diff options
Diffstat (limited to 'include/functions_session.inc.php')
-rw-r--r-- | include/functions_session.inc.php | 135 |
1 files changed, 78 insertions, 57 deletions
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index 213fceb21..24cffea57 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -2,7 +2,7 @@ // +-----------------------------------------------------------------------+ // | Piwigo - a PHP based photo gallery | // +-----------------------------------------------------------------------+ -// | Copyright(C) 2008-2013 Piwigo Team http://piwigo.org | +// | Copyright(C) 2008-2014 Piwigo Team http://piwigo.org | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | // +-----------------------------------------------------------------------+ @@ -21,62 +21,74 @@ // | USA. | // +-----------------------------------------------------------------------+ -// The function generate_key creates a string with pseudo random characters. -// the size of the string depends on the $conf['session_id_size']. -// Characters used are a-z A-Z and numerical values. Examples : -// "Er4Tgh6", "Rrp08P", "54gj" -// input : none (using global variable) -// output : $key -function generate_key($size) -{ - global $conf; +/** + * @package functions\session + */ - $md5 = md5(substr(microtime(), 2, 6)); - $init = ''; - for ( $i = 0; $i < strlen( $md5 ); $i++ ) - { - if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i]; - } - $init = substr( $init, 0, 8 ); - mt_srand( $init ); - $key = ''; - for ( $i = 0; $i < $size; $i++ ) - { - $c = mt_rand( 0, 2 ); - if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) ); - else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) ); - else $key .= mt_rand( 0, 9 ); - } - return $key; -} if (isset($conf['session_save_handler']) and ($conf['session_save_handler'] == 'db') and defined('PHPWG_INSTALLED')) { - session_set_save_handler('pwg_session_open', + session_set_save_handler( + 'pwg_session_open', 'pwg_session_close', 'pwg_session_read', 'pwg_session_write', 'pwg_session_destroy', 'pwg_session_gc' ); - if ( function_exists('ini_set') ) + + if (function_exists('ini_set')) { ini_set('session.use_cookies', $conf['session_use_cookies']); ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid'])); ini_set('session.cookie_httponly', 1); } + session_name($conf['session_name']); session_set_cookie_params(0, cookie_path()); register_shutdown_function('session_write_close'); } + +/** + * Generates a pseudo random string. + * Characters used are a-z A-Z and numerical values. + * + * @param int $size + * @return string + */ +function generate_key($size) +{ + global $conf; + + $md5 = md5(substr(microtime(), 2, 6)); + $init = ''; + for ( $i = 0; $i < strlen( $md5 ); $i++ ) + { + if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i]; + } + $init = substr( $init, 0, 8 ); + mt_srand( $init ); + $key = ''; + for ( $i = 0; $i < $size; $i++ ) + { + $c = mt_rand( 0, 2 ); + if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) ); + else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) ); + else $key .= mt_rand( 0, 9 ); + } + return $key; +} + /** - * returns true; used when the session_start() function is called + * Called by PHP session manager, always return true. * - * @params not use but useful for php engine + * @param string $path + * @param sring $name + * @return true */ function pwg_session_open($path, $name) { @@ -84,14 +96,20 @@ function pwg_session_open($path, $name) } /** - * returns true; used when the session is closed (unset($_SESSION)) + * Called by PHP session manager, always return true. * + * @return true */ function pwg_session_close() { return true; } +/** + * Returns a hash from current user IP + * + * @return string + */ function get_remote_addr_session_hash() { global $conf; @@ -112,11 +130,10 @@ function get_remote_addr_session_hash() } /** - * this function returns - * a string corresponding to the value of the variable save in the session - * or an empty string when the variable doesn't exist + * Called by PHP session manager, retrieves data stored in the sessions table. * - * @param string session id + * @param string $session_id + * @return string */ function pwg_session_read($session_id) { @@ -138,10 +155,11 @@ SELECT data } /** - * returns true; writes set a variable in the active session + * Called by PHP session manager, writes data in the sessions table. * - * @param string session id - * @data string value of date to be saved + * @param string $session_id + * @param sring $data + * @return true */ function pwg_session_write($session_id, $data) { @@ -155,9 +173,10 @@ REPLACE INTO '.SESSIONS_TABLE.' } /** - * returns true; delete the active session + * Called by PHP session manager, deletes data in the sessions table. * - * @param string session id + * @param string $session_id + * @return true */ function pwg_session_destroy($session_id) { @@ -171,8 +190,9 @@ DELETE } /** - * returns true; delete expired sessions - * called each time a session is closed. + * Called by PHP session manager, garbage collector for expired sessions. + * + * @return true */ function pwg_session_gc() { @@ -188,12 +208,12 @@ DELETE return true; } - /** - * persistently stores a variable for the current session - * currently we use standard php sessions but it might change - * @return boolean true on success - * @see pwg_get_session_var, pwg_unset_session_var + * Persistently stores a variable for the current session. + * + * @param string $var + * @param mixed $value + * @return bool */ function pwg_set_session_var($var, $value) { @@ -204,10 +224,11 @@ function pwg_set_session_var($var, $value) } /** - * retrieves the value of a persistent variable for the current session - * currently we use standard php sessions but it might change + * Retrieves the value of a persistent variable for the current session. + * + * @param string $var + * @param mixed $default * @return mixed - * @see pwg_set_session_var, pwg_unset_session_var */ function pwg_get_session_var($var, $default = null) { @@ -219,10 +240,10 @@ function pwg_get_session_var($var, $default = null) } /** - * deletes a persistent variable for the current session - * currently we use standard php sessions but it might change - * @return boolean true on success - * @see pwg_set_session_var, pwg_get_session_var + * Deletes a persistent variable for the current session. + * + * @param string $var + * @return bool */ function pwg_unset_session_var($var) { @@ -232,4 +253,4 @@ function pwg_unset_session_var($var) return true; } -?> +?>
\ No newline at end of file |