diff options
author | nikrou <nikrou@piwigo.org> | 2006-01-15 13:45:42 +0000 |
---|---|---|
committer | nikrou <nikrou@piwigo.org> | 2006-01-15 13:45:42 +0000 |
commit | c3397a2c73273ba5414d976ab7f45ae5e71a8a33 (patch) | |
tree | e59456bdf40caf57ca5d3586190c3b3f6e8eb463 /include/functions_session.inc.php | |
parent | b223bb495dbfa1611766cdc528c9eb1af56c43e3 (diff) |
Improve security of sessions:
- use only cookies to store session id on client side
- use default php session system with database handler to store sessions on server side
git-svn-id: http://piwigo.org/svn/trunk@1004 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/functions_session.inc.php')
-rw-r--r-- | include/functions_session.inc.php | 154 |
1 files changed, 58 insertions, 96 deletions
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index 8a3bb911c..98a85c876 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -25,115 +25,77 @@ // | USA. | // +-----------------------------------------------------------------------+ -// The function generate_key creates a string with pseudo random characters. -// the size of the string depends on the $conf['session_id_size']. -// Characters used are a-z A-Z and numerical values. Examples : -// "Er4Tgh6", "Rrp08P", "54gj" -// input : none (using global variable) -// output : $key -function generate_key($size) -{ - global $conf; - - $md5 = md5(substr(microtime(), 2, 6)); - $init = ''; - for ( $i = 0; $i < strlen( $md5 ); $i++ ) - { - if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i]; - } - $init = substr( $init, 0, 8 ); - mt_srand( $init ); - $key = ''; - for ( $i = 0; $i < $size; $i++ ) - { - $c = mt_rand( 0, 2 ); - if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) ); - else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) ); - else $key .= mt_rand( 0, 9 ); - } - return $key; +if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db')) { + session_set_save_handler('pwg_session_open', + 'pwg_session_close', + 'pwg_session_read', + 'pwg_session_write', + 'pwg_session_destroy', + 'pwg_session_gc' + ); } -/** - * create a new session and returns the session identifier - * - * - find a non-already-used session key - * - create a session in database - * - return session identifier - * - * @param int userid - * @param int session_lentgh : in seconds - * @return string - */ -function session_create($userid, $session_length) -{ - global $conf; +ini_set('session.use_cookies', $conf['session_use_cookies']); +ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); +ini_set('session.use_trans_sid', $conf['session_use_trans_sid']); +ini_set('session.name', $conf['session_name']); - // 1. searching an unused session key - $id_found = false; - while (!$id_found) - { - $generated_id = generate_key($conf['session_id_size']); - $query = ' -SELECT id - FROM '.SESSIONS_TABLE.' - WHERE id = \''.$generated_id.'\' -;'; - $result = pwg_query($query); - if (mysql_num_rows($result) == 0) - { - $id_found = true; - } - } - // 3. inserting session in database - $query = ' -INSERT INTO '.SESSIONS_TABLE.' - (id,user_id,expiration) - VALUES - (\''.$generated_id.'\','.$userid.', - ADDDATE(NOW(), INTERVAL '.$session_length.' SECOND)) -;'; - pwg_query($query); - - $expiration = $session_length + time(); - setcookie('id', $generated_id, $expiration, cookie_path()); - - return $generated_id; +function pwg_session_open($path, $name) +{ + return true; } -// add_session_id adds the id of the session to the string given in -// parameter as $url. If the session id is the first parameter to the url, -// it is preceded by a '?', else it is preceded by a '&'. If the -// parameter $redirect is set to true, '&' is used instead of '&'. -function add_session_id( $url, $redirect = false ) +function pwg_session_close() { - global $page, $user, $conf; + pwg_session_gc(); + return true; +} - if ($user['is_the_guest'] - or $user['has_cookie'] - or $conf['apache_authentication']) - { - return $url; +function pwg_session_read($session_id) +{ + $query = "SELECT data FROM " . SESSIONS_TABLE; + $query .= " WHERE id = '$session_id'"; + $result = pwg_query($query); + if ($result) { + $row = mysql_fetch_assoc($result); + return $row['data']; + } else { + return ''; } +} - if (preg_match('/\.php\?/', $url)) - { - $separator = $redirect ? '&' : '&'; - } - else - { - $separator = '?'; +function pwg_session_write($session_id, $data) +{ + $query = "SELECT id FROM " . SESSIONS_TABLE; + $query .= " WHERE id = '$session_id'"; + $result = pwg_query($query); + if (mysql_num_rows($result)) { + $query = "UPDATE " . SESSIONS_TABLE . " SET expiration = now()"; + $query .= " WHERE id = '$session_id'"; + pwg_query($query); + } else { + $query = "INSERT INTO " . SESSIONS_TABLE . " (id,data,expiration)"; + $query .= " VALUES('$session_id','$data',now())"; + pwg_query($query); } + return true; +} - return $url.$separator.'id='.$page['session_id']; +function pwg_session_destroy($session_id) +{ + $query = "DELETE FROM " . SESSIONS_TABLE; + $query .= " WHERE id = '$session_id'"; + pwg_query($query); + return true; } -// cookie_path returns the path to use for the PhpWebGallery cookie. -// If PhpWebGallery is installed on : -// http://domain.org/meeting/gallery/category.php -// cookie_path will return : "/meeting/gallery" -function cookie_path() +function pwg_session_gc() { - return substr($_SERVER['PHP_SELF'],0,strrpos( $_SERVER['PHP_SELF'],'/')); + global $conf; + + $query = "DELETE FROM " . SESSIONS_TABLE; + $query .= " WHERE UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(expiration) > " . $conf['session_length']; + pwg_query($query); + return true; } ?> |