function write($key, $val)
{
global $ADODB_SESSION_READONLY;
if (!empty($ADODB_SESSION_READONLY)) {
return;
}
$clob = ADODB_Session::clob();
$conn =& ADODB_Session::_conn();
$crc = ADODB_Session::_crc();
$data = ADODB_Session::dataFieldName();
$debug = ADODB_Session::debug();
$driver = ADODB_Session::driver();
$expire_notify = ADODB_Session::expireNotify();
$filter = ADODB_Session::filter();
$lifetime = ADODB_Session::lifetime();
$table = ADODB_Session::table();
if (!$conn) {
return false;
}
$qkey = $conn->qstr($key);
//assert('$table');
$expiry = time() + $lifetime;
$binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' : '';
// crc32 optimization since adodb 2.1
// now we only update expiry date, thx to sebastian thom in adodb 2.32
if ($crc !== false && $crc == strlen($val) . crc32($val)) {
if ($debug) {
ADOConnection::outp('<p>Session: Only updating date - crc32 not changed</p>');
}
$expirevar = '';
if ($expire_notify) {
$var = reset($expire_notify);
global ${$var};
if (isset(${$var})) {
$expirevar = ${$var};
}
}
$sql = "UPDATE {$table} SET expiry = " . $conn->Param('0') . ",expireref=" . $conn->Param('1') . " WHERE {$binary} sesskey = " . $conn->Param('2') . " AND expiry >= " . $conn->Param('3');
$rs =& $conn->Execute($sql, array($expiry, $expirevar, $key, time()));
return true;
}
$val = rawurlencode($val);
foreach ($filter as $f) {
if (is_object($f)) {
$val = $f->write($val, ADODB_Session::_sessionKey());
}
}
$arr = array('sesskey' => $key, 'expiry' => $expiry, $data => $val, 'expireref' => '');
if ($expire_notify) {
$var = reset($expire_notify);
global ${$var};
if (isset(${$var})) {
$arr['expireref'] = ${$var};
}
}
if (!$clob) {
// no lobs, simply use replace()
$arr[$data] = $conn->qstr($val);
$rs = $conn->Replace($table, $arr, 'sesskey', $autoQuote = true);
} else {
// what value shall we insert/update for lob row?
switch ($driver) {
// empty_clob or empty_lob for oracle dbs
case 'oracle':
case 'oci8':
case 'oci8po':
case 'oci805':
$lob_value = sprintf('empty_%s()', strtolower($clob));
break;
// null for all other
// null for all other
default:
$lob_value = 'null';
break;
}
$conn->StartTrans();
$expiryref = $conn->qstr($arr['expireref']);
// do we insert or update? => as for sesskey
$rs =& $conn->Execute("SELECT COUNT(*) AS cnt FROM {$table} WHERE {$binary} sesskey = {$qkey}");
if ($rs && reset($rs->fields) > 0) {
$sql = "UPDATE {$table} SET expiry = {$expiry}, {$data} = {$lob_value}, expireref={$expiryref} WHERE sesskey = {$qkey}";
} else {
$sql = "INSERT INTO {$table} (expiry, {$data}, sesskey,expireref) VALUES ({$expiry}, {$lob_value}, {$qkey},{$expiryref})";
}
if ($rs) {
$rs->Close();
}
$err = '';
$rs1 =& $conn->Execute($sql);
if (!$rs1) {
$err = $conn->ErrorMsg() . "\n";
}
$rs2 =& $conn->UpdateBlob($table, $data, $val, " sesskey={$qkey}", strtoupper($clob));
if (!$rs2) {
$err .= $conn->ErrorMsg() . "\n";
}
$rs = $rs && $rs2 ? true : false;
$conn->CompleteTrans();
}
if (!$rs) {
ADOConnection::outp('<p>Session Replace: ' . $conn->ErrorMsg() . '</p>', false);
return false;
} else {
// bug in access driver (could be odbc?) means that info is not committed
// properly unless select statement executed in Win2000
if ($conn->databaseType == 'access') {
$sql = "SELECT sesskey FROM {$table} WHERE {$binary} sesskey = {$qkey}";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
if ($rs) {
$rs->Close();
}
}
}
/*
if (ADODB_Session::Lock()) {
$conn->CommitTrans();
}*/
return $rs ? true : false;
}
function sess_write($sess_id, $data)
{
$filter = ADODB_Session::filter();
$dataFieldName = ADODB_Session::dataFieldName();
$db_object =& $GLOBALS['ADODB_SESS_CONN'];
$table = $GLOBALS['ADODB_SESSION_TBL'];
if (isset($GLOBALS['ADODB_SESS_LIFE'])) {
$lifetime = $GLOBALS['ADODB_SESS_LIFE'];
} else {
$lifetime = ini_get('session.gc_maxlifetime');
if ($lifetime <= 1) {
$lifetime = 1440;
}
}
$expire_notify = $GLOBALS['ADODB_SESSION_EXPIRE_NOTIFY'];
$notify = '';
if (isset($expire_notify)) {
$var = reset($expire_notify);
global ${$var};
if (isset(${$var})) {
$notify = ${$var};
}
}
$CurrentTime = time() + $lifetime;
$data = rawurlencode($data);
foreach ($filter as $f) {
if (is_object($f)) {
$data = $f->write($data, ADODB_Session::_sessionKey());
}
}
$db_object->execute("UPDATE {$table} SET {$dataFieldName} = '{$data}', expiry = '{$CurrentTime}', expireref = '{$notify}' WHERE SessionID = '{$sess_id}'");
return true;
}
// No errors
ini_set('display_errors', '0');
// Don't show them
$db_logging = false;
// True gives an admin log entry for any SQL calls that update/insert/delete, and turns on adodb's sql logging. Only for use during development!This makes a huge amount of logs! You have been warned!!
}
ini_set('url_rewriter.tags', '');
// Ensure that the session id is *not* passed on the url - this is a possible security hole for logins - including admin.
global $ADODB_CRYPT_KEY;
global $ADODB_SESSION_CONNECT, $ADODB_SESSION_USER, $ADODB_SESSION_DB;
$ADODB_SESS_CONN = '';
$ADODB_SESSION_TBL = $db_prefix . "sessions";
// We explicitly use encrypted sessions, but this adds compression as well.
ADODB_Session::encryptionKey($ADODB_CRYPT_KEY);
// The data field name "data" violates SQL reserved words - switch it to SESSDATA
ADODB_Session::dataFieldName('SESSDATA');
global $db;
connectdb();
$db->prefix = $db_prefix;
$db->logging = $db_logging;
if ($db_logging) {
adodb_perf::table("{$db->prefix}adodb_logsql");
$db->LogSQL();
// Turn on adodb performance logging
}
if (!isset($index_page)) {
$index_page = false;
}
if (!$index_page) {
// Ensure that we do not set cookies on the index page, until the player chooses to allow them.
if (!isset($_SESSION)) {
$ADODB_SESSION_CONNECT = $host;
$ADODB_SESSION_DB = $database;
$ADODB_SESSION_DRIVER = $driver;
$ADODB_SESSION_PWD = $password;
$ADODB_SESSION_TBL = $table;
$ADODB_SESSION_USER = $user;
$ADODB_SESSION_USE_LOBS = $clob;
$ADODB_SESS_DEBUG = $debug;
$ADODB_SESS_LIFE = $lifetime;
if ($optimize) {
define('ADODB_SESSION_OPTIMIZE', $optimize);
}
define('ADODB_SESSION_SYNCH_SECS', $sync_seconds);
if (class_exists('ADODB_Session')) {
ADODB_Session::clob($clob);
ADODB_Session::dataFieldName($data_field_name);
ADODB_Session::database($database);
ADODB_Session::debug($debug);
ADODB_Session::driver($driver);
ADODB_Session::filter($filters);
ADODB_Session::host($host);
ADODB_Session::lifetime($lifetime);
ADODB_Session::optimize($optimize);
ADODB_Session::password($password);
ADODB_Session::syncSeconds($sync_seconds);
ADODB_Session::table($table);
ADODB_Session::user($user);
}
function NotifyFn($var, $sesskey)
{
echo "NotifyFn({$var}, {$sesskey}) called<br />\n";
// a package can decide to override the default user class
$userClass = $gBitSystem->getConfig('user_class', defined('ROLE_MODEL') ? 'RolePermUser' : 'BitPermUser');
require_once USERS_PKG_PATH . $userClass . '.php';
// set session lifetime
if ($gBitSystem->isFeatureActive('site_session_lifetime')) {
ini_set('session.gc_maxlifetime', $gBitSystem->isFeatureActive('site_session_lifetime'));
}
// is session data stored in DB or in filesystem?
if ($gBitSystem->isFeatureActive('site_store_session_db') && !empty($gBitDbType)) {
if (file_exists(EXTERNAL_LIBS_PATH . 'adodb/session/adodb-session.php')) {
include_once EXTERNAL_LIBS_PATH . 'adodb/session/adodb-session.php';
} elseif (file_exists(UTIL_PKG_PATH . 'adodb/session/adodb-session.php')) {
include_once UTIL_PKG_PATH . 'adodb/session/adodb-session.php';
}
if (class_exists('ADODB_Session')) {
ADODB_Session::dataFieldName('session_data');
ADODB_Session::driver($gBitDbType);
ADODB_Session::host($gBitDbHost);
ADODB_Session::user($gBitDbUser);
ADODB_Session::password($gBitDbPassword);
ADODB_Session::database($gBitDbName);
ADODB_Session::table(BIT_DB_PREFIX . 'sessions');
ini_set('session.save_handler', 'user');
}
}
session_name(BIT_SESSION_NAME);
if ($gBitSystem->isFeatureActive('users_remember_me')) {
session_set_cookie_params($gBitSystem->getConfig('site_session_lifetime'), $gBitSystem->getConfig('cookie_path', BIT_ROOT_URL), $gBitSystem->getConfig('cookie_domain', ''));
} else {
session_set_cookie_params($gBitSystem->getConfig('site_session_lifetime'), BIT_ROOT_URL, '');
}
