drupal/includes/session.inc

<?php
// $Id$

session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc");
session_start();

/*** Session functions *****************************************************/

function sess_open($save_path, $session_name) {
  return 1;
}

function sess_close() {
  return 1;
}

function sess_read($key) {
  global $user;

  $result = db_query_range("SELECT u.*, s.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s' AND u.status < 3", $key, 0, 1);

  if (!db_num_rows($result)) {
    $result = db_query("SELECT u.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid WHERE u.uid = 0");
    db_query("INSERT INTO {sessions} (uid, sid, hostname, session, timestamp) values(%d, '%s', '%s', '%s', %d)", $user->uid, $key, $_SERVER["REMOTE_ADDR"], $value, time());
  }

  $user = db_fetch_object($result);
  if ($user->data && $data = unserialize($user->data)) {
    foreach ($data as $key => $value) {
      if (!isset($user->$key)) {
        $user->$key = $value;
      }
    }
  }

  return !empty($user->session) ? $user->session : '';
}

function sess_write($key, $value) {
  global $user;

  db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time(), $key);

  return '';
}

function sess_destroy($key) {
  db_query("DELETE FROM {sessions} WHERE sid = '$key'");
}

function sess_gc($lifetime) {

  /*
  **  Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
  **   value.  For example, if you want user sessions to stay in your database
  **   for three weeks before deleting them, you need to set gc_maxlifetime
  **   to '1814400'.  At that value, only after a user doesn't log in after
  **   three weeks (1814400 seconds) will his/her session be removed.
  */
  db_query("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime);

  return 1;

}

?>
- Improved module loading when serving cached pages. Moshe's bootstrap patch. - Used legend and fieldset tags for the configuration page. 2003-11-18 19:44:36 +00:00			`<?php`
- Fixed race condition in session handler. Patch by Kjartan. 2003-12-13 13:00:47 +00:00			`// $Id$`
- Improved module loading when serving cached pages. Moshe's bootstrap patch. - Used legend and fieldset tags for the configuration page. 2003-11-18 19:44:36 +00:00
			`session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc");`
			`session_start();`

			`/* Session functions ***************************************************/`

			`function sess_open($save_path, $session_name) {`
			`return 1;`
			`}`

			`function sess_close() {`
			`return 1;`
			`}`

			`function sess_read($key) {`
			`global $user;`

- Fixed race condition in session handler. Patch by Kjartan. 2003-12-13 13:00:47 +00:00			`$result = db_query_range("SELECT u., s., r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s' AND u.status < 3", $key, 0, 1);`
- Fixes bug #4100: First visit to site results in 'access denied' page. - Fixed sess_write(). - Removed dead code in index.php. 2003-11-18 23:37:48 +00:00
			`if (!db_num_rows($result)) {`
			`$result = db_query("SELECT u.*, r.name AS role FROM {users} u INNER JOIN {role} r ON u.rid = r.rid WHERE u.uid = 0");`
- Fixed race condition in session handler. Patch by Kjartan. 2003-12-13 13:00:47 +00:00			`db_query("INSERT INTO {sessions} (uid, sid, hostname, session, timestamp) values(%d, '%s', '%s', '%s', %d)", $user->uid, $key, $_SERVER["REMOTE_ADDR"], $value, time());`
- Fixes bug #4100: First visit to site results in 'access denied' page. - Fixed sess_write(). - Removed dead code in index.php. 2003-11-18 23:37:48 +00:00			`}`

- Improved module loading when serving cached pages. Moshe's bootstrap patch. - Used legend and fieldset tags for the configuration page. 2003-11-18 19:44:36 +00:00			`$user = db_fetch_object($result);`
			`if ($user->data && $data = unserialize($user->data)) {`
			`foreach ($data as $key => $value) {`
			`if (!isset($user->$key)) {`
			`$user->$key = $value;`
			`}`
			`}`
			`}`

			`return !empty($user->session) ? $user->session : '';`
			`}`

			`function sess_write($key, $value) {`
			`global $user;`

- Fixes bug #4100: First visit to site results in 'access denied' page. - Fixed sess_write(). - Removed dead code in index.php. 2003-11-18 23:37:48 +00:00			`db_query("UPDATE {sessions} SET uid = %d, hostname = '%s', session = '%s', timestamp = %d WHERE sid = '%s'", $user->uid, $_SERVER["REMOTE_ADDR"], $value, time(), $key);`
- Improved module loading when serving cached pages. Moshe's bootstrap patch. - Used legend and fieldset tags for the configuration page. 2003-11-18 19:44:36 +00:00
			`return '';`
			`}`

			`function sess_destroy($key) {`
			`db_query("DELETE FROM {sessions} WHERE sid = '$key'");`
			`}`

			`function sess_gc($lifetime) {`

			`/*`
			`** Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough`
			`** value. For example, if you want user sessions to stay in your database`
			`** for three weeks before deleting them, you need to set gc_maxlifetime`
			`** to '1814400'. At that value, only after a user doesn't log in after`
			`** three weeks (1814400 seconds) will his/her session be removed.`
			`*/`
			`db_query("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime);`

			`return 1;`

			`}`

			`?>`