source: trunk/phpgwapi/inc/adodb/session/old/adodb-cryptsession.php @ 2

Revision 2, 8.9 KB checked in by niltonneto, 17 years ago (diff)

Removida todas as tags usadas pelo CVS ($Id, $Source).
Primeira versão no CVS externo.

  • Property svn:eol-style set to native
  • Property svn:executable set to *
Line 
1<?php
2/*
3V4.51 29 July 2004  (c) 2000-2004 John Lim (jlim@natsoft.com.my). All rights reserved.
4  Released under both BSD license and Lesser GPL library license.
5  Whenever there is any discrepancy between the two licenses,
6  the BSD license will take precedence.
7        Made table name configurable - by David Johnson djohnson@inpro.net
8        Encryption by Ari Kuorikoski <ari.kuorikoski@finebyte.com>
9       
10  Set tabs to 4 for best viewing.
11 
12  Latest version of ADODB is available at http://php.weblogs.com/adodb
13  ======================================================================
14 
15 This file provides PHP4 session management using the ADODB database
16wrapper library.
17 
18 Example
19 =======
20 
21        GLOBAL $HTTP_SESSION_VARS;
22        include('adodb.inc.php');
23        #---------------------------------#
24        include('adodb-cryptsession.php');
25        #---------------------------------#
26        session_start();
27        session_register('AVAR');
28        $HTTP_SESSION_VARS['AVAR'] += 1;
29        print "<p>\$HTTP_SESSION_VARS['AVAR']={$HTTP_SESSION_VARS['AVAR']}</p>";
30
31 
32 Installation
33 ============
34 1. Create a new database in MySQL or Access "sessions" like
35so:
36 
37  create table sessions (
38           SESSKEY char(32) not null,
39           EXPIRY int(11) unsigned not null,
40           EXPIREREF varchar(64),
41           DATA CLOB,
42          primary key (sesskey)
43  );
44 
45  2. Then define the following parameters. You can either modify
46     this file, or define them before this file is included:
47         
48        $ADODB_SESSION_DRIVER='database driver, eg. mysql or ibase';
49        $ADODB_SESSION_CONNECT='server to connect to';
50        $ADODB_SESSION_USER ='user';
51        $ADODB_SESSION_PWD ='password';
52        $ADODB_SESSION_DB ='database';
53        $ADODB_SESSION_TBL = 'sessions'
54       
55  3. Recommended is PHP 4.0.2 or later. There are documented
56session bugs in earlier versions of PHP.
57
58*/
59
60
61include_once('crypt.inc.php');
62
63if (!defined('_ADODB_LAYER')) {
64        include (dirname(__FILE__).'/adodb.inc.php');
65}
66
67 /* if database time and system time is difference is greater than this, then give warning */
68 define('ADODB_SESSION_SYNCH_SECS',60);
69
70if (!defined('ADODB_SESSION')) {
71
72 define('ADODB_SESSION',1);
73 
74GLOBAL  $ADODB_SESSION_CONNECT,
75        $ADODB_SESSION_DRIVER,
76        $ADODB_SESSION_USER,
77        $ADODB_SESSION_PWD,
78        $ADODB_SESSION_DB,
79        $ADODB_SESS_CONN,
80        $ADODB_SESS_LIFE,
81        $ADODB_SESS_DEBUG,
82        $ADODB_SESS_INSERT,
83        $ADODB_SESSION_EXPIRE_NOTIFY,
84        $ADODB_SESSION_TBL;
85
86        //$ADODB_SESS_DEBUG = true;
87       
88        /* SET THE FOLLOWING PARAMETERS */
89if (empty($ADODB_SESSION_DRIVER)) {
90        $ADODB_SESSION_DRIVER='mysql';
91        $ADODB_SESSION_CONNECT='localhost';
92        $ADODB_SESSION_USER ='root';
93        $ADODB_SESSION_PWD ='';
94        $ADODB_SESSION_DB ='xphplens_2';
95}
96
97if (empty($ADODB_SESSION_TBL)){
98        $ADODB_SESSION_TBL = 'sessions';
99}
100
101if (empty($ADODB_SESSION_EXPIRE_NOTIFY)) {
102        $ADODB_SESSION_EXPIRE_NOTIFY = false;
103}
104
105function ADODB_Session_Key()
106{
107$ADODB_CRYPT_KEY = 'CRYPTED ADODB SESSIONS ROCK!';
108
109        /* USE THIS FUNCTION TO CREATE THE ENCRYPTION KEY FOR CRYPTED SESSIONS  */
110        /* Crypt the used key, $ADODB_CRYPT_KEY as key and session_ID as SALT   */
111        return crypt($ADODB_CRYPT_KEY, session_ID());
112}
113
114$ADODB_SESS_LIFE = ini_get('session.gc_maxlifetime');
115if ($ADODB_SESS_LIFE <= 1) {
116        // bug in PHP 4.0.3 pl 1  -- how about other versions?
117        //print "<h3>Session Error: PHP.INI setting <i>session.gc_maxlifetime</i>not set: $ADODB_SESS_LIFE</h3>";
118        $ADODB_SESS_LIFE=1440;
119}
120
121function adodb_sess_open($save_path, $session_name)
122{
123GLOBAL  $ADODB_SESSION_CONNECT,
124        $ADODB_SESSION_DRIVER,
125        $ADODB_SESSION_USER,
126        $ADODB_SESSION_PWD,
127        $ADODB_SESSION_DB,
128        $ADODB_SESS_CONN,
129        $ADODB_SESS_DEBUG;
130       
131        $ADODB_SESS_INSERT = false;
132       
133        if (isset($ADODB_SESS_CONN)) return true;
134       
135        $ADODB_SESS_CONN = ADONewConnection($ADODB_SESSION_DRIVER);
136        if (!empty($ADODB_SESS_DEBUG)) {
137                $ADODB_SESS_CONN->debug = true;
138                print" conn=$ADODB_SESSION_CONNECT user=$ADODB_SESSION_USER pwd=$ADODB_SESSION_PWD db=$ADODB_SESSION_DB ";
139        }
140        return $ADODB_SESS_CONN->PConnect($ADODB_SESSION_CONNECT,
141                        $ADODB_SESSION_USER,$ADODB_SESSION_PWD,$ADODB_SESSION_DB);
142       
143}
144
145function adodb_sess_close()
146{
147global $ADODB_SESS_CONN;
148
149        if ($ADODB_SESS_CONN) $ADODB_SESS_CONN->Close();
150        return true;
151}
152
153function adodb_sess_read($key)
154{
155$Crypt = new MD5Crypt;
156global $ADODB_SESS_CONN,$ADODB_SESS_INSERT,$ADODB_SESSION_TBL;
157        $rs = $ADODB_SESS_CONN->Execute("SELECT data FROM $ADODB_SESSION_TBL WHERE sesskey = '$key' AND expiry >= " . time());
158        if ($rs) {
159                if ($rs->EOF) {
160                        $ADODB_SESS_INSERT = true;
161                        $v = '';
162                } else {
163                        // Decrypt session data
164                        $v = rawurldecode($Crypt->Decrypt(reset($rs->fields), ADODB_Session_Key()));
165                }
166                $rs->Close();
167                return $v;
168        }
169        else $ADODB_SESS_INSERT = true;
170       
171        return '';
172}
173
174function adodb_sess_write($key, $val)
175{
176$Crypt = new MD5Crypt;
177        global $ADODB_SESS_INSERT,$ADODB_SESS_CONN, $ADODB_SESS_LIFE, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
178
179        $expiry = time() + $ADODB_SESS_LIFE;
180
181        // encrypt session data..       
182        $val = $Crypt->Encrypt(rawurlencode($val), ADODB_Session_Key());
183       
184        $arr = array('sesskey' => $key, 'expiry' => $expiry, 'data' => $val);
185        if ($ADODB_SESSION_EXPIRE_NOTIFY) {
186                $var = reset($ADODB_SESSION_EXPIRE_NOTIFY);
187                global $$var;
188                $arr['expireref'] = $$var;
189        }
190        $rs = $ADODB_SESS_CONN->Replace($ADODB_SESSION_TBL,
191            $arr,
192        'sesskey',$autoQuote = true);
193
194        if (!$rs) {
195                ADOConnection::outp( '<p>Session Replace: '.$ADODB_SESS_CONN->ErrorMsg().'</p>',false);
196        } else {
197                // bug in access driver (could be odbc?) means that info is not commited
198                // properly unless select statement executed in Win2000
199       
200        if ($ADODB_SESS_CONN->databaseType == 'access') $rs = $ADODB_SESS_CONN->Execute("select sesskey from $ADODB_SESSION_TBL WHERE sesskey='$key'");
201        }
202        return isset($rs);
203}
204
205function adodb_sess_destroy($key)
206{
207        global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
208       
209        if ($ADODB_SESSION_EXPIRE_NOTIFY) {
210                reset($ADODB_SESSION_EXPIRE_NOTIFY);
211                $fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
212                $savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
213                $rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
214                $ADODB_SESS_CONN->SetFetchMode($savem);
215                if ($rs) {
216                        $ADODB_SESS_CONN->BeginTrans();
217                        while (!$rs->EOF) {
218                                $ref = $rs->fields[0];
219                                $key = $rs->fields[1];
220                                $fn($ref,$key);
221                                $del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
222                                $rs->MoveNext();
223                        }
224                        $ADODB_SESS_CONN->CommitTrans();
225                }
226        } else {
227                $qry = "DELETE FROM $ADODB_SESSION_TBL WHERE sesskey = '$key'";
228                $rs = $ADODB_SESS_CONN->Execute($qry);
229        }
230        return $rs ? true : false;
231}
232
233
234function adodb_sess_gc($maxlifetime) {
235        global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY,$ADODB_SESS_DEBUG;
236
237        if ($ADODB_SESSION_EXPIRE_NOTIFY) {
238                reset($ADODB_SESSION_EXPIRE_NOTIFY);
239                $fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
240                $savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
241                $t = time();
242                $rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE expiry < $t");
243                $ADODB_SESS_CONN->SetFetchMode($savem);
244                if ($rs) {
245                        $ADODB_SESS_CONN->BeginTrans();
246                        while (!$rs->EOF) {
247                                $ref = $rs->fields[0];
248                                $key = $rs->fields[1];
249                                $fn($ref,$key);
250                                //$del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
251                                $rs->MoveNext();
252                        }
253                        $rs->Close();
254                       
255                        $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE expiry < $t");
256                        $ADODB_SESS_CONN->CommitTrans();
257                }
258        } else {
259                $qry = "DELETE FROM $ADODB_SESSION_TBL WHERE expiry < " . time();
260                $ADODB_SESS_CONN->Execute($qry);
261        }
262       
263        // suggested by Cameron, "GaM3R" <gamr@outworld.cx>
264        if (defined('ADODB_SESSION_OPTIMIZE'))
265        {
266                switch( $ADODB_SESSION_DRIVER ) {
267                        case 'mysql':
268                        case 'mysqlt':
269                                $opt_qry = 'OPTIMIZE TABLE '.$ADODB_SESSION_TBL;
270                                break;
271                        case 'postgresql':
272                        case 'postgresql7':
273                                $opt_qry = 'VACUUM '.$ADODB_SESSION_TBL;       
274                                break;
275                }
276        }
277       
278        if ($ADODB_SESS_CONN->dataProvider === 'oci8') $sql = 'select  TO_CHAR('.($ADODB_SESS_CONN->sysTimeStamp).', \'RRRR-MM-DD HH24:MI:SS\') from '. $ADODB_SESSION_TBL;
279        else $sql = 'select '.$ADODB_SESS_CONN->sysTimeStamp.' from '. $ADODB_SESSION_TBL;
280       
281        $rs =& $ADODB_SESS_CONN->SelectLimit($sql,1);
282        if ($rs && !$rs->EOF) {
283       
284                $dbts = reset($rs->fields);
285                $rs->Close();
286                $dbt = $ADODB_SESS_CONN->UnixTimeStamp($dbts);
287                $t = time();
288                if (abs($dbt - $t) >= ADODB_SESSION_SYNCH_SECS) {
289                global $HTTP_SERVER_VARS;
290                        $msg =
291                        __FILE__.": Server time for webserver {$HTTP_SERVER_VARS['HTTP_HOST']} not in synch with database: database=$dbt ($dbts), webserver=$t (diff=".(abs($dbt-$t)/3600)." hrs)";
292                        error_log($msg);
293                        if ($ADODB_SESS_DEBUG) ADOConnection::outp("<p>$msg</p>");
294                }
295        }
296       
297        return true;
298}
299
300session_module_name('user');
301session_set_save_handler(
302        "adodb_sess_open",
303        "adodb_sess_close",
304        "adodb_sess_read",
305        "adodb_sess_write",
306        "adodb_sess_destroy",
307        "adodb_sess_gc");
308}
309
310/*  TEST SCRIPT -- UNCOMMENT */
311/*
312if (0) {
313GLOBAL $HTTP_SESSION_VARS;
314
315        session_start();
316        session_register('AVAR');
317        $HTTP_SESSION_VARS['AVAR'] += 1;
318        print "<p>\$HTTP_SESSION_VARS['AVAR']={$HTTP_SESSION_VARS['AVAR']}</p>";
319}
320*/
321?>
Note: See TracBrowser for help on using the repository browser.