
! } else {
! return session_is_registered($var_name);
! }
} // end func is_registered
+
/**
***************
*** 255,266 ****
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
- * @return boolean false if any error, true on success.
* @access public
*/
function unregister ($var_names) {
$ok = true;
foreach (explode (',', $var_names) as $var_name) {
! $ok = $ok && session_unregister ( trim($var_name) );
}
--- 382,399 ----
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @access public
*/
+
function unregister ($var_names) {
$ok = true;
+
foreach (explode (',', $var_names) as $var_name) {
! $var_name=trim($var_name);
! if(!$this->register_globals) {
! unset($_SESSION[$var_name]); ## unset is no more a function in php4
! } else {
! $ok = $ok && session_unregister ($var_name);
! }
}
***************
*** 331,337 ****
// Remove existing session info from url
$url = ereg_replace(
! "([&?])".quotemeta(urlencode($this->name))."=".$this->id."(&|$)",
! "\\1", $url);
!
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
--- 464,468 ----
// Remove existing session info from url
$url = ereg_replace(
! "([&?])".quotemeta(urlencode($this->name))."=(.)*(&|$)","\\1", $url); # we clean any(also bogus) sess in url
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
***************
*** 369,373 ****
*/
function self_url() {
! return $this->url(getenv('REQUEST_URI'));
} // end func self_url
--- 500,509 ----
*/
function self_url() {
! global $HTTP_SERVER_VARS;
!
! return $this->url($HTTP_SERVER_VARS["PHP_SELF"] .
! ((isset($HTTP_SERVER_VARS["QUERY_STRING"]) && ("" != $HTTP_SERVER_VARS["QUERY_STRING"]))
! ? "?" . $HTTP_SERVER_VARS["QUERY_STRING"] : ""));
! # return $this->url(getenv('REQUEST_URI'));
} // end func self_url
***************
*** 478,481 ****
--- 614,637 ----
return session_decode($data_string);
} // end func deserialize
+
+ /**
+ * freezes all registered things ( scalar variables, arrays, objects )
+ * by saving all registered things to $_SESSION.
+ *
+ * @access public
+ *
+ *
+ */
+ function freeze() {
+ // If register_globals is off -> store session variables values
+ if(!$this->register_globals) {
+ reset($_SESSION);
+
+ while(list($key,) = each($_SESSION)) {
+ // foreach ($_SESSION as $key => $value) {
+ $_SESSION[$key] = $GLOBALS[$key];
+ }
+ }
+ }
/**
|
|
From: Joe S. <joe...@us...> - 2002-11-08 18:33:00
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv28273/php-lib-stable/php
Modified Files:
session4.inc
Log Message:
php backwards compatibility in session4 freeze() and self_url()
Index: session4.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/session4.inc,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** session4.inc 1 Oct 2002 16:22:03 -0000 1.2
--- session4.inc 8 Nov 2002 18:32:58 -0000 1.3
***************
*** 382,388 ****
// Remove existing session info from url
$url = ereg_replace(
! "([&?])".quotemeta(urlencode($this->name))."=".$this->id."(&|$)",
! "\\1", $url);
!
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
--- 382,386 ----
// Remove existing session info from url
$url = ereg_replace(
! "([&?])".quotemeta(urlencode($this->name))."=(.)*(&|$)","\\1", $url); # we clean any(also bogus) sess in url
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
***************
*** 420,424 ****
*/
function self_url() {
! return $this->url(getenv('REQUEST_URI'));
} // end func self_url
--- 418,427 ----
*/
function self_url() {
! global $HTTP_SERVER_VARS;
!
! return $this->url($HTTP_SERVER_VARS["PHP_SELF"] .
! ((isset($HTTP_SERVER_VARS["QUERY_STRING"]) && ("" != $HTTP_SERVER_VARS["QUERY_STRING"]))
! ? "?" . $HTTP_SERVER_VARS["QUERY_STRING"] : ""));
! # return $this->url(getenv('REQUEST_URI'));
} // end func self_url
***************
*** 541,545 ****
// If register_globals is off -> store session variables values
if(!(bool) ini_get('register_globals')) {
! foreach ($_SESSION as $key => $value) {
global $$key;
eval("\$_SESSION[\$key]= \$$key;");
--- 544,551 ----
// If register_globals is off -> store session variables values
if(!(bool) ini_get('register_globals')) {
! reset($_SESSION);
!
! while(list($key,) = each($_SESSION)) {
! // foreach ($_SESSION as $key => $value) {
global $$key;
eval("\$_SESSION[\$key]= \$$key;");
|
|
From: Joe S. <joe...@us...> - 2002-11-08 18:33:00
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv28273/php-lib-stable Modified Files: CHANGES Log Message: php backwards compatibility in session4 freeze() and self_url() Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.24 retrieving revision 1.25 diff -C2 -d -r1.24 -r1.25 *** CHANGES 4 Oct 2002 14:14:44 -0000 1.24 --- CHANGES 8 Nov 2002 18:32:57 -0000 1.25 *************** *** 1,4 **** --- 1,8 ---- $Id$ + 08-Nov-2002 joestewart + - session4.inc - changed foreach to while in freeze() for compatibility with + some php versions. changed source of return value in self_url for wider + http server compatibility. 04-Oct-2002 joestewart |
|
From: Joe S. <joe...@us...> - 2002-10-04 14:14:52
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv4342/php-lib-stable Modified Files: CHANGES Log Message: auth persistent slots with Session4 Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.23 retrieving revision 1.24 diff -C2 -d -r1.23 -r1.24 *** CHANGES 4 Oct 2002 14:13:26 -0000 1.23 --- CHANGES 4 Oct 2002 14:14:44 -0000 1.24 *************** *** 3,7 **** 04-Oct-2002 joestewart ! - auth4.inc, page4.inc, local4.inc - Giancarlo's changes for auth's persistent slots with Session4. 01-Oct-2002 joestewart --- 3,8 ---- 04-Oct-2002 joestewart ! - auth4.inc, page4.inc, local4.inc, prepend.php - Giancarlo's changes for ! auth's persistent slots with Session4. 01-Oct-2002 joestewart |
|
From: Joe S. <joe...@us...> - 2002-10-04 14:14:52
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv4342/php-lib-stable/php Modified Files: prepend.php Log Message: auth persistent slots with Session4 Index: prepend.php =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/prepend.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** prepend.php 1 Oct 2002 16:22:03 -0000 1.1 --- prepend.php 4 Oct 2002 14:14:46 -0000 1.2 *************** *** 20,24 **** require($_PHPLIB["libdir"] . "session4.inc"); /* Required for everything below.*/ // require($_PHPLIB["libdir"] . "session4_custom.inc"); /* Required for using PHPLIB storage container for sessions. */ ! require($_PHPLIB["libdir"] . "auth.inc"); /* Disable this, if you are not using authentication. */ require($_PHPLIB["libdir"] . "perm.inc"); /* Disable this, if you are not using permission checks. */ require($_PHPLIB["libdir"] . "user4.inc"); /* Disable this, if you are not using per-user variables. */ --- 20,24 ---- require($_PHPLIB["libdir"] . "session4.inc"); /* Required for everything below.*/ // require($_PHPLIB["libdir"] . "session4_custom.inc"); /* Required for using PHPLIB storage container for sessions. */ ! require($_PHPLIB["libdir"] . "auth4.inc"); /* Disable this, if you are not using authentication. */ require($_PHPLIB["libdir"] . "perm.inc"); /* Disable this, if you are not using permission checks. */ require($_PHPLIB["libdir"] . "user4.inc"); /* Disable this, if you are not using per-user variables. */ *************** *** 29,35 **** /* Additional require statements go before this line */ ! require($_PHPLIB["libdir"] . "local.inc"); /* Required, contains your local configuration. */ ! require($_PHPLIB["libdir"] . "page.inc"); /* Required, contains the page management functions. */ ?> --- 29,35 ---- /* Additional require statements go before this line */ ! require($_PHPLIB["libdir"] . "local4.inc"); /* Required, contains your local configuration. */ ! require($_PHPLIB["libdir"] . "page4.inc"); /* Required, contains the page management functions. */ ?> |
|
From: Joe S. <joe...@us...> - 2002-10-04 14:13:30
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv3910/php-lib-stable/php
Added Files:
page4.inc auth4.inc
Log Message:
auth persistent slots with Session4
--- NEW FILE: page4.inc ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
*
* $Id: page4.inc,v 1.1 2002/10/04 14:13:27 joestewart Exp $
*
*/
function page_open($feature) {
global $_PHPLIB;
# enable sess and all dependent features.
if (isset($feature["sess"])) {
global $sess;
$sess = new $feature["sess"];
$sess->start();
# the auth feature depends on sess
if (isset($feature["auth"])) {
global $auth;
if (is_object($auth)) {
$auth= $auth->check_feature($feature["auth"]);
} else {
$auth = new $feature["auth"];
}
$auth->start();
# the perm feature depends on auth and sess
if (isset($feature["perm"])) {
global $perm;
if (!is_object($perm)) {
$perm = new $feature["perm"];
}
}
# the user feature depends on auth and sess
if (isset($feature["user"])) {
global $user;
if (!is_object($user)) {
$user = new $feature["user"];
}
$user->start($auth->auth["uid"]);
}
}
## Load the auto_init-File, if one is specified.
if (($sess->auto_init != "") && !$sess->in) {
$sess->in = 1;
include($_PHPLIB["libdir"] . $sess->auto_init);
if ($sess->secure_auto_init != "") {
$sess->freeze();
}
}
}
}
function page_close() {
global $sess, $user;
if (is_object($sess)) {
$sess->freeze();
if (is_object($user)) {
$user->freeze();
}
}
}
function sess_load($session) {
reset($session);
while (list($k,$v) = each($session)) {
$GLOBALS[$k] = new $v;
$GLOBALS[$k]->start();
}
}
function sess_save($session) {
reset($session);
while (list(,$v) = each($session)) {
$GLOBALS[$v]->freeze();
}
}
?>
--- NEW FILE: auth4.inc ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
* Copyright (c) 1999-2000 Internet Images srl
* Massimiliano Masserelli
*
* $Id: auth4.inc,v 1.1 2002/10/04 14:13:27 joestewart Exp $
*
*/
class Auth {
var $classname = "Auth";
var $persistent_slots = array("auth");
var $lifetime = 15; ## Max allowed idle time before
## reauthentication is necessary.
## If set to 0, auth never expires.
var $refresh = 0; ## Refresh interval in minutes.
## When expires auth data is refreshed
## from db using auth_refreshlogin()
## method. Set to 0 to disable refresh
var $mode = "log"; ## "log" for login only systems,
## "reg" for user self registration
var $magic = ""; ## Used in uniqid() generation
var $nobody = false; ## If true, a default auth is created...
var $cancel_login = "cancel_login"; ## The name of a button that can be
## used to cancel a login form
## End of user qualifiable settings.
var $auth = array(); ## Data array
var $in = false;
var $db;
##
## Initialization
##
function check_feature($f)
{
if ($this->classname != $f) ### needs the new __sleep funct
{
$clone=new $f;
$clone->auth=$this->auth;
return $clone;
}
else
return $this;
}
##
## Initialization
##
function start() {
global $sess, $HTTP_POST_VARS, $HTTP_GET_VARS;
## This is for performance, I guess but I'm not sure if it could
## be safely removed -- negro
if (! $this->in) {
$sess->register("auth");
$this->in = true;
}
## back compatibility: if database_class is set, create db object
if(isset($this->database_class)) {
$this->db = new $this->database_class;
}
# Check current auth state. Should be one of
# 1) Not logged in (no valid auth info or auth expired)
# 2) Logged in (valid auth info)
# 3) Login in progress (if $this->cancel_login, revert to state 1)
if ($this->is_authenticated()) {
$uid = $this->auth["uid"];
switch ($uid) {
case "form":
# Login in progress
if ((isset($HTTP_POST_VARS[$this->cancel_login]) && $HTTP_POST_VARS[$this->cancel_login]) or
(isset($HTTP_GET_VARS[$this->cancel_login]) && $HTTP_GET_VARS[$this->cancel_login])) {
# If $this->cancel_login is set, delete all auth info and set
# state to "Not logged in", so eventually default or automatic
# authentication may take place
$this->unauth();
$state = 1;
} else {
# Set state to "Login in progress"
$state = 3;
}
break;
default:
# User is authenticated and auth not expired
$state = 2;
break;
}
} else {
# User is not (yet) authenticated
$this->unauth();
$state = 1;
}
switch ($state) {
case 1:
# No valid auth info or auth is expired
# Check for user supplied automatic login procedure
if ( $uid = $this->auth_preauth() ) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
}
# Check for "log" vs. "reg" mode
switch ($this->mode) {
case "yes":
case "log":
if ($this->nobody) {
# Authenticate as nobody
$this->auth["uid"] = "nobody";
# $this->auth["uname"] = "nobody";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
return true;
} else {
# Show the login form
$this->auth_loginform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
case "reg":
if ($this->nobody) {
# Authenticate as nobody
$this->auth["uid"] = "nobody";
# $this->auth["uname"] = "nobody";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
return true;
} else {
# Show the registration form
$this->auth_registerform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: no valid mode specified.\n";
$sess->freeze();
exit;
}
break;
case 2:
# Valid auth info
# Refresh expire info
## DEFAUTH handling: do not update exp for nobody.
if ($uid != "nobody")
$this->auth["exp"] = time() + (60 * $this->lifetime);
break;
case 3:
# Login in progress, check results and act accordingly
switch ($this->mode) {
case "yes":
case "log":
if ( $uid = $this->auth_validatelogin() ) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
} else {
$this->auth_loginform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
case "reg":
if ($uid = $this->auth_doregister()) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
} else {
$this->auth_registerform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: no valid mode specified.\n";
$sess->freeze();
exit;
break;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: invalid state reached.\n";
$sess->freeze();
exit;
break;
}
}
function login_if( $t ) {
if ( $t ) {
$this->unauth(); # We have to relogin, so clear current auth info
$this->nobody = false; # We are forcing login, so default auth is
# disabled
$this->start(); # Call authentication code
}
}
function __sleep () {
$this->persistent_slots[]="classname";
return $this->persistent_slots;
}
function unauth($nobody = false) {
$this->auth["uid"] = "";
$this->auth["perm"] = "";
$this->auth["exp"] = 0;
## Back compatibility: passing $nobody to this method is
## deprecated
if ($nobody) {
$this->auth["uid"] = "nobody";
$this->auth["perm"] = "";
$this->auth["exp"] = 0x7fffffff;
}
}
function logout($nobody = "") {
global $sess;
$sess->unregister("auth");
unset($this->auth["uname"]);
$this->unauth($nobody == "" ? $this->nobody : $nobody);
}
function is_authenticated() {
if (
isset($this->auth["uid"])
&&
$this->auth["uid"]
&&
(($this->lifetime <= 0) || (time() < $this->auth["exp"]))
) {
# If more than $this->refresh minutes are passed since last check,
# perform auth data refreshing. Refresh is only done when current
# session is valid (registered, not expired).
if (
($this->refresh > 0)
&&
($this->auth["refresh"])
&&
($this->auth["refresh"] < time())
) {
if ( $this->auth_refreshlogin() ) {
$this->auth["refresh"] = time() + (60 * $this->refresh);
} else {
return false;
}
}
return $this->auth["uid"];
} else {
return false;
}
}
########################################################################
##
## Helper functions
##
function url() {
return $GLOBALS["sess"]->self_url();
}
function purl() {
print $GLOBALS["sess"]->self_url();
}
## This method can authenticate a user before the loginform
## is being displayed. If it does, it must set a valid uid
## (i.e. nobody IS NOT a valid uid) just like auth_validatelogin,
## else it shall return false.
function auth_preauth() { return false; }
##
## Authentication dummies. Must be overridden by user.
##
function auth_loginform() { ; }
function auth_validatelogin() { ; }
function auth_refreshlogin() { ; }
function auth_registerform() { ; }
function auth_doregister() { ; }
}
?>
|
|
From: Joe S. <joe...@us...> - 2002-10-04 14:13:30
|
Update of /cvsroot/phplib/php-lib-stable
In directory usw-pr-cvs1:/tmp/cvs-serv3910/php-lib-stable
Modified Files:
CHANGES
Log Message:
auth persistent slots with Session4
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.22
retrieving revision 1.23
diff -C2 -d -r1.22 -r1.23
*** CHANGES 1 Oct 2002 16:22:02 -0000 1.22
--- CHANGES 4 Oct 2002 14:13:26 -0000 1.23
***************
*** 1,4 ****
--- 1,8 ----
$Id$
+
+ 04-Oct-2002 joestewart
+ - auth4.inc, page4.inc, local4.inc - Giancarlo's changes for auth's persistent slots with Session4.
+
01-Oct-2002 joestewart
- session4.inc, session4_custom.inc - changes required for register_globals off.
|
|
From: Joe S. <joe...@us...> - 2002-10-01 16:22:05
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv22527/php-lib-stable/php
Modified Files:
session4.inc session4_custom.inc
Added Files:
prepend.php local4.inc
Log Message:
moved session4 require files to php directory
--- NEW FILE: prepend.php ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
*
* $Id: prepend.php,v 1.1 2002/10/01 16:22:03 joestewart Exp $
*
*/
$_PHPLIB = array();
# Can't control your include path?
# Point this to your PHPLIB base directory. Use a trailing "/"!
$_PHPLIB["libdir"] = "";
require($_PHPLIB["libdir"] . "db_mysql.inc"); /* Change this to match your database. */
require($_PHPLIB["libdir"] . "ct_sql.inc"); /* Change this to match your data storage container */
require($_PHPLIB["libdir"] . "session4.inc"); /* Required for everything below.*/
// require($_PHPLIB["libdir"] . "session4_custom.inc"); /* Required for using PHPLIB storage container for sessions. */
require($_PHPLIB["libdir"] . "auth.inc"); /* Disable this, if you are not using authentication. */
require($_PHPLIB["libdir"] . "perm.inc"); /* Disable this, if you are not using permission checks. */
require($_PHPLIB["libdir"] . "user4.inc"); /* Disable this, if you are not using per-user variables. */
/* Additional require statements go below this line */
# require($_PHPLIB["libdir"] . "menu.inc"); /* Enable to use Menu */
/* Additional require statements go before this line */
require($_PHPLIB["libdir"] . "local.inc"); /* Required, contains your local configuration. */
require($_PHPLIB["libdir"] . "page.inc"); /* Required, contains the page management functions. */
?>
--- NEW FILE: local4.inc ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
*
* $Id: local4.inc,v 1.1 2002/10/01 16:22:03 joestewart Exp $
*
* All functions in this file are example classes, which can be used
* by your application to get you going. Once you get the hang of it,
* you should backup this file and start over with a clean local.inc
* which contains only your own classes and only the classes you need.
*/
class DB_Example extends DB_Sql {
var $Host = "localhost";
var $Database = "test";
var $User = "kk";
var $Password = "";
}
##
## Session needs to use a storage container (ct).
## Select exactly one of the following and set $that_class
## in Example_Session appropriately.
##
class Example_CT_Sql extends CT_Sql {
var $database_class = "DB_Example"; ## Which database to connect...
var $database_table = "active_sessions"; ## and find our session data in this table.
}
##
## An example of Split_Sql container usage
## You may need it if you expect significant amount of session-registered
## data and there are restrictions on tuple size in your database
## engine (e.g. like in Postgres)
##
## NB: session table name is different only for illustrative purposes,
## so you wouldn't absent-mindedly confuse split session data and non-split
## table structure is the same - if you are sure you won;t be switching
## back and forth between containers, just use active_sessions
#class Example_CT_Split_Sql extends CT_Split_Sql {
# var $database_class = "DB_Example"; ## Which database to connect...
# var $database_table = "active_sessions_split"; ## and find our session data in this table.
# var $split_length = 4096; ## Split rows every 4096 bytes
#}
#class Example_CT_Shm extends CT_Shm {
# var $max_sessions = 500; ## number of maximum sessions
# var $shm_key = 0x123754; ## unique shm identifier
# var $shm_size = 64000; ## size of segment
#}
#class Example_CT_Ldap extends CT_Ldap {
# var $ldap_host = "localhost";
# var $ldap_port = 389;
# var $basedn = "dc=your-domain, dc=com";
# var $rootdn = "cn=root, dc=your-domain, dc=com";
# var $rootpw = "secret";
# var $objclass = "phplibdata";
#}
#class Example_CT_Dbm extends CT_DBM {
# var $dbm_file = "must_exist.dbm";
#}
class Example_Session extends Session {
var $classname = "Example_Session";
var $cookiename = ""; ## defaults to classname
var $magic = "Hocuspocus"; ## ID seed
var $mode = "cookie"; ## We propagate session IDs with cookies
var $fallback_mode = "get";
var $lifetime = 0; ## 0 = do session cookies, else minutes
var $that_class = "Example_CT_Sql"; ## name of data storage container class
var $gc_probability = 5;
var $allowcache = "no"; ## "public", "private", or "no"
}
/*
class Example_Session_Custom extends Session_Custom {
var $classname = "Example_Session";
var $cookiename = ""; ## defaults to classname
var $magic = "Hocuspocus"; ## ID seed
var $mode = "cookie"; ## We propagate session IDs with cook
ies
var $fallback_mode = "get";
var $lifetime = 0; ## 0 = do session cookies, else minut
es
var $that_class = "Example_CT_Sql"; ## name of data storage container class
var $gc_probability = 5;
var $allowcache = "no"; ## "public", "private", or "no"
// var $module = "files"; ## user, files or mm
}
*/
class Example_User extends User {
var $classname = "Example_User";
var $magic = "Abracadabra"; ## ID seed
var $that_class = "Example_CT_Sql"; ## name of data storage container class
}
class Example_Auth extends Auth {
var $classname = "Example_Auth";
var $lifetime = 15;
var $database_class = "DB_Example";
var $database_table = "auth_user";
function auth_loginform() {
global $sess;
global $_PHPLIB;
include($_PHPLIB["libdir"] . "loginform.ihtml");
}
function auth_validatelogin() {
global $HTTP_POST_VARS;
if(isset($HTTP_POST_VARS["username"])) {
$this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml"
}
$uid = false;
$this->db->query(sprintf("select user_id, perms ".
" from %s ".
" where username = '%s' ".
" and password = '%s'",
$this->database_table,
addslashes($HTTP_POST_VARS["username"]),
addslashes($HTTP_POST_VARS["password"])));
while($this->db->next_record()) {
$uid = $this->db->f("user_id");
$this->auth["perm"] = $this->db->f("perms");
}
return $uid;
}
}
class Example_Default_Auth extends Example_Auth {
var $classname = "Example_Default_Auth";
var $nobody = true;
}
# A variation of Example_Auth which uses a Challenge-Response
# Authentication. The password never crosses the net in clear,
# if the remote system supports JavaScript. Please read the
# Documentation section about CR Authentication to understand
# what is going on.
class Example_Challenge_Auth extends Auth {
var $classname = "Example_Challenge_Auth";
var $lifetime = 1;
var $magic = "Simsalabim"; ## Challenge seed
var $database_class = "DB_Example";
var $database_table = "auth_user";
function auth_loginform() {
global $sess;
global $challenge;
global $_PHPLIB;
$challenge = md5(uniqid($this->magic));
$sess->register("challenge");
include($_PHPLIB["libdir"] . "crloginform.ihtml");
}
function auth_validatelogin() {
global $HTTP_POST_VARS, $challenge;
if(isset($HTTP_POST_VARS["username"])) {
$this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml"
}
$this->db->query(sprintf("select user_id, perms, password ".
"from %s where username = '%s'",
$this->database_table,
addslashes($HTTP_POST_VARS["username"])));
if ($this->db->num_rows() == 0) {
return false;
}
while($this->db->next_record()) {
$uid = $this->db->f("user_id");
$perm = $this->db->f("perms");
$pass = $this->db->f("password");
}
$expected_response = md5("$HTTP_POST_VARS[username]:$pass:$challenge");
## True when JS is disabled
if ($HTTP_POST_VARS["response"] == "") {
if ($HTTP_POST_VARS["password"] != $pass) {
return false;
} else {
$this->auth["perm"] = $perm;
return $uid;
}
}
## Response is set, JS is enabled
if ($expected_response != $HTTP_POST_VARS["response"]) {
return false;
} else {
$this->auth["perm"] = $perm;
return $uid;
}
}
}
##
## Another variation of Challenge-Response authentication,
## done slightly differently. This one does not keep cleartext
## passwords in your database table.
##
## Example_Challenge_Crypt_Auth: Keep passwords in md5 hashes rather
## than cleartext in database
## Author: Jim Zajkowski <ji...@ji...>
class Example_Challenge_Crypt_Auth extends Auth {
var $classname = "Example_Challenge_Crypt_Auth";
var $lifetime = 1;
var $magic = "Frobozzica"; ## Challenge seed
var $database_class = "DB_Example";
var $database_table = "auth_user_md5";
function auth_loginform() {
global $sess;
global $challenge;
global $_PHPLIB;
$challenge = md5(uniqid($this->magic));
$sess->register("challenge");
include($_PHPLIB["libdir"] . "crcloginform.ihtml");
}
function auth_validatelogin() {
global $HTTP_POST_VARS, $challenge;
$this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml"
$this->db->query(sprintf("select user_id, perms, password ".
"from %s where username = '%s'",
$this->database_table,
addslashes($HTTP_POST_VARS["username"])));
if ($this->db->num_rows() == 0) {
return false;
}
while($this->db->next_record()) {
$uid = $this->db->f("user_id");
$perm = $this->db->f("perms");
$pass = $this->db->f("password"); ## Password is stored as a md5 hash
}
$expected_response = md5("$HTTP_POST_VARS[username]:$pass:$challenge");
## True when JS is disabled
if ($HTTP_POST_VARS["response"] == "") {
if (md5($HTTP_POST_VARS["password"]) != $pass) { ## md5 hash for non-JavaScript browsers
return false;
} else {
$this->auth["perm"] = $perm;
return $uid;
}
}
## Response is set, JS is enabled
if ($expected_response != $HTTP_POST_VARS["response"]) {
return false;
} else {
$this->auth["perm"] = $perm;
return $uid;
}
}
}
## An example implementation of a Perm subclass, implementing
## a few atomic permissions. You want to read up on Permission
## schemata design in the documentation.
class Example_Perm extends Perm {
var $classname = "Example_Perm";
var $permissions = array(
"user" => 1,
"author" => 2,
"editor" => 4,
"supervisor" => 8,
"admin" => 16
);
function perm_invalid($does_have, $must_have) {
global $perm, $auth, $sess;
global $_PHPLIB;
include($_PHPLIB["libdir"] . "perminvalid.ihtml");
}
}
##
## Example_Menu may extend Menu.
## Remember that in PHP 3 a class's constructor function must have the
## same name as the class. To make it easier to extend this class we
## have a real constructor function called setup(). When you create an
## extension of this class, create your constructor function which only
## needs to call setup().
##
## To use this, you must enable the require statement for
## menu.inc in prepend.php3.
##
## See /pages/menu for an example application of Example_Menu.
##
# class Example_Menu extends Menu {
# var $classname = "Example_Menu";
#
# # Map of PHP_SELF URL strings to menu positions
# var $urlmap = array(
# "/menu/index.php3" => "",
# "/menu/item1.php3" => "/1",
# "/menu/item11.php3" => "/1/1",
# "/menu/item12.php3" => "/1/2",
# "/menu/item13.php3" => "/1/3",
# "/menu/item2.php3" => "/2",
# "/menu/item21.php3" => "/2/1",
# "/menu/item22.php3" => "/2/2",
# "/menu/item221.php3" => "/2/2/1",
# "/menu/item222.php3" => "/2/2/2",
# "/menu/item23.php3" => "/2/3",
# "/menu/item24.php3" => "/2/4"
# );
#
# # Information about each menu item
# var $item = array(
# "" => array("title" => "Main"),
# "/1" => array("title" => "Text 1"),
# "/1/1" => array("title" => "Text 1.1"),
# "/1/2" => array("title" => "Text 1.2"),
# "/1/3" => array("title" => "Text 1.3"),
# "/2" => array("title" => "Text 2"),
# "/2/1" => array("title" => "Text 2.1"),
# "/2/2" => array("title" => "Text 2.2", "pseudo" => true),
# "/2/2/1"=> array("title" => "Text 2.2.1"),
# "/2/2/2"=> array("title" => "Text 2.2.2"),
# "/2/3" => array("title" => "Text 2.3"),
# "/2/4" => array("title" => "Text 2.4")
# );
#
# function Example_Menu() {
# $this->setup();
# }
# }
?>
Index: session4.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/session4.inc,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** session4.inc 1 Oct 2002 16:13:56 -0000 1.1
--- session4.inc 1 Oct 2002 16:22:03 -0000 1.2
***************
*** 95,103 ****
/**
*
* @var string
* @deprec $Id$
*/
! var $fallback_mode;
--- 95,120 ----
/**
+ * Propagation mode is by default set to cookie
+ * The other parameter, fallback_mode, decides wether
+ * we accept ONLY cookies, or cookies and eventually get params
+ * in php4 parlance, these variables cause a setting of either
+ * the php.ini directive session.use_cookie or session.use_only_cookie
+ * The session.use_only_cookie possibility was introdiced in PHP 4.2.2, and
+ * has no effect on previous versions
*
* @var string
* @deprec $Id$
*/
! var $mode = "cookie"; ## We propagate session IDs with cookies
!
! /**
! * If fallback_mode is set to 'cookie', php4 will impose a cookie-only
! * propagation policy, which is a safer propagation method that get mode
! *
! * @var string
! * @deprec $Id$
! */
! var $fallback_mode; ## if fallback_mode is also 'ccokie'
! ## we enforce session.use_only_cookie
***************
*** 143,146 ****
--- 160,168 ----
*/
function start() {
+
+ if ( $this->mode=="cookie"
+ && $this->fallback_mode=="cookie") {
+ ini_set ("session.use_only_cookie","1");
+ }
$this->set_tokenname();
***************
*** 149,153 ****
$ok = session_start();
$this->id = session_id();
!
return $ok;
} // end func start
--- 171,185 ----
$ok = session_start();
$this->id = session_id();
!
! // If register_globals is off -> restore session variables to global scope
! if(!(bool) ini_get('register_globals')) {
! if(is_array($_SESSION)) {
! foreach ($_SESSION as $key => $value) {
! global $$key;
! $$key=$value;
! }
! }
! }
!
return $ok;
} // end func start
***************
*** 222,238 ****
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
- * @return boolean false if registration failed, true on success.
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
-
// spaces spoil everything
$var_names = trim($var_names);
! return session_register( preg_split('/\s*,\s*/', $var_names) );
!
}
! return session_register($var_names);
} // end func register
--- 254,278 ----
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
// spaces spoil everything
$var_names = trim($var_names);
! $var_names=explode(",", $var_names);
}
! // If register_globals is off -> store session variables values
! if(!(bool) ini_get('register_globals')) {
! foreach ($var_names as $key => $value ) {
! global $$value;
! if (!isset($_SESSION[$value])){
! $_SESSION[$value]= $$value;
! }
! }
! }
! else {
! return session_register($var_names);
! }
} // end func register
***************
*** 245,252 ****
*/
function is_registered ($var_name) {
! $var_name = trim($var_name); // to be sure
! return session_is_registered($var_name);
} // end func is_registered
/**
--- 285,297 ----
*/
function is_registered ($var_name) {
! $var_name = trim($var_name); // to be sure
! if(!(bool) ini_get('register_globals')) {
! return isset($_SESSION[$var_name]);
! } else {
! return session_is_registered($var_name);
! }
} // end func is_registered
+
/**
***************
*** 255,266 ****
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
- * @return boolean false if any error, true on success.
* @access public
*/
function unregister ($var_names) {
$ok = true;
foreach (explode (',', $var_names) as $var_name) {
! $ok = $ok && session_unregister ( trim($var_name) );
}
--- 300,317 ----
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @access public
*/
+
function unregister ($var_names) {
$ok = true;
+
foreach (explode (',', $var_names) as $var_name) {
! $var_name=trim($var_name);
! if(!(bool) ini_get('register_globals')) {
! unset($_SESSION[$var_name]); ## unset is no more a function in php4
! } else {
! $ok = $ok && session_unregister ($var_name);
! }
}
***************
*** 478,481 ****
--- 529,550 ----
return session_decode($data_string);
} // end func deserialize
+
+ /**
+ * freezes all registered things ( scalar variables, arrays, objects )
+ * by saving all registered things to $_SESSION.
+ *
+ * @access public
+ *
+ *
+ */
+ function freeze() {
+ // If register_globals is off -> store session variables values
+ if(!(bool) ini_get('register_globals')) {
+ foreach ($_SESSION as $key => $value) {
+ global $$key;
+ eval("\$_SESSION[\$key]= \$$key;");
+ }
+ }
+ }
/**
Index: session4_custom.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/session4_custom.inc,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** session4_custom.inc 1 Oct 2002 16:13:56 -0000 1.1
--- session4_custom.inc 1 Oct 2002 16:22:03 -0000 1.2
***************
*** 1,4 ****
<?php
! require_once($_PHPLIB["libdir"]."session/session4.inc");
/**
* PHPLib Sessions using PHP 4 build-in sessions and PHPLib storage container
--- 1,4 ----
<?php
! // require_once($_PHPLIB["libdir"]."session/session4.inc");
/**
* PHPLib Sessions using PHP 4 build-in sessions and PHPLib storage container
***************
*** 127,130 ****
--- 127,131 ----
}
+ return Session::freeze();
} // end func freeze
|
|
From: Joe S. <joe...@us...> - 2002-10-01 16:22:05
|
Update of /cvsroot/phplib/php-lib-stable
In directory usw-pr-cvs1:/tmp/cvs-serv22527/php-lib-stable
Modified Files:
CHANGES
Log Message:
moved session4 require files to php directory
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -d -r1.21 -r1.22
*** CHANGES 1 Oct 2002 16:13:56 -0000 1.21
--- CHANGES 1 Oct 2002 16:22:02 -0000 1.22
***************
*** 2,5 ****
--- 2,9 ----
01-Oct-2002 joestewart
+ - session4.inc, session4_custom.inc - changes required for register_globals off.
+ - added prepend.php and local4.inc to use php4 sessions.
+
+ 01-Oct-2002 joestewart
- moved session4.inc from php-lib tree.
- moved session4_custom.inc and user4.inc from unsup/ directory.
|
|
From: Joe S. <joe...@us...> - 2002-10-01 16:16:18
|
Update of /cvsroot/phplib/php-lib-stable/unsup In directory usw-pr-cvs1:/tmp/cvs-serv20538/php-lib-stable/unsup Removed Files: session4_custom.inc user4.inc Log Message: moved session4 require files to php directory --- session4_custom.inc DELETED --- --- user4.inc DELETED --- |
|
From: Joe S. <joe...@us...> - 2002-10-01 16:14:00
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv19579/php-lib-stable/php
Added Files:
session4.inc session4_custom.inc user4.inc
Log Message:
moved session4 require files to php directory
--- NEW FILE: session4.inc ---
<?php
/**
* PHPLib Sessions using PHP 4 built-in Session Support.
*
* WARNING: code is untested!
*
* @copyright 1998,1999 NetUSE AG, Boris Erdmann, Kristian Koehntopp
* 2000 Teodor Cimpoesu <te...@di...>
* @author Teodor Cimpoesu <te...@di...>, Ulf Wendel <uw...@ne...>, Maxim Derkachev <ko...@bo...
* @version $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @access public
* @package PHPLib
*/
class Session {
/**
* Session name
*
*/
var $classname = "Session";
/**
* Name of the autoinit-File, if any.
*
* @var string
*/
var $auto_init = "";
/**
* Depreciated! There's no need for page_close in PHP4 sessions.
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @var integer
*/
var $secure_auto_init = 1;
/**
* Don't work. Use something better than this class' property to set the marker.
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* Marker: Did we already include the autoinit file?
*
* @var boolean
*/
var $in = false;
/**
* Current session id.
*
* @var string
* @see id(), Session()
*/
var $id = "";
/**
* [Current] Session name.
*
* @var string
* @see name(), Session()
*/
var $name = "";
/**
*
* @var string
*/
var $cookie_path = '/';
/**
*
* @var strings
*/
var $cookiename;
/**
*
* @var int
*/
var $lifetime = 0;
/**
* If set, the domain for which the session cookie is set.
*
* @var string
*/
var $cookie_domain = '';
/**
*
* @var string
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
*/
var $fallback_mode;
/**
* Was the PHP compiled using --enable-trans-sid?
*
* PHP 4 can automatically rewrite all URLs to append the session ID
* as a get parameter if you enable the feature. If you've done so,
* the old session3.inc method url() is no more needed, but as your
* application might still call it you can disable it by setting this
* flag to false.
*
* @var boolean
*/
var $trans_id_enabled = true;
/**
* See the session_cache_limit() options
*
* @var string
*/
var $allowcache = 'nocache';
/**
* Sets the session name before the session starts.
*
* Make sure that all derived classes call the constructor
*
* @see name()
*/
function Session() {
$this->name($this->name);
} // end constructor
/**
* Start a new session or recovers from an existing session
*
* @return boolean session_start() return value
* @access public
*/
function start() {
$this->set_tokenname();
$this->put_headers();
$ok = session_start();
$this->id = session_id();
return $ok;
} // end func start
/**
* Sets or returns the name of the current session
*
* @param string If given, sets the session name
* @return string session_name() return value
* @access public
*/
function name($name = '') {
if ($name = (string)$name) {
$this->name = $name;
$ok = session_name($name);
} else {
$ok = session_name();
}
return $ok;
} // end func name
/**
* Returns the session id for the current session.
*
* If id is specified, it will replace the current session id.
*
* @param string If given, sets the new session id
* @return string current session id
* @access public
*/
function id($sid = '') {
if (!$sid)
$sid = ("" == $this->cookiename) ? $this->classname : $this->cookiename;
if ($sid = (string)$sid) {
$this->id = $sid;
$ok = session_id($sid);
} else {
$ok = session_id();
}
return $ok;
} // end func id
/**
* @brother id()
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @access public
*/
function get_id($sid = '') {
return $this->id($sid);
} // end func get_id
/**
* Register the variable(s) that should become persistent.
*
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @return boolean false if registration failed, true on success.
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
// spaces spoil everything
$var_names = trim($var_names);
return session_register( preg_split('/\s*,\s*/', $var_names) );
}
return session_register($var_names);
} // end func register
/**
* see if a variable is registered in the current session
*
* @param $var_name a string with the variable name
* @return false if variable not registered true on success.
* @access public
*/
function is_registered ($var_name) {
$var_name = trim($var_name); // to be sure
return session_is_registered($var_name);
} // end func is_registered
/**
* Recall the session registration for named variable(s)
*
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @return boolean false if any error, true on success.
* @access public
*/
function unregister ($var_names) {
$ok = true;
foreach (explode (',', $var_names) as $var_name) {
$ok = $ok && session_unregister ( trim($var_name) );
}
return $ok;
} // end func unregister
/**
* Delete the cookie holding the session id.
*
* RFC: is this really needed? can we prune this function?
* the only reason to keep it is if one wants to also
* unset the cookie when session_destroy()ing,which PHP
* doesn't seem to do (looking @ the session.c:940)
* uw: yes we should keep it to remain the same interface, but deprec.
*
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @access public
* @global $HTTP_COOKIE_VARS
*/
function put_id() {
global $HTTP_COOKIE_VARS;
if (get_cfg_var ('session.use_cookies') == 1) {
$cookie_params = session_get_cookie_params();
setCookie($this->name, '', 0, $cookie_params['path'], $cookie_params['domain']);
$HTTP_COOKIE_VARS[$this->name] = "";
}
} // end func put_id
/**
* Delete the current session destroying all registered data.
*
* Note that it does more but the PHP 4 session_destroy it also
* throws away a cookie is there's one.
*
* @return boolean session_destroy return value
* @access public
*/
function delete() {
$this->put_id();
return session_destroy();
} // end func delete
/**
* Helper function: returns $url concatenated with the current session id
*
* Don't use this function any more. Please use the PHP 4 build in
* URL rewriting feature. This function is here only for compatibility reasons.
*
* @param $url URL to which the session id will be appended
* @return string rewritten url with session id included
* @see $trans_id_enabled
* @global $HTTP_COOKIE_VARS
* @deprec $Id: session4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @access public
*/
function url($url) {
global $HTTP_COOKIE_VARS;
if ($this->trans_id_enabled)
return $url;
// Remove existing session info from url
$url = ereg_replace(
"([&?])".quotemeta(urlencode($this->name))."=".$this->id."(&|$)",
"\\1", $url);
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
if (!$HTTP_COOKIE_VARS[$this->name]) {
$url .= ( strpos($url, "?") != false ? "&" : "?" ) . urlencode($this->name) . "=" . $this->id;
}
// Encode naughty characters in the URL
$url = str_replace(array("<", ">", " ", "\"", "'"),
array("%3C", "%3E", "+", "%22", "%27"), $url);
return $url;
} // end func url
/**
* @brother url()
*/
function purl($url) {
print $this->url($url);
} // end func purl
/**
* Get current request URL.
*
* WARNING: I'm not sure with the $this->url() call. Can someone check it?
* WARNING: Apache variable $REQUEST_URI used -
* this it the best you can get but there's warranty the it's set beside
* the Apache world.
*
* @return string
* @global $REQUEST_URI
* @access public
*/
function self_url() {
return $this->url(getenv('REQUEST_URI'));
} // end func self_url
/**
* Print the current URL
* @return void
*/
function pself_url() {
print $this->self_url();
} // end func pself_url
/**
* Stores session id in a hidden variable (part of a form).
*
* @return string
* @access public
*/
function get_hidden_session() {
if ($this->trans_id_enabled)
return "";
else
return sprintf('<input type="hidden" name="%s" value="%s">',
$this->name,
$this->id
);
} // end fun get_hidden_session
/**
* @brother get_hidden_session
* @return void
*/
function hidden_session() {
print $this->get_hidden_session();
} // end func hidden_session
/**
* @brother get_hidden_session
*/
function get_hidden_id() {
return $this->get_hidden_session();
} // end func get_hidden_id
/**
* @brother hidden_session
*/
function hidden_id() {
print $this->get_hidden_session();
} // end func hidden_id
/**
* Prepend variables passed into an array to a query string.
*
* @param array $qarray an array with var=>val pairs
* @param string $query_string probably getenv ('QUERY_STRING')
* @return string the resulting quetry string, of course :)
* @access public
*/
function add_query($qarray, $query_string = '') {
('' == $query_string) && ($query_string = getenv ('QUERY_STRING'));
$qstring = $query_string . (strrpos ($query_string, '?') == false ? '?' : '&');
foreach ($qarray as $var => $val) {
$qstring .= sprintf ( '%s=%s&', $var, urlencode ($val)) ;
}
return $qstring;
} // end func add_query
/**
* @brother add_query()
*/
function padd_query ($qarray, $query_string = '') {
print $this->add_query($qarray, $query_string);
} // end func padd_query
/**
* Get the serialized string of session variables
*
* Note that the serialization format is different from what it
* was in session3.inc. So clear all session data when switching
* to the PHP 4 code, it's not possible to load old session.
*
* @return string
*/
function serialize() {
return session_encode();
} // end func serialze
/**
* Import (session) variables from a string
*
* @param string
*
* @return boolean
*/
function deserialize (&$data_string) {
return session_decode($data_string);
} // end func deserialize
/**
* ?
*
*/
function set_tokenname(){
$this->name = ("" == $this->cookiename) ? $this->classname : $this->cookiename;
session_name ($this->name);
if (!$this->cookie_domain) {
$this->cookie_domain = get_cfg_var ("session.cookie_domain");
}
if (!$this->cookie_path && get_cfg_var('session.cookie_path')) {
$this->cookie_path = get_cfg_var('session.cookie_path');
} elseif (!$this->cookie_path) {
$this->cookie_path = "/";
}
if ($this->lifetime > 0) {
$lifetime = time()+$this->lifetime*60;
} else {
$lifetime = 0;
}
session_set_cookie_params($lifetime, $this->cookie_path, $this->cookie_domain);
} // end func set_tokenname
/**
* ?
*
*/
function put_headers() {
# set session.cache_limiter corresponding to $this->allowcache.
switch ($this->allowcache) {
case "passive":
case "public":
session_cache_limiter ("public");
break;
case "private":
session_cache_limiter ("private");
break;
default:
session_cache_limiter ("nocache");
break;
}
} // end func put_headers
/**
* Reimport HTTP_GET_VARS into the global namespace previously overriden by session variables.
* @see reimport_post_vars(), reimport_cookie_vars()
*/
function reimport_get_vars() {
$this->reimport_any_vars("HTTP_GET_VARS");
} // end func reimport_get_vars
/**
* Reimport HTTP_POST_VARS into the global namespace previously overriden by session variables.
* @see reimport_get_vars(), reimport_cookie_vars()
*/
function reimport_post_vars() {
$this->reimport_any_vars("HTTP_POST_VARS");
} // end func reimport_post_vars
/**
* Reimport HTTP_COOKIE_VARS into the global namespace previously overriden by session variables.
* @see reimport_post_vars(), reimport_fwr_vars()
*/
function reimport_cookie_vars() {
$this->reimport_any_vars("HTTP_COOKIE_VARS");
} // end func reimport_cookie_vars
/**
*
* @var array
*/
function reimport_any_vars($arrayname) {
global $$arrayname;
$GLOBALS = array_merge ($GLOBALS, $arrayname);
} // end func reimport_any_vars
} // end func session
?>
--- NEW FILE: session4_custom.inc ---
<?php
require_once($_PHPLIB["libdir"]."session/session4.inc");
/**
* PHPLib Sessions using PHP 4 build-in sessions and PHPLib storage container
*
* @copyright (c) 1998,1999 NetUSE GmbH Boris Erdmann, Kristian Koehntopp,
* 2000 Maxim Derkachev <ko...@bo...>,
* 2000 Teodor Cimpoesu <te...@di...>
* @author Maxim Derkachev <ko...@bo...>, Teodor Cimpoesu <te...@di...>,
* Ulf Wendel <uw...@ne...>
* @version $Id: session4_custom.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @package PHPLib
* @access public
*/
class Session_Custom extends Session {
/**
* session storage module - user, files or mm
*
* @var string
*/
var $module = 'user';
/**
* where to save session files if module == files
*
* @var string
*/
var $save_path;
/**
* Name of data storage container
*
* var string
*/
var $that_class = '';
/**
*
* @var object CT_*
*/
var $that;
/**
* Purge all session data older than 1440 minutes.
*
* @var int
*/
var $gc_time = 1440;
/**
* Garbaga collection probability
*
* Set this in php.ini or httpd.conf (.htaccess)
*
* @var int
*/
var $gc_probability;
/**
* initialization
*/
function start() {
$this->set_container();
return Session::start();
} // end func
// the following functions used in session_set_save_handler
/**
* Open callback
*
* abstract
*/
function open() {
return true;
} // end func open
/**
* Close callback
*
* @abstract
*/
function close() {
return true;
} // end func close
/**
* Delete callback
*/
function del() {
if ($this->module == 'user') {
$this->that->ac_delete($this->id, $this->name);
$this->put_id();
}
return true;
} // end func del
/*
* Write callback.
*
*/
function freeze() {
if ($this->module == 'user') {
$r = $this->that->ac_store($this->id, $this->name, session_encode());
$this->release_lock();
if(!$r)
$this->that->ac_halt("Session: freeze() failed.");
}
} // end func freeze
/**
* Read callback.
*/
function thaw() {
if ($this->module == 'user') {
# $this->get_lock();
return $this->that->ac_get_value(session_id(), $this->name);
}
return true;
}
/**
* gc callback.
*
* Destroy all session data older than $this->gc_time
*
*/
function gc() {
if ($this->module == 'user') {
if (empty($this->gc_time))
$this->gc_time = get_cfg_var("session.gc_maxlifetime");
return $this->that->ac_gc($this->gc_time, $this->name);
}
return true;
} // end func gc
// helper functions used in initialization
/**
* ?
*
*/
function set_container(){
switch ($this->module) {
case "user" :
session_module_name('user');
$name = $this->that_class;
$this->that = new $name;
$this->that->ac_start();
// set custom session handlers
session_set_save_handler(array (&$this, 'open'),
array (&$this, 'close'),
array (&$this, 'thaw'),
array (&$this, 'freeze'),
array (&$this, 'del'),
array (&$this, 'gc')
);
break;
case "mm":
session_module_name('mm');
break;
case "files" :
default:
if ($this->save_path)
session_save_path($this->save_path);
session_module_name('files');
break;
}
} // end func set_container
/**
* ?
*/
function get_lock() {
$this->that->ac_get_lock();
} // end func get_clock
/**
* ?
*/
function release_lock() {
$this->that->ac_release_lock();
} // end func release_lock
} // end class Session4_Custom
?>
--- NEW FILE: user4.inc ---
<?php
/**
* Session Management for PHP3
*
* @copyright 1998,1999 NetUSE GmbH Boris Erdmann, Kristian Koehntopp
* 2001, Maxim Derkachev <ko...@bo...>
* @version $Id: user4.inc,v 1.1 2002/10/01 16:13:56 joestewart Exp $
* @package PHPLib
* @access public
*/
class User {
/**
*
*/
var $classname = "User";
/**
* AC storage name
*
* @var string
*/
var $name = "";
/**
* AC storage ID
*
* @var string
*/
var $id = "";
/**
* A name of a global array where references to registered user vars are stored.
*
* @var string
*/
var $vars_array = 'PHPLIB_USER_VARS';
/**
* Do we need to push user vars into global namespace?
*
* (they are anyway accessible via special array, $PHPLIB_USER_VARS by default
*
* @var boolean
*/
var $register_globals = true;
/**
* Name of data storage container
*
* var string
*/
var $that_class = '';
/**
*
* @var object CT_*
*/
var $that;
/**
*
* @param string
*/
function start($sid = '') {
$this->get_id($sid);
if ("" == $this->name)
$this->name = $this->classname;
$name = $this->that_class;
$this->that = new $name;
$this->that->ac_start();
$this->thaw();
} // end func start
/**
* registers user variables
*
* @param array
*/
function register ($things) {
$things = preg_split('/\s*,\s*/', trim($things) );
foreach ($things as $thing) {
if (!isset($GLOBALS[$thing]))
continue;
$GLOBALS[$this->vars_array][$thing] =& $GLOBALS[$thing];
}
} // end func register
/**
* find out if a var is registered user variable
*
* @param string
*/
function is_registered($name) {
return (boolean)(isset($GLOBALS[$this->vars_array][trim($name)]));
} // end func is_registered
/**
* cancel the registration of a registered user variables
*
*/
function unregister($things) {
$things = preg_split('/\s*,\s*/', trim($things) );
foreach ($things as $thing) {
if (!isset ($GLOBALS[$this->vars_array][$thing]))
continue;
unset ($GLOBALS[$this->vars_array][$thing]);
}
} // end func unregister
/**
*
* @param string
*/
function get_id($id = "") {
$this->id = $id;
} // end func get_id
/**
* Delete the current user record
*/
function delete() {
$this->that->ac_delete($this->id, $this->name);
} // end func delete
/**
* serializes user data (stored in $GLOBALS[$this->vars_array])
*/
function serialize() {
return serialize($GLOBALS[$this->vars_array]);
} // end func serialize
/**
* prepare serialized user data and store it in a storage container
*
*/
function freeze() {
if ($this->id == 'nobody')
return;
if(!$this->that->ac_store($this->id, $this->name, $this->serialize()))
$this->that->ac_halt("User: freeze() failed.");
} // end func freeze
/*
* restore saved registered user variables
**/
function thaw() {
$vals = $this->that->ac_get_value($this->id, $this->name);
$GLOBALS[$this->vars_array] = unserialize($vals);
if ($this->register_globals && is_array ($GLOBALS[$this->vars_array]) ) {
reset ($GLOBALS[$this->vars_array]);
while (list ($k, $v) = each ($GLOBALS[$this->vars_array])) {
$GLOBALS[$k] = $v;
$GLOBALS[$this->vars_array][$k] =& $GLOBALS[$k]; // change the entry in user vars array, so it is now a reference pointing to a global variable.
}
}
} // end func thaw
} // end class User
?>
|
|
From: Joe S. <joe...@us...> - 2002-10-01 16:14:00
|
Update of /cvsroot/phplib/php-lib-stable
In directory usw-pr-cvs1:/tmp/cvs-serv19579/php-lib-stable
Modified Files:
CHANGES
Log Message:
moved session4 require files to php directory
Index: CHANGES
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** CHANGES 7 Aug 2002 19:31:33 -0000 1.20
--- CHANGES 1 Oct 2002 16:13:56 -0000 1.21
***************
*** 1,4 ****
--- 1,8 ----
$Id$
+ 01-Oct-2002 joestewart
+ - moved session4.inc from php-lib tree.
+ - moved session4_custom.inc and user4.inc from unsup/ directory.
+
07-Aug-2002 layne_weathers
- Fixed [ #542808 ] nextid()'s lock() in db_mysql.inc
|
|
From: Chris J. <ch...@us...> - 2002-09-25 17:56:39
|
Update of /cvsroot/phplib/php-lib-stable/pages/admin
In directory usw-pr-cvs1:/tmp/cvs-serv24810
Modified Files:
view_sessions.php3
Log Message:
Fix typo in delete query to use the SID value, not the key name.
Index: view_sessions.php3
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/pages/admin/view_sessions.php3,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** view_sessions.php3 17 Apr 2000 16:40:08 -0000 1.1.1.1
--- view_sessions.php3 25 Sep 2002 17:56:36 -0000 1.2
***************
*** 51,55 ****
$sess->that->database_table,
$sess->name,
! $k);
$db->query($query);
$sum += $db->affected_rows();
--- 51,55 ----
$sess->that->database_table,
$sess->name,
! $v);
$db->query($query);
$sum += $db->affected_rows();
|
|
From: Richard A. <ric...@us...> - 2002-08-26 08:27:47
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv16440
Modified Files:
db_pgsql.inc
Log Message:
Merging patch from Moritz Sinn to add extra functionality to pgsql metadata function.
Index: db_pgsql.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/db_pgsql.inc,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** db_pgsql.inc 25 Apr 2002 05:24:03 -0000 1.8
--- db_pgsql.inc 26 Aug 2002 08:27:43 -0000 1.9
***************
*** 154,182 ****
}
!
!
! function metadata($table) {
$count = 0;
$id = 0;
$res = array();
! $this->connect();
! $id = pg_exec($this->Link_ID, "select * from $table");
! if ($id < 0) {
! $this->Error = pg_ErrorMessage($id);
! $this->Errno = 1;
! $this->halt("Metadata query failed.");
}
$count = pg_NumFields($id);
!
for ($i=0; $i<$count; $i++) {
$res[$i]["table"] = $table;
! $res[$i]["name"] = pg_FieldName ($id, $i);
$res[$i]["type"] = pg_FieldType ($id, $i);
$res[$i]["len"] = pg_FieldSize ($id, $i);
$res[$i]["flags"] = "";
}
!
! pg_FreeResult($id);
return $res;
}
--- 154,191 ----
}
! function metadata($table="") {
$count = 0;
$id = 0;
$res = array();
! if ($table) {
! $this->connect();
! $id = pg_exec($this->Link_ID, "select * from $table");
! if ($id < 0) {
! $this->Error = pg_ErrorMessage($id);
! $this->Errno = 1;
! $this->halt("Metadata query failed.");
! }
! } else {
! $id = $this->Query_ID;
! if (!$id) {
! $this->halt("No query specified.");
! }
}
+
$count = pg_NumFields($id);
!
for ($i=0; $i<$count; $i++) {
$res[$i]["table"] = $table;
! $res[$i]["name"] = pg_FieldName ($id, $i);
$res[$i]["type"] = pg_FieldType ($id, $i);
$res[$i]["len"] = pg_FieldSize ($id, $i);
$res[$i]["flags"] = "";
}
!
! if ($table) {
! pg_FreeResult($id);
! }
!
return $res;
}
|
|
From: Richard A. <ric...@us...> - 2002-08-10 00:54:33
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv2140
Modified Files:
ct_shm.inc
Log Message:
bug ID 460338: string comparison of integer value
caused bogus session removal once every 30 years.
Index: ct_shm.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib-stable/php/ct_shm.inc,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** ct_shm.inc 12 Jul 2000 18:22:33 -0000 1.2
--- ct_shm.inc 10 Aug 2002 00:54:30 -0000 1.3
***************
*** 62,71 ****
function ac_gc($gc_time, $name) {
$cmp = time() - $gc_time * 60;
! for($i = 1; $i <= $this->max_sessions; $i++)
if(($val = @shm_get_var($this->shmid, $i)) != false) {
$dat = explode(";", $val);
! if($name == $dat[1] && strcmp($dat[3], $cmp) < 0)
shm_remove_var($this->shmid, $i);
}
}
--- 62,73 ----
function ac_gc($gc_time, $name) {
$cmp = time() - $gc_time * 60;
! for($i = 1; $i <= $this->max_sessions; $i++) {
if(($val = @shm_get_var($this->shmid, $i)) != false) {
$dat = explode(";", $val);
! if($name == $dat[1] && intval($dat[3]) < $cmp) {
shm_remove_var($this->shmid, $i);
+ }
}
+ }
}
|
|
From: Richard A. <ric...@us...> - 2002-08-10 00:54:14
|
Update of /cvsroot/phplib/php-lib/php
In directory usw-pr-cvs1:/tmp/cvs-serv1001
Modified Files:
ct_shm.inc
Log Message:
bug ID 460338: string comparison of integer value
caused bogus session removal once every 30 years.
Index: ct_shm.inc
===================================================================
RCS file: /cvsroot/phplib/php-lib/php/ct_shm.inc,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** ct_shm.inc 13 Apr 2000 13:28:45 -0000 1.6
--- ct_shm.inc 10 Aug 2002 00:54:11 -0000 1.7
***************
*** 63,72 ****
function ac_gc($gc_time, $name) {
$cmp = time() - $gc_time * 60;
! for($i = 1; $i <= $this->max_sessions; $i++)
if(($val = @shm_get_var($this->shmid, $i)) != false) {
$dat = explode(";", $val);
! if($name == $dat[1] && strcmp($dat[3], $cmp) < 0)
shm_remove_var($this->shmid, $i);
}
}
--- 63,74 ----
function ac_gc($gc_time, $name) {
$cmp = time() - $gc_time * 60;
! for($i = 1; $i <= $this->max_sessions; $i++) {
if(($val = @shm_get_var($this->shmid, $i)) != false) {
$dat = explode(";", $val);
! if($name == $dat[1] && intval($dat[3]) < $cmp) {
shm_remove_var($this->shmid, $i);
+ }
}
+ }
}
|
