[phpMP-CVS] CVS: phpMP/includes session.php,NONE,1.1 core.php,1.45,1.46 functions.php,1.26,1.27 lang
Status: Pre-Alpha
Brought to you by:
heimidal
Menu
▾
▴
[phpMP-CVS] CVS: phpMP/includes session.php,NONE,1.1 core.php,1.45,1.46 functions.php,1.26,1.27 language.php,1.9,1.10 user.php,1.16,1.17 sessions.php,1.11,NONE
|
From: Brian R. <hei...@us...> - 2003-04-23 07:21:08
|
Update of /cvsroot/phpmp/phpMP/includes
In directory sc8-pr-cvs1:/tmp/cvs-serv4022/includes
Modified Files:
core.php functions.php language.php user.php
Added Files:
session.php
Removed Files:
sessions.php
Log Message:
Literally, TONS of changes.
The most significant include a session system that finally works (!) as well as a change in the way config values are assigned - all config settings are now housed in an associative array called "$Config", which must be globalized before use.
--- NEW FILE: session.php ---
<?php
class Session // Creates and maintains sessions for all users.
{
var $started = 0;
var $session_data;
var $session_key;
var $session_key_new = false;
var $session_user_id;
var $ip;
// Starts the session. Must be called.
function start()
{
if($this->started == false)
{
$this->clean();
$this->getSessionData();
$this->started = true;
}
}
// Destroys sessions. Used for logging out and such.
function destroy()
{
global $DB, $Config;
$exp_time = time() + $Config['session_length'];
$page = basename($_SERVER['REQUEST_URI']);
// Sets the session as owned by an anonymous user.
$sql = 'UPDATE ' . DB_SESSIONS_TABLE . '
SET exp_time=\'' . $exp_time . '\'
AND session_page=\'' . $page . '\'
AND session_user_id=1
WHERE session_key=\'' . $this->session_key . '\'';
$DB->query($sql);
}
// Saves the session data to the database.
function run()
{
global $do_login, $User, $DB, $Config;
// Checks to see if a session has been started.
// If not, we'll die because we want to explicitly declare sessions.
if( $this->started == false )
{
die('You must explicitly declare all $Session->start calls.');
}
// Capture the page we're at.
$page = basename($_SERVER['REQUEST_URI']);
// Test to see if we're logging in.
if($_POST['do_login'] == true)
{
$this->session_user_id = $User->user_id;
}
$session_exists = false; // We'll assume that no sessions exist yet.
$cur_time = time(); // Time as of right now.
$exp_time = $cur_time + $Config['session_length']; // Time at which this session will become invalid.
$this->ip = $this->getIPEncoded(); // Gets the user's IP address.
// If the ID is new, why bother querying to test for an old one?
if( $this->session_key_new == false )
{
// Gathers session data from the database.
$sql = 'SELECT * FROM ' . DB_SESSIONS_TABLE . '
WHERE session_key=\'' . $this->session_key . '\'
ORDER BY session_exp_time DESC';
$result = $DB->query($sql);
$num_rows = $DB->numRows($result);
// Checks for a session in the database.
($num_rows >= 1) ? ($session_exists = true) : ($session_exists = false);
// If the session is expired, we'll go ahead and create a new one regardless.
$this->session_data = $DB->fetchAssoc($result);
if( $this->session_data['session_exp_time'] < $cur_time )
{
$session_exists = false;
}
}
if( $session_exists == true ) // A session exists. Yay.
{
$sql = 'UPDATE ' . DB_SESSIONS_TABLE . '
SET session_exp_time=' . $exp_time . ', session_page=\'' . addslashes($page) . '\'';
if( $_POST['do_login'] == true ) // Swap out the anonymous user for our new user_id.
{
$sql .= ', session_user_id=' . $this->session_user_id;
}
$sql .= ' WHERE session_key=\'' . $this->session_key . '\'';
$User->user_id = $this->session_user_id;
}
else // A session does not exist. We'll create an anonymous one.
{
$sql = 'INSERT INTO ' . DB_SESSIONS_TABLE . '
(session_key, session_user_id, session_start_time, session_exp_time, session_page, session_ip)
VALUES(\'' . $this->session_key . '\', 1,' . $cur_time . ',' . $exp_time . ',\'' . addslashes($page) . '\',\'' . $this->ip . '\')';
$this->session_user_id = 1;
$User->user_id = 1;
}
$DB->query($sql);
if( $_POST['do_login'] == false )
{
$sql = 'SELECT * FROM ' . DB_USERS_TABLE . '
WHERE user_id=' . $this->session_user_id;
$result = $DB->query($sql);
$User->data = $DB->fetchAssoc($result);
}
$cookie_data = urlencode( $this->session_user_id . ':' . $this->session_key );
setcookie($Config['cookie_name'] . '_data', $cookie_data, $cur_time + $Config['session_length'], $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
}
function clean()
{
global $DB;
$rand = rand(0,10);
if($rand >= 1) // 1:10 chance of session cleanup. This may later become a setting.
{
$sql = "DELETE FROM " . DB_SESSIONS_TABLE . " WHERE exp_time<" . time();
$DB->query($sql);
}
}
function getSessionData()
{
global $Config;
// Let's see if we have a standard cookie available.
if(!empty($_COOKIE[$Config['cookie_name'] . '_data']))
{
$cookie_data = $_COOKIE[$Config['cookie_name'] . '_data'];
$cookie_array = explode(':', urldecode( $cookie_data ) );
// We have a cookie. Let's see if it's valid.
if( ( !empty($cookie_array[0]) ) && ( strlen($cookie_array[1]) == 32 ) )
{
// Our cookie is valid. Let's set a few vars.
$this->session_user_id = $cookie_array[0];
$this->session_key = $cookie_array[1];
}
}
else
{
// OK. We don't have a valid cookie. We'll make one.
$this->session_key = md5( uniqid (microtime(), 1) );
$this->session_key_new = true;
}
}
// Taken from phpBB2.
function getIPEncoded()
{
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
$client_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR );
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
{
$private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10.\.*/', '/^224.\.*/', '/^240.\.*/');
$client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
else
{
$client_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR );
}
$ip_sep = explode('.', $client_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
}
?>
Index: core.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/core.php,v
retrieving revision 1.45
retrieving revision 1.46
diff -C2 -r1.45 -r1.46
*** core.php 22 Apr 2003 10:50:51 -0000 1.45
--- core.php 23 Apr 2003 07:21:03 -0000 1.46
***************
*** 4,33 ****
{
- // Initiates configuration from database.
- // Author: Brian 'Heimidal' Rose
- // Accepts: none.
- // Returns: none.
- function _initConfig ()
- {
-
- define("DB_CONFIG_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'config');
- define("DB_USERS_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'users');
- define("DB_SESSIONS_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'sessions');
- define("DB_MODULES_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'modules');
- define("DB_BLOCK_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'blocks');
-
- global $DB;
-
- $result = $DB->query( "SELECT * FROM " . DB_CONFIG_TABLE );
-
- // Loop through all config values from DB.
- // Define each key as its respective value.
- while( $row = $DB->fetchArray( $result ) )
- {
- define( strtoupper( 'C_' . $row['config_key'] ), $row['config_value'] );
- }
-
- }
-
function strip_magic_quotes($arr)
{
--- 4,7 ----
***************
*** 57,92 ****
}
! if( !defined("P_PHPMP_ROOT") )
{
! define( 'P_PHPMP_ROOT', './' );
}
! include_once( C_PHPMP_ROOT . 'config.php' );
// Globalize all major class-containing variables.
! global $Debug, $DB, $User, $MPCode, $Template;
! include_once( C_PHPMP_ROOT . 'includes/debug.php' );
$Debug = new Debug();
! include_once( C_PHPMP_ROOT . 'dba/' . DB_TYPE . '.dba' );
$DB = new DB();
$DB->connect();
! include_once(C_PHPMP_ROOT . 'includes/constants.php');
! $this->_initConfig(); // Grab DB-stored config values.
! include_once(C_PHPMP_ROOT . 'includes/functions.php');
! include_once(C_PHPMP_ROOT . 'includes/user.php');
$User = new User(); // Create an instance of User.
! include_once(C_PHPMP_ROOT . 'includes/language.php');
$Language = new Language();
createVars();
! include_once(C_PHPMP_ROOT . 'includes/mpcode.php');
// This while() statement will loop through the
--- 31,86 ----
}
! if( !defined("PHPMP_ROOT") )
{
! define( 'PHPMP_ROOT', './' );
}
! include_once( PHPMP_ROOT . 'config.php' );
// Globalize all major class-containing variables.
! global $Config, $Debug, $DB, $User, $MPCode, $Template;
! include_once( PHPMP_ROOT . 'includes/debug.php' );
$Debug = new Debug();
! include_once( PHPMP_ROOT . 'dba/' . DB_TYPE . '.dba' );
$DB = new DB();
$DB->connect();
! define("DB_CONFIG_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'config');
! define("DB_USERS_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'users');
! define("DB_SESSIONS_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'sessions');
! define("DB_MODULES_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'modules');
! define("DB_BLOCK_TABLE", DB_NAME . '.' . DB_TABLE_PREFIX . 'blocks');
!
! $result = $DB->query( "SELECT * FROM " . DB_CONFIG_TABLE );
! // Loop through all config values from DB.
! // Define each key as its respective value.
! while( $row = $DB->fetchArray( $result ) )
! {
! $Config;
! $Config[$row['config_key']] = $row['config_value'];
! }
! include_once(PHPMP_ROOT . 'includes/constants.php');
!
! include_once(PHPMP_ROOT . 'includes/functions.php');
! include_once(PHPMP_ROOT . 'includes/user.php');
$User = new User(); // Create an instance of User.
+
+ include_once(PHPMP_ROOT . 'includes/session.php');
+ $Session = new Session();
+
+ $Session->start();
+ $Session->run();
! include_once(PHPMP_ROOT . 'includes/language.php');
$Language = new Language();
createVars();
! include_once(PHPMP_ROOT . 'includes/mpcode.php');
// This while() statement will loop through the
***************
*** 95,104 ****
while( $my_file = $optional_files[$i] )
{
! include_once(C_PHPMP_ROOT . 'includes/' . $my_file . '.php');
$i++;
}
! include_once(C_PHPMP_ROOT . 'includes/Smarty.class.php');
! include_once(C_PHPMP_ROOT . 'includes/template.php');
$Template = new Template(); // Create an instance of Template.
--- 89,98 ----
while( $my_file = $optional_files[$i] )
{
! include_once(PHPMP_ROOT . 'includes/' . $my_file . '.php');
$i++;
}
! include_once(PHPMP_ROOT . 'includes/Smarty.class.php');
! include_once(PHPMP_ROOT . 'includes/template.php');
$Template = new Template(); // Create an instance of Template.
Index: functions.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/functions.php,v
retrieving revision 1.26
retrieving revision 1.27
diff -C2 -r1.26 -r1.27
*** functions.php 8 Feb 2003 11:07:28 -0000 1.26
--- functions.php 23 Apr 2003 07:21:03 -0000 1.27
***************
*** 7,12 ****
function createVars()
{
! ( U_DATE_FORMAT != '' ) ? define( "C_DATE_FORMAT", U_DATE_FORMAT ) : define( "C_DATE_FORMAT", C_DEFAULT_DATE_FORMAT );
! define("C_DATE_NOW", date(C_DATE_FORMAT)); // This is here...for now.
}
--- 7,14 ----
function createVars()
{
! global $Config;
!
! ( $User->data['date_format'] != '' ) ? ($Config['date_format'] = $User->data['date_format']) : ($Config['date_format'] = $Config['default_date_format']);
! $Config['time_now'] = date( $Config['date_format'] ); // This is here...for now.
}
Index: language.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/language.php,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -r1.9 -r1.10
*** language.php 8 Feb 2003 09:43:29 -0000 1.9
--- language.php 23 Apr 2003 07:21:03 -0000 1.10
***************
*** 6,15 ****
function Language()
{
! defined("U_LANGUAGE") ? define( "C_LANGUAGE", U_LANGUAGE ) : define( "C_LANGUAGE", C_DEFAULT_LANG );
!
! global $Local;
!
! include_once( C_PHPMP_ROOT . 'languages/' . C_LANGUAGE . '/lang_main.php' );
$Local = new Localization();
--- 6,13 ----
function Language()
{
+ global $Config, $User, $Local;
+ ($User->data['language'] != '') ? ($Config['language'] = $User->data['language']) : ($Config['language'] = $Config['default_lang']);
! include_once( PHPMP_ROOT . 'languages/' . $Config['language'] . '/lang_main.php' );
$Local = new Localization();
Index: user.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/user.php,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -r1.16 -r1.17
*** user.php 22 Apr 2003 10:50:52 -0000 1.16
--- user.php 23 Apr 2003 07:21:03 -0000 1.17
***************
*** 13,23 ****
function User()
{
!
! $this->sessionClean();
!
! // Are we logging in?
! global $do_login;
!
! if( $do_login == true ) // We are logging in.
{
// We are logging in. Set up variables.
--- 13,17 ----
function User()
{
! if( $_POST['do_login'] == true ) // We are logging in.
{
// We are logging in. Set up variables.
***************
*** 35,43 ****
$num_rows = $DB->numRows($result);
! if( $num_rows ) // We have a user!
{
$this->data = $DB->fetchAssoc($result);
$this->user_id = $this->data['user_id'];
!
// Setup the autologin cookie.
// setcookie(C_COOKIE_NAME . '_auto', $cookie_data, time() + TIME_YEAR_SECONDS, C_COOKIE_PATH, C_COOKIE_DOMAIN, C_COOKIE_SECURE);
--- 29,37 ----
$num_rows = $DB->numRows($result);
! if( $num_rows == 1 ) // We have a user!
{
$this->data = $DB->fetchAssoc($result);
$this->user_id = $this->data['user_id'];
!
// Setup the autologin cookie.
// setcookie(C_COOKIE_NAME . '_auto', $cookie_data, time() + TIME_YEAR_SECONDS, C_COOKIE_PATH, C_COOKIE_DOMAIN, C_COOKIE_SECURE);
***************
*** 45,49 ****
else // Wrong login information.
{
! die('Sorry. Your username and/or password are incorrect.');
}
}
--- 39,43 ----
else // Wrong login information.
{
! die('Sorry. Your username and/or password are incorrect. ' . $passwd_enc . ' ' . $_POST['login_passwd']);
}
}
--- sessions.php DELETED ---
|
