Initial revision

git-svn-id: http://piwigo.org/svn/trunk@2 68402e56-0260-453c-a942-63ccdbb3a9ee

1 files changed, 135 insertions, 0 deletions

diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php
new file mode 100644
index 000000000..e85447221
--- /dev/null
+++ b/include/functions_session.inc.php
@@ -0,0 +1,135 @@
+<?php
+/***************************************************************************
+ *                         functions_session.inc.php                       *
+ *                            -------------------                          *
+ *   application          : PhpWebGallery 1.3                              *
+ *   author               : Pierrick LE GALL <pierrick@z0rglub.com>        *
+ *                                                                         *
+ ***************************************************************************
+
+ ***************************************************************************
+ *                                                                         *
+ *   This program is free software; you can redistribute it and/or modify  *
+ *   it under the terms of the GNU General Public License as published by  *
+ *   the Free Software Foundation;                                         *
+ *                                                                         *
+ ***************************************************************************/
+function generate_key()
+{
+  global $conf;
+  $md5 = md5( substr( microtime(), 2, 6 ).$conf['session_keyword'] );
+  $init = "";
+  for ( $i = 0; $i < strlen( $md5 ); $i++ )
+  {
+    if ( is_numeric( $md5[$i] ) )
+    {
+      $init.= "$md5[$i]";
+    }
+  }
+  $init = substr( $init, 0, 8 );
+  mt_srand( $init );
+  $key = "";
+  for ( $i = 0; $i < $conf['session_id_size']; $i++ )
+  {
+    $c = mt_rand( 0, 2 );
+    if ( $c == 0 )
+    {
+      $key .= chr( mt_rand( 65, 90 ) );
+    }
+    elseif ( $c == 1 )
+      {
+        $key .= chr( mt_rand( 97, 122 ) );
+      }
+    else
+    {
+      $key .= mt_rand( 0, 9 );
+    }
+  }
+  return $key;
+}
+        
+function session_create( $pseudo )
+{
+  global $conf,$prefixeTable,$REMOTE_ADDR;
+  // 1. trouver une clé de session inexistante
+  $id_found = false;
+  while ( !$id_found )
+  {
+    $generated_id = generate_key();
+    $query = 'select id';
+    $query.= ' from '.$prefixeTable.'sessions';
+    $query.= " where id = '".$generated_id."';";
+    $result = mysql_query( $query );
+    if ( mysql_num_rows( $result ) == 0 )
+    {
+      $id_found = true;
+    }
+  }
+  // 2. récupération de l'id de l'utilisateur dont le pseudo
+  //    est passé en paramètre
+  $query = 'select id';
+  $query.= ' from '.$prefixeTable.'users';
+  $query.= " where pseudo = '".$pseudo."';";
+  $row = mysql_fetch_array( mysql_query( $query ) );
+  $user_id = $row['id'];
+  // 3. insertion de la session dans la base de donnée
+  $expiration = $conf['session_time']*60+time();
+  $query = 'insert into '.$prefixeTable.'sessions';
+  $query.= ' (id,user_id,expiration,ip) values';
+  $query.= "('".$generated_id."','".$user_id;
+  $query.= "','".$expiration."','".$REMOTE_ADDR."');";
+  mysql_query( $query );
+                
+  return $generated_id;
+}
+        
+function add_session_id_to_url( $url, $redirect = false )
+{
+  global $page, $user;
+  $amp = "&amp;";
+  if ( $redirect )
+  {
+    $amp = "&";
+  }
+  if ( !$user['is_the_guest'] )
+  {
+    if ( ereg( "\.php\?",$url ) )
+    {
+      return $url.$amp."id=".$page['session_id'];
+    }
+    else
+    {
+      return $url."?id=".$page['session_id'];
+    }
+  }
+  else
+  {
+    return $url;
+  }
+}
+
+function add_session_id( $url, $redirect = false )
+{
+  global $page, $user;
+  $amp = "&amp;";
+  if ( $redirect )
+  {
+    $amp = "&";
+  }
+  if ( !$user['is_the_guest'] )
+  {
+    if ( ereg( "\.php\?",$url ) )
+    {
+      return $url.$amp."id=".$page['session_id'];
+    }
+    else
+    {
+      return $url."?id=".$page['session_id'];
+    }
+  }
+  else
+  {
+    return $url;
+  }
+}
+?>
\ No newline at end of file