Menu
▾
▴
[Upcase-project-cvs] UpCase/lib uc_session.php,1.3,1.4
|
From: <jhe...@us...> - 2002-11-12 11:08:31
|
Update of /cvsroot/upcase-project/UpCase/lib
In directory usw-pr-cvs1:/tmp/cvs-serv27594
Modified Files:
uc_session.php
Log Message:
use of cookies and handling of anonymous user
Index: uc_session.php
===================================================================
RCS file: /cvsroot/upcase-project/UpCase/lib/uc_session.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** uc_session.php 8 Aug 2002 10:08:06 -0000 1.3
--- uc_session.php 12 Nov 2002 11:08:29 -0000 1.4
***************
*** 3,8 ****
include_once("lib/uc_login.php");
! $SESSION_DATA = $ucConfig->tblPrefix . "session_data";
! include_once("lib/uc_session_handler.php");
--- 3,8 ----
include_once("lib/uc_login.php");
! //$SESSION_DATA = $ucConfig->tblPrefix . "session_data";
! //include_once("lib/uc_session_handler.php");
***************
*** 18,29 ****
function UcSession($returnPath)
{
! global $sessid;
! session_name("sessid");
session_start();
! $this->sessid = $sessid;
$this->db = new UcSql();
$this->returnPath = $returnPath;
// check the IP
$this->checkIp();
--- 18,48 ----
function UcSession($returnPath)
{
! global $ucsql_sessioncreate;
! global $ucsql_sessionget;
! global $ucsid;
!
! $this->name = "ucsid";
! session_name($this->name);
session_start();
!
! $this->sessid = $ucsid;
!
!
$this->db = new UcSql();
$this->returnPath = $returnPath;
+ $query = sprintf($ucsql_sessionget, $this->sessid);
+ $res = $this->db->Execute($query) or die("Unable to check session: "
+ . $this->db->ErrorMsg());
+ if ($res->RowCount() == 0)
+ {
+ // Create a record for this session in the db
+ $query = sprintf($ucsql_sessioncreate, $this->sessid);
+ $this->db->Execute($query)
+ or die("Unable to add session to database: "
+ . $this->db->ErrorMsg());
+ }
+
// check the IP
$this->checkIp();
***************
*** 32,37 ****
function destroy()
{
! session_destroy();
! header("Location: " . $wwwroot);
}
--- 51,59 ----
function destroy()
{
! global $ucsql_sessiondestroy;
!
! $query = sprintf($ucsql_sessiondestroy, $this->sessid);
! $this->db->Execute($query) or die("Unable to destroy session: "
! . $this->db->ErrorMsg());
}
***************
*** 76,133 ****
}
! function getUser()
{
global $username;
global $password;
- global $ucsql_sessionget;
global $uc_info;
! // retrieve the uid associated with this session from the db
! $query = sprintf($ucsql_sessionget, $this->sessid);
! $res = $this->db->Execute($query) or
! die("Unable to get session info: " . $this->db->ErrorMsg());
! $o = $res->FetchNextObject(true);
!
! if ($o->UID)
{
! // user has already authentified for the session
! $this->user = getUser('', $o->UID);
}
else
{
! // user has not yet authentified for the session
! if (isset($username) && isset($password))
! {
! // we have the password/login
! if ($this->checkPassword($username, $password))
! {
! // good, update session with user
! $user = getUser($username, '');
! $this->setUser($user);
! }
! else
! {
! // bad, redirect to some message
! header("Location: " . $uc_info["badLoginMsg"]);
! }
! }
! else
! {
! // we don't have password/login, ask for it
! uc_login($this->returnPath);
! exit();
! }
}
-
- return $this->user;
}
! function setUser($user)
{
! global $ucsql_sessionlogin;
! $this->user = $user;
! $query = sprintf($ucsql_sessionlogin, $this->user->uid, $this->sessid);
! $res = $this->db->Execute($query) or
! die("Unable to set session uid: " . $this->db->ErrorMsg());
}
--- 98,173 ----
}
!
! function login($username, $password)
{
global $username;
global $password;
global $uc_info;
+ global $ucsql_sessionlogin;
! // we have the password/login
! if ($this->checkPassword($username, $password))
{
! // good, update session with user
! $this->user = getUser($username, '');
! $query = sprintf($ucsql_sessionlogin,
! $this->user->uid,
! $this->sessid);
! $res = $this->db->Execute($query) or
! die("Unable to set session uid: "
! . $this->db->ErrorMsg());
}
else
{
! // bad, redirect to some message
! header("Location: " . $uc_info["badLoginMsg"]
! . "?ret=" . $this->returnPath);
}
}
! function logout()
{
! global $ucsql_sessionlogout;
! $query = sprintf($ucsql_sessionlogout, $this->sessid);
! $this->db->Execute($query)
! or die("UPCASE: Unable to logout the session: "
! . $this->db->ErrorMsg());
!
! session_unset();
! session_destroy();
! $ar = session_get_cookie_params();
! setcookie($this->name, "", time() - 3600, $ar["path"],
! $ar["domain"], $ar["secure"]);
!
! $this->destroy();
! }
!
!
! function getUser()
! {
! global $ucConfig;
! global $ucsql_sessionget;
! $query = sprintf($ucsql_sessionget, $this->sessid);
! $res = $this->db->Execute($query) or die("Unable to get session: " .
! $this->db->ErrorMsg());
! if ($res->RowCount() == 1)
! {
! $o = $res->FetchNextObject();
! if (!empty($o->UID))
! {
! $user = getUser('', $o->UID);
! return $user;
! }
! }
!
! $anonuser = new UcUser();
! $anonuser->name = "anonymous";
! $anonuser->uid = -1;
! $anonuser->gid = -1;
! $anonuser->lang = $ucConfig->defaultLang;
! $anonuser->groups = array();
! $user = $anonuser;
!
! return $user;
}
***************
*** 137,141 ****
$query = sprintf($ucsql_usercheckpw, $username, $password);
$res = $this->db->Execute($query) or
! die("Error while checking password: " . $this->db->ErrorMsg());
if ($res->RowCount() != 1)
{
--- 177,181 ----
$query = sprintf($ucsql_usercheckpw, $username, $password);
$res = $this->db->Execute($query) or
! die("UPCASE: Error while checking password: " . $this->db->ErrorMsg());
if ($res->RowCount() != 1)
{
|
