Example #1
0
 /**
  * Refresh global user data following the actual session state.
  */
 protected function updateUser()
 {
     global $user;
     $uid = $this->getSessionUid();
     if (!empty($uid)) {
         $user = db_query("SELECT u.* FROM {users} u WHERE u.uid = :uid", array(':uid' => $uid))->fetchObject();
         if (1 == $user->status) {
             $user->data = unserialize($user->data);
             $user->roles = array();
             $user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
             $user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1);
         } else {
             $user = drupal_anonymous_user();
         }
     } else {
         $user = drupal_anonymous_user();
     }
     // The 'session' attribute is an insanity and should be removed.
     $user->session = '';
     $user->timestamp = REQUEST_TIME;
     // Avoid some PHP warnings with backends using it (mongodb module does
     // check it). Some backends may set this variable, if they keep it, some
     // other won't.
     if (!isset($user->cache)) {
         $user->cache = 0;
     }
     // Do not update access time more than once per 180 seconds. Also check
     // for an active database connection: actual core will have one, but in
     // the late future we may have session handling without database at all.
     if (!$this->userAccessUpdated && Database::isActiveConnection() && $user->uid && REQUEST_TIME - $user->access > variable_get('session_write_interval', 180)) {
         db_update('users')->fields(array('access' => REQUEST_TIME))->condition('uid', $user->uid)->execute();
         $this->userAccessUpdated = TRUE;
     }
 }