1 | <?php |
---|
2 | /**************************************************************************\ |
---|
3 | * eGroupWare API - Session management * |
---|
4 | * This file written by Dan Kuykendall <seek3r@phpgroupware.org> * |
---|
5 | * and Joseph Engo <jengo@phpgroupware.org> * |
---|
6 | * and Ralf Becker <ralfbecker@outdoor-training.de> * |
---|
7 | * Copyright (C) 2000, 2001 Dan Kuykendall * |
---|
8 | * -------------------------------------------------------------------------* |
---|
9 | * This library is part of the phpGroupWare API * |
---|
10 | * http://www.egroupware.org/api * |
---|
11 | * ------------------------------------------------------------------------ * |
---|
12 | * This library is free software; you can redistribute it and/or modify it * |
---|
13 | * under the terms of the GNU Lesser General Public License as published by * |
---|
14 | * the Free Software Foundation; either version 2.1 of the License, * |
---|
15 | * or any later version. * |
---|
16 | * This library is distributed in the hope that it will be useful, but * |
---|
17 | * WITHOUT ANY WARRANTY; without even the implied warranty of * |
---|
18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * |
---|
19 | * See the GNU Lesser General Public License for more details. * |
---|
20 | * You should have received a copy of the GNU Lesser General Public License * |
---|
21 | * along with this library; if not, write to the Free Software Foundation, * |
---|
22 | * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
---|
23 | \**************************************************************************/ |
---|
24 | |
---|
25 | |
---|
26 | class sessions extends sessions_ |
---|
27 | { |
---|
28 | function sessions() |
---|
29 | { |
---|
30 | $this->sessions_(); |
---|
31 | //controls the time out for php4 sessions - skwashd 18-May-2003 |
---|
32 | ini_set('session.gc_maxlifetime', $GLOBALS['phpgw_info']['server']['sessions_timeout']); |
---|
33 | session_name('sessionid'); |
---|
34 | } |
---|
35 | |
---|
36 | function read_session() |
---|
37 | { |
---|
38 | if (!$this->sessionid) |
---|
39 | { |
---|
40 | return False; |
---|
41 | } |
---|
42 | session_id($this->sessionid); |
---|
43 | session_start(); |
---|
44 | return $GLOBALS['phpgw_session'] = $_SESSION['phpgw_session']; |
---|
45 | } |
---|
46 | |
---|
47 | function set_cookie_params($domain) |
---|
48 | { |
---|
49 | session_set_cookie_params(0,'/',$domain); |
---|
50 | } |
---|
51 | |
---|
52 | function new_session_id() |
---|
53 | { |
---|
54 | session_start(); |
---|
55 | |
---|
56 | return session_id(); |
---|
57 | } |
---|
58 | |
---|
59 | function register_session($login,$user_ip,$now,$session_flags) |
---|
60 | { |
---|
61 | // session_start() is now called in new_session_id() !!! |
---|
62 | |
---|
63 | $GLOBALS['phpgw_session']['session_id'] = $this->sessionid; |
---|
64 | $GLOBALS['phpgw_session']['session_lid'] = $login; |
---|
65 | $GLOBALS['phpgw_session']['session_ip'] = $user_ip; |
---|
66 | $GLOBALS['phpgw_session']['session_logintime'] = $now; |
---|
67 | $GLOBALS['phpgw_session']['session_dla'] = $now; |
---|
68 | $GLOBALS['phpgw_session']['session_action'] = $_SERVER['PHP_SELF']; |
---|
69 | $GLOBALS['phpgw_session']['session_flags'] = $session_flags; |
---|
70 | // we need the install-id to differ between serveral installs shareing one tmp-dir |
---|
71 | $GLOBALS['phpgw_session']['session_install_id'] = $GLOBALS['phpgw_info']['server']['install_id']; |
---|
72 | |
---|
73 | session_register('phpgw_session'); |
---|
74 | $_SESSION['phpgw_session'] = $GLOBALS['phpgw_session']; |
---|
75 | } |
---|
76 | |
---|
77 | // This will update the DateLastActive column, so the login does not expire |
---|
78 | function update_dla() |
---|
79 | { |
---|
80 | if (@isset($_GET['menuaction'])) |
---|
81 | { |
---|
82 | $action = $_GET['menuaction']; |
---|
83 | } |
---|
84 | else |
---|
85 | { |
---|
86 | $action = $_SERVER['PHP_SELF']; |
---|
87 | } |
---|
88 | |
---|
89 | // This way XML-RPC users aren't always listed as |
---|
90 | // xmlrpc.php |
---|
91 | if ($this->xmlrpc_method_called) |
---|
92 | { |
---|
93 | $action = $this->xmlrpc_method_called; |
---|
94 | } |
---|
95 | |
---|
96 | $GLOBALS['phpgw_session']['session_dla'] = time(); |
---|
97 | $GLOBALS['phpgw_session']['session_action'] = $action; |
---|
98 | |
---|
99 | $_SESSION['phpgw_session'] = $GLOBALS['phpgw_session']; |
---|
100 | |
---|
101 | return True; |
---|
102 | } |
---|
103 | |
---|
104 | function destroy($sessionid, $kp3) |
---|
105 | { |
---|
106 | if (!$sessionid && $kp3) |
---|
107 | { |
---|
108 | return False; |
---|
109 | } |
---|
110 | |
---|
111 | $this->log_access($this->sessionid); // log logout-time |
---|
112 | |
---|
113 | // Only do the following, if where working with the current user |
---|
114 | if ($sessionid == $GLOBALS['phpgw_info']['user']['sessionid']) |
---|
115 | { |
---|
116 | session_unset(); |
---|
117 | //echo "<p>sessions_php4::destroy: session_destroy() returned ".(session_destroy() ? 'True' : 'False')."</p>\n"; |
---|
118 | @session_destroy(); |
---|
119 | if ($GLOBALS['phpgw_info']['server']['usecookies']) |
---|
120 | { |
---|
121 | $this->phpgw_setcookie(session_name()); |
---|
122 | } |
---|
123 | } |
---|
124 | else |
---|
125 | { |
---|
126 | if(@opendir($path = ini_get('session.save_path'))){ |
---|
127 | $session_file = $path."/sess_".$sessionid; |
---|
128 | if (file_exists($session_file)) |
---|
129 | @unlink($session_file); |
---|
130 | } |
---|
131 | } |
---|
132 | |
---|
133 | return True; |
---|
134 | } |
---|
135 | |
---|
136 | /*************************************************************************\ |
---|
137 | * Functions for appsession data and session cache * |
---|
138 | \*************************************************************************/ |
---|
139 | function delete_cache($accountid='') |
---|
140 | { |
---|
141 | $account_id = get_account_id($accountid,$this->account_id); |
---|
142 | |
---|
143 | $GLOBALS['phpgw_session']['phpgw_app_sessions']['phpgwapi']['phpgw_info_cache'] = ''; |
---|
144 | |
---|
145 | session_register('phpgw_session'); |
---|
146 | $_SESSION['phpgw_session'] = $GLOBALS['phpgw_session']; |
---|
147 | } |
---|
148 | |
---|
149 | function appsession($location = 'default', $appname = '', $data = '##NOTHING##') |
---|
150 | { |
---|
151 | if (! $appname) |
---|
152 | { |
---|
153 | $appname = $GLOBALS['phpgw_info']['flags']['currentapp']; |
---|
154 | } |
---|
155 | |
---|
156 | /* This allows the user to put '' as the value. */ |
---|
157 | if ($data == '##NOTHING##') |
---|
158 | { |
---|
159 | // I added these into seperate steps for easier debugging |
---|
160 | $data = $GLOBALS['phpgw_session']['phpgw_app_sessions'][$appname][$location]['content']; |
---|
161 | |
---|
162 | /* do not decrypt and return if no data (decrypt returning garbage) */ |
---|
163 | if($data) |
---|
164 | { |
---|
165 | $data = $GLOBALS['phpgw']->crypto->decrypt($data); |
---|
166 | //echo "appsession returning: location='$location',app='$appname',data=$data"; _debug_array($data); |
---|
167 | return $data; |
---|
168 | } |
---|
169 | } |
---|
170 | else |
---|
171 | { |
---|
172 | $encrypteddata = $GLOBALS['phpgw']->crypto->encrypt($data); |
---|
173 | $GLOBALS['phpgw_session']['phpgw_app_sessions'][$appname][$location]['content'] = $encrypteddata; |
---|
174 | $_SESSION['phpgw_session'] = $GLOBALS['phpgw_session']; |
---|
175 | return $data; |
---|
176 | } |
---|
177 | } |
---|
178 | |
---|
179 | function session_sort($a,$b) |
---|
180 | { |
---|
181 | $sign = strcasecmp($GLOBALS['phpgw']->session->sort_order,'ASC') ? 1 : -1; |
---|
182 | |
---|
183 | return strcasecmp( |
---|
184 | $a[$GLOBALS['phpgw']->session->sort_by], |
---|
185 | $b[$GLOBALS['phpgw']->session->sort_by] |
---|
186 | ) * $sign; |
---|
187 | } |
---|
188 | |
---|
189 | /*! |
---|
190 | @function list_sessions |
---|
191 | @abstract get list of normal / non-anonymous sessions |
---|
192 | @note The data form the session-files get cached in the app_session phpgwapi/php4_session_cache |
---|
193 | @author ralfbecker |
---|
194 | */ |
---|
195 | function list_sessions($start,$order,$sort,$all_no_sort = False) |
---|
196 | { |
---|
197 | |
---|
198 | $values = array(); |
---|
199 | $maxmatchs = $GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs']; |
---|
200 | $dir = @opendir($path = ini_get('session.save_path')); |
---|
201 | if (!$dir) // eg. openbasedir restrictions |
---|
202 | { |
---|
203 | return $values; |
---|
204 | } |
---|
205 | while ($file = readdir($dir)) |
---|
206 | { |
---|
207 | if (substr($file,0,5) != 'sess_' || !is_readable($path. '/' . $file)) |
---|
208 | { |
---|
209 | continue; |
---|
210 | } |
---|
211 | $session = ''; |
---|
212 | if (($fd = fopen ($path . '/' . $file,'r'))) |
---|
213 | { |
---|
214 | $session = ($size = filesize ($path . '/' . $file)) ? @fread ($fd, $size) : 0; |
---|
215 | fclose ($fd); |
---|
216 | } |
---|
217 | $session = unserialize(substr($session,14)); |
---|
218 | $values[$session['session_id']] = $session; |
---|
219 | } |
---|
220 | closedir($dir); |
---|
221 | |
---|
222 | if(!$all_no_sort) |
---|
223 | { |
---|
224 | $GLOBALS['phpgw']->session->sort_by = $sort; |
---|
225 | $GLOBALS['phpgw']->session->sort_order = $order; |
---|
226 | |
---|
227 | uasort($values,array('sessions','session_sort')); |
---|
228 | |
---|
229 | $i = 0; |
---|
230 | $start = (int)$start; |
---|
231 | foreach($values as $id => $data) |
---|
232 | { |
---|
233 | if($i < $start || $i > $start+$maxmatchs) |
---|
234 | { |
---|
235 | unset($values[$id]); |
---|
236 | } |
---|
237 | ++$i; |
---|
238 | } |
---|
239 | reset($values); |
---|
240 | } |
---|
241 | |
---|
242 | return $values; |
---|
243 | } |
---|
244 | |
---|
245 | /*! |
---|
246 | @function total |
---|
247 | @abstract get number of normal / non-anonymous sessions |
---|
248 | @author ralfbecker |
---|
249 | */ |
---|
250 | function total() |
---|
251 | { |
---|
252 | return count($this->list_sessions(0,'','',True)); |
---|
253 | } |
---|
254 | } |
---|