adodb-cryptsession.php

Revision 269, 8.8 kB (checked in by ben, 3 years ago)
--
Property svn:eol-style set to `native`

Line
1	<?php
2	/*
3	V4.01 23 Oct 2003 (c) 2000-2003 John Lim (jlim@natsoft.com.my). All rights reserved.
4	Released under both BSD license and Lesser GPL library license.
5	Whenever there is any discrepancy between the two licenses,
6	the BSD license will take precedence.
7	Made table name configurable - by David Johnson djohnson@inpro.net
8	Encryption by Ari Kuorikoski <ari.kuorikoski@finebyte.com>
9
10	Set tabs to 4 for best viewing.
11
12	Latest version of ADODB is available at http://php.weblogs.com/adodb
13	======================================================================
14
15	This file provides PHP4 session management using the ADODB database
16	wrapper library.
17
18	Example
19	=======
20
21	GLOBAL $HTTP_SESSION_VARS;
22	include('adodb.inc.php');
23	#---------------------------------#
24	include('adodb-cryptsession.php');
25	#---------------------------------#
26	session_start();
27	session_register('AVAR');
28	$HTTP_SESSION_VARS['AVAR'] += 1;
29	print "<p>\$HTTP_SESSION_VARS['AVAR']={$HTTP_SESSION_VARS['AVAR']}</p>";
30
31
32	Installation
33	============
34	1. Create a new database in MySQL or Access "sessions" like
35	so:
36
37	create table sessions (
38	SESSKEY char(32) not null,
39	EXPIRY int(11) unsigned not null,
40	EXPIREREF varchar(64),
41	DATA CLOB,
42	primary key (sesskey)
43	);
44
45	2. Then define the following parameters. You can either modify
46	this file, or define them before this file is included:
47
48	$ADODB_SESSION_DRIVER='database driver, eg. mysql or ibase';
49	$ADODB_SESSION_CONNECT='server to connect to';
50	$ADODB_SESSION_USER ='user';
51	$ADODB_SESSION_PWD ='password';
52	$ADODB_SESSION_DB ='database';
53	$ADODB_SESSION_TBL = 'sessions'
54
55	3. Recommended is PHP 4.0.2 or later. There are documented
56	session bugs in earlier versions of PHP.
57
58	*/
59
60
61	include_once('crypt.inc.php');
62
63	if (!defined('_ADODB_LAYER')) {
64	include (dirname(__FILE__).'/adodb.inc.php');
65	}
66
67	/* if database time and system time is difference is greater than this, then give warning */
68	define('ADODB_SESSION_SYNCH_SECS',60);
69
70	if (!defined('ADODB_SESSION')) {
71
72	define('ADODB_SESSION',1);
73
74	GLOBAL $ADODB_SESSION_CONNECT,
75	$ADODB_SESSION_DRIVER,
76	$ADODB_SESSION_USER,
77	$ADODB_SESSION_PWD,
78	$ADODB_SESSION_DB,
79	$ADODB_SESS_CONN,
80	$ADODB_SESS_LIFE,
81	$ADODB_SESS_DEBUG,
82	$ADODB_SESS_INSERT,
83	$ADODB_SESSION_EXPIRE_NOTIFY;
84
85	//$ADODB_SESS_DEBUG = true;
86
87	/* SET THE FOLLOWING PARAMETERS */
88	if (empty($ADODB_SESSION_DRIVER)) {
89	$ADODB_SESSION_DRIVER='mysql';
90	$ADODB_SESSION_CONNECT='localhost';
91	$ADODB_SESSION_USER ='root';
92	$ADODB_SESSION_PWD ='';
93	$ADODB_SESSION_DB ='xphplens_2';
94	}
95
96	if (empty($ADODB_SESSION_TBL)){
97	$ADODB_SESSION_TBL = 'sessions';
98	}
99
100	if (empty($ADODB_SESSION_EXPIRE_NOTIFY)) {
101	$ADODB_SESSION_EXPIRE_NOTIFY = false;
102	}
103
104	function ADODB_Session_Key()
105	{
106	$ADODB_CRYPT_KEY = 'CRYPTED ADODB SESSIONS ROCK!';
107
108	/* USE THIS FUNCTION TO CREATE THE ENCRYPTION KEY FOR CRYPTED SESSIONS */
109	/* Crypt the used key, $ADODB_CRYPT_KEY as key and session_ID as SALT */
110	return crypt($ADODB_CRYPT_KEY, session_ID());
111	}
112
113	$ADODB_SESS_LIFE = ini_get('session.gc_maxlifetime');
114	if ($ADODB_SESS_LIFE <= 1) {
115	// bug in PHP 4.0.3 pl 1 -- how about other versions?
116	//print "<h3>Session Error: PHP.INI setting <i>session.gc_maxlifetime</i>not set: $ADODB_SESS_LIFE</h3>";
117	$ADODB_SESS_LIFE=1440;
118	}
119
120	function adodb_sess_open($save_path, $session_name)
121	{
122	GLOBAL $ADODB_SESSION_CONNECT,
123	$ADODB_SESSION_DRIVER,
124	$ADODB_SESSION_USER,
125	$ADODB_SESSION_PWD,
126	$ADODB_SESSION_DB,
127	$ADODB_SESS_CONN,
128	$ADODB_SESS_DEBUG;
129
130	$ADODB_SESS_INSERT = false;
131
132	if (isset($ADODB_SESS_CONN)) return true;
133
134	$ADODB_SESS_CONN = ADONewConnection($ADODB_SESSION_DRIVER);
135	if (!empty($ADODB_SESS_DEBUG)) {
136	$ADODB_SESS_CONN->debug = true;
137	print" conn=$ADODB_SESSION_CONNECT user=$ADODB_SESSION_USER pwd=$ADODB_SESSION_PWD db=$ADODB_SESSION_DB ";
138	}
139	return $ADODB_SESS_CONN->PConnect($ADODB_SESSION_CONNECT,
140	$ADODB_SESSION_USER,$ADODB_SESSION_PWD,$ADODB_SESSION_DB);
141
142	}
143
144	function adodb_sess_close()
145	{
146	global $ADODB_SESS_CONN;
147
148	if ($ADODB_SESS_CONN) $ADODB_SESS_CONN->Close();
149	return true;
150	}
151
152	function adodb_sess_read($key)
153	{
154	$Crypt = new MD5Crypt;
155	global $ADODB_SESS_CONN,$ADODB_SESS_INSERT,$ADODB_SESSION_TBL;
156	$rs = $ADODB_SESS_CONN->Execute("SELECT data FROM $ADODB_SESSION_TBL WHERE sesskey = '$key' AND expiry >= " . time());
157	if ($rs) {
158	if ($rs->EOF) {
159	$ADODB_SESS_INSERT = true;
160	$v = '';
161	} else {
162	// Decrypt session data
163	$v = rawurldecode($Crypt->Decrypt(reset($rs->fields), ADODB_Session_Key()));
164	}
165	$rs->Close();
166	return $v;
167	}
168	else $ADODB_SESS_INSERT = true;
169
170	return '';
171	}
172
173	function adodb_sess_write($key, $val)
174	{
175	$Crypt = new MD5Crypt;
176	global $ADODB_SESS_INSERT,$ADODB_SESS_CONN, $ADODB_SESS_LIFE, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
177
178	$expiry = time() + $ADODB_SESS_LIFE;
179
180	// encrypt session data..
181	$val = $Crypt->Encrypt(rawurlencode($val), ADODB_Session_Key());
182
183	$arr = array('sesskey' => $key, 'expiry' => $expiry, 'data' => $val);
184	if ($ADODB_SESSION_EXPIRE_NOTIFY) {
185	$var = reset($ADODB_SESSION_EXPIRE_NOTIFY);
186	global $$var;
187	$arr['expireref'] = $$var;
188	}
189	$rs = $ADODB_SESS_CONN->Replace($ADODB_SESSION_TBL,
190	$arr,
191	'sesskey',$autoQuote = true);
192
193	if (!$rs) {
194	ADOConnection::outp( '<p>Session Replace: '.$ADODB_SESS_CONN->ErrorMsg().'</p>',false);
195	} else {
196	// bug in access driver (could be odbc?) means that info is not commited
197	// properly unless select statement executed in Win2000
198
199	if ($ADODB_SESS_CONN->databaseType == 'access') $rs = $ADODB_SESS_CONN->Execute("select sesskey from $ADODB_SESSION_TBL WHERE sesskey='$key'");
200	}
201	return isset($rs);
202	}
203
204	function adodb_sess_destroy($key)
205	{
206	global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
207
208	if ($ADODB_SESSION_EXPIRE_NOTIFY) {
209	reset($ADODB_SESSION_EXPIRE_NOTIFY);
210	$fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
211	$savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
212	$rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
213	$ADODB_SESS_CONN->SetFetchMode($savem);
214	if ($rs) {
215	$ADODB_SESS_CONN->BeginTrans();
216	while (!$rs->EOF) {
217	$ref = $rs->fields[0];
218	$key = $rs->fields[1];
219	$fn($ref,$key);
220	$del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
221	$rs->MoveNext();
222	}
223	$ADODB_SESS_CONN->CommitTrans();
224	}
225	} else {
226	$qry = "DELETE FROM $ADODB_SESSION_TBL WHERE sesskey = '$key'";
227	$rs = $ADODB_SESS_CONN->Execute($qry);
228	}
229	return $rs ? true : false;
230	}
231
232
233	function adodb_sess_gc($maxlifetime) {
234	global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY,$ADODB_SESS_DEBUG;
235
236	if ($ADODB_SESSION_EXPIRE_NOTIFY) {
237	reset($ADODB_SESSION_EXPIRE_NOTIFY);
238	$fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
239	$savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
240	$rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE expiry < " . time());
241	$ADODB_SESS_CONN->SetFetchMode($savem);
242	if ($rs) {
243	$ADODB_SESS_CONN->BeginTrans();
244	while (!$rs->EOF) {
245	$ref = $rs->fields[0];
246	$key = $rs->fields[1];
247	$fn($ref,$key);
248	$del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
249	$rs->MoveNext();
250	}
251	$ADODB_SESS_CONN->CommitTrans();
252	}
253	} else {
254	$qry = "DELETE FROM $ADODB_SESSION_TBL WHERE expiry < " . time();
255	$ADODB_SESS_CONN->Execute($qry);
256	}
257
258	// suggested by Cameron, "GaM3R" <gamr@outworld.cx>
259	if (defined('ADODB_SESSION_OPTIMIZE'))
260	{
261	switch( $ADODB_SESSION_DRIVER ) {
262	case 'mysql':
263	case 'mysqlt':
264	$opt_qry = 'OPTIMIZE TABLE '.$ADODB_SESSION_TBL;
265	break;
266	case 'postgresql':
267	case 'postgresql7':
268	$opt_qry = 'VACUUM '.$ADODB_SESSION_TBL;
269	break;
270	}
271	}
272
273	if ($ADODB_SESS_CONN->dataProvider === 'oci8') $sql = 'select TO_CHAR('.($ADODB_SESS_CONN->sysTimeStamp).', \'RRRR-MM-DD HH24:MI:SS\') from '. $ADODB_SESSION_TBL;
274	else $sql = 'select '.$ADODB_SESS_CONN->sysTimeStamp.' from '. $ADODB_SESSION_TBL;
275
276	$rs =& $ADODB_SESS_CONN->SelectLimit($sql,1);
277	if ($rs && !$rs->EOF) {
278
279	$dbts = reset($rs->fields);
280	$rs->Close();
281	$dbt = $ADODB_SESS_CONN->UnixTimeStamp($dbts);
282	$t = time();
283	if (abs($dbt - $t) >= ADODB_SESSION_SYNCH_SECS) {
284	global $HTTP_SERVER_VARS;
285	$msg =
286	__FILE__.": Server time for webserver {$HTTP_SERVER_VARS['HTTP_HOST']} not in synch with database: database=$dbt ($dbts), webserver=$t (diff=".(abs($dbt-$t)/3600)." hrs)";
287	error_log($msg);
288	if ($ADODB_SESS_DEBUG) ADOConnection::outp("<p>$msg</p>");
289	}
290	}
291
292	return true;
293	}
294
295	session_module_name('user');
296	session_set_save_handler(
297	"adodb_sess_open",
298	"adodb_sess_close",
299	"adodb_sess_read",
300	"adodb_sess_write",
301	"adodb_sess_destroy",
302	"adodb_sess_gc");
303	}
304
305	/* TEST SCRIPT -- UNCOMMENT */
306	/*
307	if (0) {
308	GLOBAL $HTTP_SESSION_VARS;
309
310	session_start();
311	session_register('AVAR');
312	$HTTP_SESSION_VARS['AVAR'] += 1;
313	print "<p>\$HTTP_SESSION_VARS['AVAR']={$HTTP_SESSION_VARS['AVAR']}</p>";
314	}
315	*/
316	?>
317

Note: See TracBrowser for help on using the browser.

root/releases/elgg0.8rc2/lib/adodb/adodb-cryptsession.php

Download in other formats:

Developers

Discuss

Specialised

Featured