From b2de3c32ee635788f2f34c98d529fdc167ca6a51 Mon Sep 17 00:00:00 2001 From: rvelices Date: Fri, 1 Dec 2006 01:46:32 +0000 Subject: - sessions are always started (even for visitors) - thumbnail order saved in the session instead of cookie git-svn-id: http://piwigo.org/svn/trunk@1623 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions_session.inc.php | 47 ++++++++++++++++++++++++++++++++++++++- include/section_init.inc.php | 6 ++--- include/user.inc.php | 14 +++++------- 3 files changed, 53 insertions(+), 14 deletions(-) (limited to 'include') diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index 7fdf5dde8..ba1820028 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -81,7 +81,7 @@ if (isset($conf['session_save_handler']) // cookie_path will return : "/meeting/gallery" function cookie_path() { - if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and + if ( isset($_SERVER['REDIRECT_SCRIPT_NAME']) and !empty($_SERVER['REDIRECT_SCRIPT_NAME']) ) { $scr = $_SERVER['REDIRECT_SCRIPT_NAME']; @@ -221,4 +221,49 @@ DELETE pwg_query($query); return true; } + + +/** + * persistently stores a variable for the current session + * currently we use standard php sessions but it might change + * @return boolean true on success + * @see pwg_get_session_var, pwg_unset_session_var + */ +function pwg_set_session_var($var, $value) +{ + if ( !isset($_SESSION) ) + return false; + $_SESSION['pwg_'.$var] = $value; + return true; +} + +/** + * retrieves the value of a persistent variable for the current session + * currently we use standard php sessions but it might change + * @return mixed + * @see pwg_set_session_var, pwg_unset_session_var + */ +function pwg_get_session_var($var, $default = null) +{ + if (isset( $_SESSION['pwg_'.$var] ) ) + { + return $_SESSION['pwg_'.$var]; + } + return $default; +} + +/** + * deletes a persistent variable for the current session + * currently we use standard php sessions but it might change + * @return boolean true on success + * @see pwg_set_session_var, pwg_get_session_var + */ +function pwg_unset_session_var($var) +{ + if ( !isset($_SESSION) ) + return false; + unset( $_SESSION['pwg_'.$var] ); + return true; +} + ?> diff --git a/include/section_init.inc.php b/include/section_init.inc.php index 7e3f87cfe..416d98849 100644 --- a/include/section_init.inc.php +++ b/include/section_init.inc.php @@ -297,15 +297,13 @@ while (isset($tokens[$i])) // By default, it is the same as the $user['nb_image_page'] $page['nb_image_page'] = $user['nb_image_page']; -if (isset($_COOKIE['pwg_image_order']) - and is_numeric($_COOKIE['pwg_image_order']) - and $_COOKIE['pwg_image_order'] > 0) +if (pwg_get_session_var('image_order',0) > 0) { $orders = get_category_preferred_image_orders(); $conf['order_by'] = str_replace( 'ORDER BY ', - 'ORDER BY '.$orders[ $_COOKIE['pwg_image_order'] ][1].',', + 'ORDER BY '.$orders[ pwg_get_session_var('image_order',0) ][1].',', $conf['order_by'] ); $page['super_order_by'] = true; diff --git a/include/user.inc.php b/include/user.inc.php index f5c77b2f8..103052ad2 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -43,26 +43,22 @@ if (isset($_COOKIE[session_name()])) setcookie($conf['remember_me_name'], '', 0, cookie_path()); redirect(make_index_url()); } - elseif (empty($_SESSION['pwg_uid'])) - { // timeout - setcookie(session_name(),'',0, - ini_get('session.cookie_path'), - ini_get('session.cookie_domain') - ); - } - else + elseif (!empty($_SESSION['pwg_uid'])) { $user['id'] = $_SESSION['pwg_uid']; } } - // Now check the auto-login if ( $user['id']==$conf['guest_id'] ) { auto_login(); } +if (session_id()=="") +{ + session_start(); +} // using Apache authentication override the above user search if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) -- cgit v1.2.3