X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;ds=sidebyside;f=program%2Finclude%2Fsession.inc;h=b1ff1d2569192d7d11417b002edbd4a86c198d74;hb=68b99d8007942a1160eb4401003da0120032db02;hp=e76da0cf09de6161da60ba31132eb1bc3e3a9efd;hpb=8a4a1a7851436ef5ff246a861b1cac2d3c0d030b;p=roundcube.git

diff --git a/program/include/session.inc b/program/include/session.inc
index e76da0c..b1ff1d2 100644
--- a/program/include/session.inc
+++ b/program/include/session.inc
@@ -5,7 +5,7 @@
  | program/include/session.inc                                           |
  |                                                                       |
  | This file is part of the RoundCube Webmail client                     |
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland                 |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                 |
  | Licensed under the GNU GPL                                            |
  |                                                                       |
  | PURPOSE:                                                              |
@@ -15,171 +15,155 @@
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  +-----------------------------------------------------------------------+
 
- $Id: session.inc 850 2007-10-03 00:13:32Z ihug $
+ $Id: session.inc 2237 2009-01-17 01:55:39Z till $
 
 */
 
 
-function sess_open($save_path, $session_name)
-  {
-  return TRUE;
-  }
-
+function rcube_sess_open($save_path, $session_name)
+{
+  return true;
+}
 
 
-function sess_close()
-  {
-  return TRUE;
-  }
+function rcube_sess_close()
+{
+  return true;
+}
 
 
 // read session data
-function sess_read($key)
-  {
-  global $DB, $SESS_CHANGED, $SESS_CLIENT_IP;
+function rcube_sess_read($key)
+{
+  global $SESS_CHANGED, $SESS_CLIENT_IP;
+  
+  $DB = rcmail::get_instance()->get_dbh();
   
-  if ($DB->is_error())
-    return FALSE;
+  if ($DB->is_error()) {
+    return false;
+  }
   
-  $sql_result = $DB->query("SELECT vars, ip, ".$DB->unixtimestamp('changed')." AS changed
-                            FROM ".get_table_name('session')."
-                            WHERE  sess_id=?",
-                            $key);
+  $sql_result = $DB->query(
+    "SELECT vars, ip, " . $DB->unixtimestamp('changed') . " AS changed
+     FROM " . get_table_name('session') . "
+     WHERE  sess_id=?",
+    $key);
 
-  if ($sql_arr = $DB->fetch_assoc($sql_result))
-    {
+  if ($sql_arr = $DB->fetch_assoc($sql_result)) {
     $SESS_CHANGED = $sql_arr['changed'];
     $SESS_CLIENT_IP = $sql_arr['ip'];
 
     if (strlen($sql_arr['vars']))
       return $sql_arr['vars'];
-    }
-
-  return FALSE;
   }
+
+  return false;
+}
   
 
 // save session data
-function sess_write($key, $vars)
-  {
-  global $DB;
+function rcube_sess_write($key, $vars)
+{
+  $DB = rcmail::get_instance()->get_dbh();
   
-  if ($DB->is_error())
-    return FALSE;
-
-  $sql_result = $DB->query("SELECT 1
-                            FROM ".get_table_name('session')."
-                            WHERE  sess_id=?",
-                            $key);
-
-  if ($DB->num_rows($sql_result))
-    {
-    session_decode($vars);
-    $DB->query("UPDATE ".get_table_name('session')."
-                SET    vars=?,
-                       changed=".$DB->now()."
-                WHERE  sess_id=?",
-                $vars,
-                $key);
-    }
-  else
-    {
-    $DB->query("INSERT INTO ".get_table_name('session')."
-                (sess_id, vars, ip, created, changed)
-                VALUES (?, ?, ?, ".$DB->now().", ".$DB->now().")",
-                $key,
-                $vars,
-                $_SERVER['REMOTE_ADDR']);
-                
-
-    }
-
-  return TRUE;
+  if ($DB->is_error()) {
+    return false;
+  }
+
+  $sql_result = $DB->query(
+    "SELECT 1 FROM " . get_table_name('session') . "
+     WHERE  sess_id=?",
+    $key);
+
+  $now = $DB->fromunixtime(time());
+
+  if ($DB->num_rows($sql_result)) {
+    $DB->query(
+      "UPDATE " . get_table_name('session') . "
+       SET    vars=?, changed= " . $now . "
+       WHERE  sess_id=?",
+      $vars,
+      $key);
+  }
+  else {
+    $DB->query(
+      "INSERT INTO " . get_table_name('session') . "
+       (sess_id, vars, ip, created, changed)
+       VALUES (?, ?, ?, " . $now . ", " . $now .")",
+      $key,
+      $vars,
+      (string)$_SERVER['REMOTE_ADDR']);
   }
 
+  return true;
+}
+
 
 // handler for session_destroy()
-function sess_destroy($key)
-  {
-  global $DB;
+function rcube_sess_destroy($key)
+{
+  $rcmail = rcmail::get_instance();
+  $DB = $rcmail->get_dbh();
   
-  if ($DB->is_error())
-    return FALSE;
-  
-  // delete session entries in cache table
-  $DB->query("DELETE FROM ".get_table_name('cache')."
-              WHERE  session_id=?",
-              $key);
-              
-  $DB->query("DELETE FROM ".get_table_name('session')."
-              WHERE sess_id=?",
-              $key);
-
-  return TRUE;
+  if ($DB->is_error()) {
+    return false;
   }
 
+  $DB->query("DELETE FROM " . get_table_name('session') . " WHERE sess_id=?", $key);
+
+  return true;
+}
+
 
 // garbage collecting function
-function sess_gc($maxlifetime)
-  {
-  global $DB;
-
-  if ($DB->is_error())
-    return FALSE;
-
-  // get all expired sessions  
-  $sql_result = $DB->query("SELECT sess_id
-                            FROM ".get_table_name('session')."
-                            WHERE ".$DB->unixtimestamp($DB->now())."-".$DB->unixtimestamp('changed')." > ?",
-                            $maxlifetime);
-                                   
-  $a_exp_sessions = array();
-  while ($sql_arr = $DB->fetch_assoc($sql_result))
-    $a_exp_sessions[] = $sql_arr['sess_id'];
+function rcube_sess_gc($maxlifetime)
+{
+  $rcmail = rcmail::get_instance();
+  $DB = $rcmail->get_dbh();
+
+  if ($DB->is_error()) {
+    return false;
+  }
+
+  // just delete all expired sessions
+  $DB->query("DELETE FROM " . get_table_name('session') . "
+    WHERE changed < " . $DB->fromunixtime(time() - $maxlifetime));
+
+  if ($rcmail->config->get('enable_caching'))
+    rcmail_cache_gc();
 
-  
-  if (sizeof($a_exp_sessions))
-    {
-    // delete session cache records
-    $DB->query("DELETE FROM ".get_table_name('cache')."
-                WHERE  session_id IN ('".join("','", $a_exp_sessions)."')");
-                
-    // delete session records
-    $DB->query("DELETE FROM ".get_table_name('session')."
-                WHERE sess_id IN ('".join("','", $a_exp_sessions)."')");
-    }
-
-  // also run message cache GC
-  rcmail_message_cache_gc();
   rcmail_temp_gc();
 
-  return TRUE;
-  }
+  return true;
+}
 
 
-function sess_regenerate_id()
-  {
-  $randlen = 32;
+function rcube_sess_regenerate_id()
+{
   $randval = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-  $random = "";
-  for ($i=1; $i <= $randlen; $i++)
+
+  for ($random = "", $i=1; $i <= 32; $i++) {
     $random .= substr($randval, rand(0,(strlen($randval) - 1)), 1);
+  }
 
   // use md5 value for id or remove capitals from string $randval
   $random = md5($random);
 
   // delete old session record
-  sess_destroy(session_id());
+  rcube_sess_destroy(session_id());
 
   session_id($random);
-  $cookie = session_get_cookie_params();
-  setcookie(session_name(), $random, $cookie['lifetime'], $cookie['path']);
+
+  $cookie   = session_get_cookie_params();
+  $lifetime = $cookie['lifetime'] ? time() + $cookie['lifetime'] : 0;
+
+  rcmail::setcookie(session_name(), $random, $lifetime);
 
   return true;
-  }
+}
 
 
 // set custom functions for PHP session management
-session_set_save_handler('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy', 'sess_gc');
+session_set_save_handler('rcube_sess_open', 'rcube_sess_close', 'rcube_sess_read', 'rcube_sess_write', 'rcube_sess_destroy', 'rcube_sess_gc');
 
 ?>