diff --git a/lib/documentmanagement/DocumentTransaction.inc b/lib/documentmanagement/DocumentTransaction.inc index a0224e6..b3eedc0 100644 --- a/lib/documentmanagement/DocumentTransaction.inc +++ b/lib/documentmanagement/DocumentTransaction.inc @@ -74,6 +74,7 @@ class DocumentTransaction { } $this->iUserID = $_SESSION["userID"]; + $this->iSessionId = $_SESSION["sessionID"]; $oUser = KTUtil::arrayGet($aOptions, 'user'); if (!(PEAR::isError($oUser) || ($oUser == false))) { @@ -119,6 +120,7 @@ class DocumentTransaction { 'filename' => $this->sFileName, 'comment' => $this->sComment, 'transaction_namespace' => $this->sTransactionNS, + 'session_id' => $this->iSessionId, ); $id =& DBUtil::autoInsert($this->_table(), $aFieldValues); diff --git a/lib/foldermanagement/foldertransaction.inc.php b/lib/foldermanagement/foldertransaction.inc.php index 94db27c..9c1286a 100644 --- a/lib/foldermanagement/foldertransaction.inc.php +++ b/lib/foldermanagement/foldertransaction.inc.php @@ -37,6 +37,7 @@ class KTFolderTransaction extends KTEntity { 'sIp' => 'ip', 'sComment' => 'comment', 'sTransactionNS' => 'transaction_namespace', + 'iSessionId' => 'session_id', ); var $_bUsePearError = true; @@ -49,6 +50,9 @@ class KTFolderTransaction extends KTEntity { if (empty($this->dDateTime)) { $this->dDateTime = getCurrentDateTime(); } + if (empty($this->iSessionId)) { + $this->iSessionId = $_SESSION['sessionID']; + } return parent::_fieldValues(); } diff --git a/lib/session/Session.inc b/lib/session/Session.inc index 8dc2623..757bfbd 100644 --- a/lib/session/Session.inc +++ b/lib/session/Session.inc @@ -61,12 +61,14 @@ class Session { if (PEAR::isError($result)) { die("Error creating session: " . $result->toString()); } + $_SESSION['sessionID'] = $result; $aParams = array( 'userid' => $iUserId, 'datetime' => date("Y-m-d H:i:s", time()), 'actionnamespace' => 'ktcore.user_history.login', 'comments' => sprintf('Logged in from %s', $ip), + 'sessionid' => $_SESSION['sessionID'], ); require_once(KT_LIB_DIR . '/users/userhistory.inc.php'); $res = KTUserHistory::createFromArray($aParams); @@ -89,14 +91,22 @@ class Session { session_start(); $sSessionID = session_id(); - $iUserID = $_SESSION["userID"]; + $iUserId = $_SESSION["userID"]; // remove the session information from the database $sTable = KTUtil::getTableName('sessions'); $res = DBUtil::whereDelete($sTable, array('session_id' => $sSessionID)); - + $aParams = array( + 'userid' => $iUserId, + 'datetime' => date("Y-m-d H:i:s", time()), + 'actionnamespace' => 'ktcore.user_history.logout', + 'sessionid' => $_SESSION['sessonID'], + ); + require_once(KT_LIB_DIR . '/users/userhistory.inc.php'); + $res = KTUserHistory::createFromArray($aParams); + $default->log->info("saving user history - " . print_r($res, true)); // remove the php4 session unset($_SESSION['userID']); @@ -110,13 +120,37 @@ class Session { * * @param int the userID to remove stale sessions for */ - function removeStaleSessions($userID = -1) { + function removeStaleSessions() { global $default; - // deletes any sessions for this userID where the default timeout has elapsed. - $time = time() - $default->sessionTimeout; - $sql = $default->db; - $sQuery = "DELETE FROM $default->sessions_table WHERE " . (($userID != -1) ? "user_id=$userID AND " : "") . "lastused <= '" . formatDateTime($time) . "'"; - $sql->query($sQuery); + $time = time() - $default->sessionTimeout; + + $sTable = KTUtil::getTableName('sessions'); + $aQuery = array( + sprintf('SELECT id, lastused, user_id FROM %s WHERE lastused <= ?', $sTable), + array(formatDateTime($time)), + ); + + $aSessions = DBUtil::getResultArray($aQuery); + + foreach ($aSessions as $aSessionData) { + $iId = $aSessionData['id']; + $dLastUsed = $aSessionData['lastused']; + $iUserId = $aSessionData['user_id']; + $iTime = strtotime($dLastUsed); + $iTime = $iTime + $default->sessionTimeout; + $aParams = array( + 'userid' => $iUserId, + 'datetime' => formatDateTime($iTime), + 'actionnamespace' => 'ktcore.user_history.timeout', + 'comments' => 'Session timed out', + 'sessionid' => $_SESSION['sessionID'], + ); + require_once(KT_LIB_DIR . '/users/userhistory.inc.php'); + $res = KTUserHistory::createFromArray($aParams); + $default->log->info("saving user history - " . print_r($res, true)); + + DBUtil::whereDelete($sTable, array('id' => $iId)); + } } /** @@ -190,11 +224,12 @@ class Session { return true; } else { + + Session::removeStaleSessions(); + return PEAR::raiseError('Session timed out'); } - // } - Session::removeStaleSessions(); return false; diff --git a/lib/users/userhistory.inc.php b/lib/users/userhistory.inc.php index 0482b87..a11a138 100644 --- a/lib/users/userhistory.inc.php +++ b/lib/users/userhistory.inc.php @@ -35,6 +35,7 @@ class KTUserHistory extends KTEntity { 'iUserId' => 'user_id', 'sActionNamespace' => 'action_namespace', 'sComments' => 'comments', + 'iSessionId' => 'session_id', ); var $_bUsePearError = true; @@ -47,6 +48,8 @@ class KTUserHistory extends KTEntity { function setComments($mValue) { $this->sComments = $sComments; } function getActionNamespace() { return $this->sActionNamespace; } function setActionNamespace($mValue) { $this->sActionNamespace = $mValue; } + function getSessionId() { return $this->iSessionId; } + function setSessionId($mValue) { $this->iSessionId = $mValue; } function _table () { return KTUtil::getTableName('user_history');