streams/include/session.php

<?php /** @file */

// Session management functions. These provide database storage of PHP
// session info.

$session_exists = 0;
$session_expire = 180000;


function new_cookie($time) {
    $old_sid = session_id();
    session_set_cookie_params("$time");
    session_regenerate_id(false);

    q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));

	if (x($_COOKIE, 'jsAvailable')) {
		if ($time) {
			$expires = time() + $time;
		} else {
			$expires = 0;
		}
		setcookie('jsAvailable', $_COOKIE['jsAvailable'], $expires);
	}
}


function ref_session_open ($s,$n) {
  return true;
}


function ref_session_read ($id) {
  global $session_exists;
  if(x($id))
    $r = q("SELECT `data` FROM `session` WHERE `sid`= '%s'", dbesc($id));
  if(count($r)) {
    $session_exists = true;
    return $r[0]['data'];
  }
  return '';
}


function ref_session_write ($id,$data) {
  global $session_exists, $session_expire;
  if(! $id || ! $data) { 
    return false; 
  }

  $expire = time() + $session_expire;
  $default_expire = time() + 300;

  if($session_exists)
    $r = q("UPDATE `session` 
            SET `data` = '%s', `expire` = '%s' 
            WHERE `sid` = '%s' LIMIT 1", 
            dbesc($data), dbesc($expire), dbesc($id));
  else
    $r = q("INSERT INTO `session`
            SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
            dbesc($id), dbesc($default_expire), dbesc($data));

  return true;
}


function ref_session_close() {
  return true;
}


function ref_session_destroy ($id) {
  q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id));
  return true;
}


function ref_session_gc($expire) {
  q("DELETE FROM session WHERE expire < %d", dbesc(time()));
  q("OPTIMIZE TABLE session");
  return true;
}

$gc_probability = 50;

ini_set('session.gc_probability', $gc_probability);
ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1);


session_set_save_handler ('ref_session_open', 'ref_session_close', 'ref_session_read', 'ref_session_write', 'ref_session_destroy', 'ref_session_gc');
start formatting for Doxygen 2013-02-26 01:09:40 +00:00			`<?php /** @file */`
Initial checkin 2010-07-01 23:48:07 +00:00
			`// Session management functions. These provide database storage of PHP`
			`// session info.`

			`$session_exists = 0;`
			`$session_expire = 180000;`

minor fixes related to postgres development 2013-05-06 02:34:56 +00:00
move new_cookie() to the session driver so we can use it for other purposes besides "normal" web login (for instance magic auth) 2013-05-24 03:35:40 +00:00

			`function new_cookie($time) {`
			`$old_sid = session_id();`
			`session_set_cookie_params("$time");`
			`session_regenerate_id(false);`

			`q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid));`
set jsAvailable cookie expire time to match PHPSESSID's 2014-01-17 06:56:34 +00:00
			`if (x($_COOKIE, 'jsAvailable')) {`
			`if ($time) {`
			`$expires = time() + $time;`
			`} else {`
			`$expires = 0;`
			`}`
			`setcookie('jsAvailable', $_COOKIE['jsAvailable'], $expires);`
			`}`
move new_cookie() to the session driver so we can use it for other purposes besides "normal" web login (for instance magic auth) 2013-05-24 03:35:40 +00:00			`}`


Initial checkin 2010-07-01 23:48:07 +00:00			`function ref_session_open ($s,$n) {`
			`return true;`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`

Initial checkin 2010-07-01 23:48:07 +00:00
			`function ref_session_read ($id) {`
			`global $session_exists;`
			`if(x($id))`
			$r = q("SELECT `data` FROM `session` WHERE `sid`= '%s'", dbesc($id));
			`if(count($r)) {`
			`$session_exists = true;`
			`return $r[0]['data'];`
			`}`
			`return '';`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`

Initial checkin 2010-07-01 23:48:07 +00:00
			`function ref_session_write ($id,$data) {`
			`global $session_exists, $session_expire;`
			`if(! $id \|\| ! $data) {`
			`return false;`
			`}`

			`$expire = time() + $session_expire;`
			`$default_expire = time() + 300;`

			`if($session_exists)`
			$r = q("UPDATE `session`
			SET `data` = '%s', `expire` = '%s'
			WHERE `sid` = '%s' LIMIT 1",
			`dbesc($data), dbesc($expire), dbesc($id));`
			`else`
			$r = q("INSERT INTO `session`
			SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
			`dbesc($id), dbesc($default_expire), dbesc($data));`

			`return true;`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`

Initial checkin 2010-07-01 23:48:07 +00:00
			`function ref_session_close() {`
			`return true;`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`

Initial checkin 2010-07-01 23:48:07 +00:00
			`function ref_session_destroy ($id) {`
			q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id));
			`return true;`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`

Initial checkin 2010-07-01 23:48:07 +00:00
			`function ref_session_gc($expire) {`
fixes 2013-05-06 09:17:20 +00:00			`q("DELETE FROM session WHERE expire < %d", dbesc(time()));`
			`q("OPTIMIZE TABLE session");`
Initial checkin 2010-07-01 23:48:07 +00:00			`return true;`
minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`}`
Initial checkin 2010-07-01 23:48:07 +00:00
			`$gc_probability = 50;`

			`ini_set('session.gc_probability', $gc_probability);`
			`ini_set('session.use_only_cookies', 1);`
			`ini_set('session.cookie_httponly', 1);`


minor fixes related to postgres development 2013-05-06 02:34:56 +00:00			`session_set_save_handler ('ref_session_open', 'ref_session_close', 'ref_session_read', 'ref_session_write', 'ref_session_destroy', 'ref_session_gc');`