- Patch #253702 by Damien Tournoud et al: further clean-up of the session handling code.
Dries Buytaert
parent
48727a34c2
commit
312b97e9e9
|
|
@ -1031,7 +1031,7 @@ function _drupal_bootstrap($phase) {
|
|||
|
||||
case DRUPAL_BOOTSTRAP_SESSION:
|
||||
require_once variable_get('session_inc', './includes/session.inc');
|
||||
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', 'sess_destroy_sid', 'sess_gc');
|
||||
session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy_sid', '_sess_gc');
|
||||
session_start();
|
||||
break;
|
||||
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ function _sess_write($key, $value) {
|
|||
// the session table. This reduces memory and server load, and gives more useful
|
||||
// statistics. We can't eliminate anonymous session table rows without breaking
|
||||
// the "Who's Online" block.
|
||||
if (!session_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
|
||||
if (!drupal_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
|
@ -170,7 +170,7 @@ function _sess_write($key, $value) {
|
|||
/**
|
||||
* Called when an anonymous user becomes authenticated or vice-versa.
|
||||
*/
|
||||
function sess_regenerate() {
|
||||
function drupal_session_regenerate() {
|
||||
$old_session_id = session_id();
|
||||
session_regenerate_id();
|
||||
db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
|
||||
|
|
@ -189,19 +189,20 @@ function sess_regenerate() {
|
|||
* @return int
|
||||
* The number of users with sessions.
|
||||
*/
|
||||
function sess_count($timestamp = 0, $anonymous = true) {
|
||||
function drupal_session_count($timestamp = 0, $anonymous = true) {
|
||||
$query = $anonymous ? ' AND uid = 0' : ' AND uid > 0';
|
||||
return db_result(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d' . $query, $timestamp));
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by PHP session handling with the PHP session ID
|
||||
* to end a user's session.
|
||||
* Session handler assigned by session_set_save_handler().
|
||||
*
|
||||
* Cleanup a specific session.
|
||||
*
|
||||
* @param string $sid
|
||||
* the session id
|
||||
*/
|
||||
function sess_destroy_sid($sid) {
|
||||
function _sess_destroy_sid($sid) {
|
||||
db_query("DELETE FROM {sessions} WHERE sid = '%s'", $sid);
|
||||
}
|
||||
|
||||
|
|
@ -211,11 +212,16 @@ function sess_destroy_sid($sid) {
|
|||
* @param string $uid
|
||||
* the user id
|
||||
*/
|
||||
function sess_destroy_uid($uid) {
|
||||
function drupal_session_destroy_uid($uid) {
|
||||
db_query('DELETE FROM {sessions} WHERE uid = %d', $uid);
|
||||
}
|
||||
|
||||
function sess_gc($lifetime) {
|
||||
/**
|
||||
* Session handler assigned by session_set_save_handler().
|
||||
*
|
||||
* Cleanup stalled sessions.
|
||||
*/
|
||||
function _sess_gc($lifetime) {
|
||||
// Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
|
||||
// value. For example, if you want user sessions to stay in your database
|
||||
// for three weeks before deleting them, you need to set gc_maxlifetime
|
||||
|
|
@ -240,7 +246,7 @@ function sess_gc($lifetime) {
|
|||
* @return
|
||||
* FALSE if writing session data has been disabled. Otherwise, TRUE.
|
||||
*/
|
||||
function session_save_session($status = NULL) {
|
||||
function drupal_save_session($status = NULL) {
|
||||
static $save_session = TRUE;
|
||||
if (isset($status)) {
|
||||
$save_session = $status;
|
||||
|
|
|
|||
|
|
@ -26,19 +26,19 @@ class SessionTestCase extends DrupalWebTestCase {
|
|||
}
|
||||
|
||||
/**
|
||||
* Tests for session_save_session().
|
||||
* Tests for drupal_save_session().
|
||||
*/
|
||||
function testSessionSaveSession() {
|
||||
$this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
|
||||
$this->assertFalse(session_save_session(FALSE), t('session_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
|
||||
$this->assertFalse(session_save_session(), t('session_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
|
||||
$this->assertTrue(session_save_session(TRUE), t('session_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
|
||||
$this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
|
||||
$this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
|
||||
$this->assertFalse(drupal_save_session(FALSE), t('drupal_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
|
||||
$this->assertFalse(drupal_save_session(), t('drupal_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
|
||||
$this->assertTrue(drupal_save_session(TRUE), t('drupal_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
|
||||
$this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Test data persistence via the session_test module callbacks. Also tests
|
||||
* sess_count() since session data is already generated here.
|
||||
* drupal_session_count() since session data is already generated here.
|
||||
*/
|
||||
function testDataPersistence() {
|
||||
$user = $this->drupalCreateUser(array('access content'));
|
||||
|
|
@ -54,13 +54,13 @@ class SessionTestCase extends DrupalWebTestCase {
|
|||
$this->drupalGet('session-test/get');
|
||||
$this->assertText($value_1, t('Session correctly returned the stored data for an authenticated user.'), t('Session'));
|
||||
|
||||
// Attempt to write over val_1. If session_save_session(FALSE) is working.
|
||||
// Attempt to write over val_1. If drupal_save_session(FALSE) is working.
|
||||
// properly, val_1 will still be set.
|
||||
$value_2 = $this->randomName();
|
||||
$this->drupalGet('session-test/no-set/' . $value_2);
|
||||
$this->assertText($value_2, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
|
||||
$this->drupalGet('session-test/get');
|
||||
$this->assertText($value_1, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
|
||||
$this->assertText($value_1, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));
|
||||
|
||||
// Switch browser cookie to anonymous user, then back to user 1.
|
||||
$this->sessionReset();
|
||||
|
|
@ -85,7 +85,7 @@ class SessionTestCase extends DrupalWebTestCase {
|
|||
$this->drupalGet('session-test/no-set/' . $value_4);
|
||||
$this->assertText($value_4, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
|
||||
$this->drupalGet('session-test/get');
|
||||
$this->assertText($value_3, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
|
||||
$this->assertText($value_3, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));
|
||||
|
||||
// Logout and get first user back in. Sessions shouldn't persist through
|
||||
// logout, so the data won't be on the page.
|
||||
|
|
@ -100,10 +100,10 @@ class SessionTestCase extends DrupalWebTestCase {
|
|||
$this->drupalLogin($user2);
|
||||
$this->session_count_authenticated = $this->session_count++;
|
||||
|
||||
// Perform sess_count tests here in order to use the session data already generated.
|
||||
// Perform drupal_session_count tests here in order to use the session data already generated.
|
||||
// Test absolute count.
|
||||
$anonymous = sess_count(0, TRUE);
|
||||
$authenticated = sess_count(0, FALSE);
|
||||
$anonymous = drupal_session_count(0, TRUE);
|
||||
$authenticated = drupal_session_count(0, FALSE);
|
||||
$this->assertEqual($anonymous + $authenticated, $this->session_count, t('Correctly counted @count total sessions.', array('@count' => $this->session_count)), t('Session'));
|
||||
|
||||
// Test anonymous count.
|
||||
|
|
@ -113,7 +113,7 @@ class SessionTestCase extends DrupalWebTestCase {
|
|||
$this->assertEqual($authenticated, $this->session_count_authenticated, t('Correctly counted @count authenticated sessions.', array('@count' => $authenticated)), t('Session'));
|
||||
|
||||
// Should return 0 sessions from 1 second from now.
|
||||
$this->assertEqual(sess_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));
|
||||
$this->assertEqual(drupal_session_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ function _session_test_set($value) {
|
|||
* anyway.
|
||||
*/
|
||||
function _session_test_no_set($value) {
|
||||
session_save_session(FALSE);
|
||||
drupal_save_session(FALSE);
|
||||
_session_test_set($value);
|
||||
return t('session saving was disabled, and then %val was set', array('%val' => $value));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -277,14 +277,14 @@ function user_save($account, $edit = array(), $category = 'account') {
|
|||
|
||||
// Delete a blocked user's sessions to kick them if they are online.
|
||||
if (isset($edit['status']) && $edit['status'] == 0) {
|
||||
sess_destroy_uid($account->uid);
|
||||
drupal_session_destroy_uid($account->uid);
|
||||
}
|
||||
|
||||
// If the password changed, delete all open sessions and recreate
|
||||
// the current one.
|
||||
if (!empty($edit['pass'])) {
|
||||
sess_destroy_uid($account->uid);
|
||||
sess_regenerate();
|
||||
drupal_session_destroy_uid($account->uid);
|
||||
drupal_session_regenerate();
|
||||
}
|
||||
|
||||
// Refresh user object.
|
||||
|
|
@ -792,7 +792,7 @@ function user_block($op = 'list', $delta = '', $edit = array()) {
|
|||
|
||||
// Perform database queries to gather online user lists. We use s.timestamp
|
||||
// rather than u.access because it is much faster.
|
||||
$anonymous_count = sess_count($interval);
|
||||
$anonymous_count = drupal_session_count($interval);
|
||||
$authenticated_users = db_query('SELECT DISTINCT u.uid, u.name, s.timestamp FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.timestamp >= %d AND s.uid > 0 ORDER BY s.timestamp DESC', $interval);
|
||||
$authenticated_count = 0;
|
||||
$max_users = variable_get('user_block_max_list_count', 10);
|
||||
|
|
@ -1344,7 +1344,7 @@ function user_authenticate_finalize(&$edit) {
|
|||
$user->login = $_SERVER['REQUEST_TIME'];
|
||||
db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);
|
||||
user_module_invoke('login', $edit, $user);
|
||||
sess_regenerate();
|
||||
drupal_session_regenerate();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -1555,7 +1555,7 @@ function _user_edit_submit($uid, &$edit) {
|
|||
*/
|
||||
function user_delete($edit, $uid) {
|
||||
$account = user_load(array('uid' => $uid));
|
||||
sess_destroy_uid($uid);
|
||||
drupal_session_destroy_uid($uid);
|
||||
_user_mail_notify('status_deleted', $account);
|
||||
module_invoke_all('user', 'delete', $edit, $account);
|
||||
db_query('DELETE FROM {users} WHERE uid = %d', $uid);
|
||||
|
|
@ -2210,7 +2210,7 @@ function user_block_user_action(&$object, $context = array()) {
|
|||
$uid = $user->uid;
|
||||
}
|
||||
db_query("UPDATE {users} SET status = 0 WHERE uid = %d", $uid);
|
||||
sess_destroy_uid($uid);
|
||||
drupal_session_destroy_uid($uid);
|
||||
watchdog('action', 'Blocked user %name.', array('%name' => check_plain($user->name)));
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue