From 27daf46d4e2fdaec8ff06097d0e4add622100710 Mon Sep 17 00:00:00 2001 From: michael Date: Fri, 20 Dec 2002 12:10:36 +0000 Subject: [PATCH] added modified Owl_Session class --- lib/Session.inc | 157 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+), 0 deletions(-) create mode 100644 lib/Session.inc diff --git a/lib/Session.inc b/lib/Session.inc new file mode 100644 index 0000000..e0ca9cf --- /dev/null +++ b/lib/Session.inc @@ -0,0 +1,157 @@ +sessionID . $current; + $sessionID = md5($current); + $sql = new Owl_DB; + + // retrieve client ip + if(getenv("HTTP_CLIENT_IP")) { + $ip = getenv("HTTP_CLIENT_IP"); + } elseif(getenv("HTTP_X_FORWARDED_FOR")) { + $forwardedip = getenv("HTTP_X_FORWARDED_FOR"); + list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip); + } else { + $ip = getenv("REMOTE_ADDR"); + } + + // insert session information into db + $result = $sql->query("insert into $default->owl_sessions_table values ('$sessionID', '$userID', '$current', '$ip')"); + + if(!'result') { + die("$lang_err_sess_write"); + } + + return $sessionID; + } + + /** + * Removes the specified session from the application. + * + * @param sessionID + * the session to remove + */ + function remove($sessionID) { + $sql = new Owl_DB; + $sql->query("delete from $default->owl_sessions_table where sessid = '$sessionID'"); + } + + /** + * Removes any stale sessions for the specified userID + * + * @param userID + * the userID to remove stale sessions for + */ + function removeStateSessions($userID) { + $time = time() - $default->owl_timeout; + $sql = new Owl_DB; + $sql->query("delete from $default->owl_sessions_table where uid = '" . $userID . "' and lastused <= $time "); + } + + /** + * Used to verify a users session + * + * @param $sessionID + * The session id to verify + * @return + * array containing the userID, groupID and session verifiction status + */ + function verify($sessionID) { + + getprefs(); + global $default, $lang_sesstimeout, $lang_sessinuse, $lang_clicklogin; + $sess = ltrim($sessionID); + // initialise return status + $verified["status"] = 0; + + // this should be an existing session, so check the db + $sql = new Owl_DB; + $sql->query("select * from $default->owl_sessions_table where sessid = '$sessionID'"); + $numrows = $sql->num_rows($sql); + $time = time(); + + if ($numrows == "1") { + while($sql->next_record()) { + // get client ip + if(getenv("HTTP_CLIENT_IP")) { + $ip = getenv("HTTP_CLIENT_IP"); + } elseif(getenv("HTTP_X_FORWARDED_FOR")) { + $forwardedip = getenv("HTTP_X_FORWARDED_FOR"); + list($ip,$ip2,$ip3,$ip4)= split (",", $forwardedip); + } else { + $ip = getenv("REMOTE_ADDR"); + } + + // check that ip matches + if ($ip == $sql->f("ip")) { + // if timeout not exceeded + if(($time - $sql->f("lastused")) <= $default->owl_timeout) { + $verified["status"] = 1; + $verified["userID"] = $sql->f("uid"); + $sql->query("select * from $default->owl_users_table where id = '".$verified["userid"]."'"); + while($sql->next_record()) { + $verified["groupID"] = $sql->f("groupid"); + } + } else { + // TODO: don't want html here + // session time out status + $verified["status"] = 2; + /* + // Bozz Bug Fix begin + if (file_exists("./lib/header.inc")) { + include("./lib/header.inc"); + } else { + include("../lib/header.inc"); + } + // Bozz Bug Fix End + print("

".$lang_sesstimeout); + if ($parent == "" || $fileid == "") { + print(""); + } else { + print(""); + } + exit();*/ + } + } else { + // session in use status + $verified["status"] = 3; + /* + // Bozz Bug Fix begin + if (file_exists("./lib/header.inc")) { + include("./lib/header.inc"); + } else { + include("../lib/header.inc"); + } + // Bozz Bug Fix End + print("

".$lang_sessinuse); + exit; + */ + } + } + } + return $verified; + } +} +?> -- libgit2 0.21.4