function write($key, $val) { global $ADODB_SESSION_READONLY; if (!empty($ADODB_SESSION_READONLY)) { return; } $clob = ADODB_Session::clob(); $conn =& ADODB_Session::_conn(); $crc = ADODB_Session::_crc(); $data = ADODB_Session::dataFieldName(); $debug = ADODB_Session::debug(); $driver = ADODB_Session::driver(); $expire_notify = ADODB_Session::expireNotify(); $filter = ADODB_Session::filter(); $lifetime = ADODB_Session::lifetime(); $table = ADODB_Session::table(); if (!$conn) { return false; } $qkey = $conn->qstr($key); //assert('$table'); $expiry = time() + $lifetime; $binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' : ''; // crc32 optimization since adodb 2.1 // now we only update expiry date, thx to sebastian thom in adodb 2.32 if ($crc !== false && $crc == strlen($val) . crc32($val)) { if ($debug) { ADOConnection::outp('<p>Session: Only updating date - crc32 not changed</p>'); } $expirevar = ''; if ($expire_notify) { $var = reset($expire_notify); global ${$var}; if (isset(${$var})) { $expirevar = ${$var}; } } $sql = "UPDATE {$table} SET expiry = " . $conn->Param('0') . ",expireref=" . $conn->Param('1') . " WHERE {$binary} sesskey = " . $conn->Param('2') . " AND expiry >= " . $conn->Param('3'); $rs =& $conn->Execute($sql, array($expiry, $expirevar, $key, time())); return true; } $val = rawurlencode($val); foreach ($filter as $f) { if (is_object($f)) { $val = $f->write($val, ADODB_Session::_sessionKey()); } } $arr = array('sesskey' => $key, 'expiry' => $expiry, $data => $val, 'expireref' => ''); if ($expire_notify) { $var = reset($expire_notify); global ${$var}; if (isset(${$var})) { $arr['expireref'] = ${$var}; } } if (!$clob) { // no lobs, simply use replace() $arr[$data] = $conn->qstr($val); $rs = $conn->Replace($table, $arr, 'sesskey', $autoQuote = true); } else { // what value shall we insert/update for lob row? switch ($driver) { // empty_clob or empty_lob for oracle dbs case 'oracle': case 'oci8': case 'oci8po': case 'oci805': $lob_value = sprintf('empty_%s()', strtolower($clob)); break; // null for all other // null for all other default: $lob_value = 'null'; break; } $conn->StartTrans(); $expiryref = $conn->qstr($arr['expireref']); // do we insert or update? => as for sesskey $rs =& $conn->Execute("SELECT COUNT(*) AS cnt FROM {$table} WHERE {$binary} sesskey = {$qkey}"); if ($rs && reset($rs->fields) > 0) { $sql = "UPDATE {$table} SET expiry = {$expiry}, {$data} = {$lob_value}, expireref={$expiryref} WHERE sesskey = {$qkey}"; } else { $sql = "INSERT INTO {$table} (expiry, {$data}, sesskey,expireref) VALUES ({$expiry}, {$lob_value}, {$qkey},{$expiryref})"; } if ($rs) { $rs->Close(); } $err = ''; $rs1 =& $conn->Execute($sql); if (!$rs1) { $err = $conn->ErrorMsg() . "\n"; } $rs2 =& $conn->UpdateBlob($table, $data, $val, " sesskey={$qkey}", strtoupper($clob)); if (!$rs2) { $err .= $conn->ErrorMsg() . "\n"; } $rs = $rs && $rs2 ? true : false; $conn->CompleteTrans(); } if (!$rs) { ADOConnection::outp('<p>Session Replace: ' . $conn->ErrorMsg() . '</p>', false); return false; } else { // bug in access driver (could be odbc?) means that info is not committed // properly unless select statement executed in Win2000 if ($conn->databaseType == 'access') { $sql = "SELECT sesskey FROM {$table} WHERE {$binary} sesskey = {$qkey}"; $rs =& $conn->Execute($sql); ADODB_Session::_dumprs($rs); if ($rs) { $rs->Close(); } } } /* if (ADODB_Session::Lock()) { $conn->CommitTrans(); }*/ return $rs ? true : false; }
function sess_write($sess_id, $data) { $filter = ADODB_Session::filter(); $dataFieldName = ADODB_Session::dataFieldName(); $db_object =& $GLOBALS['ADODB_SESS_CONN']; $table = $GLOBALS['ADODB_SESSION_TBL']; if (isset($GLOBALS['ADODB_SESS_LIFE'])) { $lifetime = $GLOBALS['ADODB_SESS_LIFE']; } else { $lifetime = ini_get('session.gc_maxlifetime'); if ($lifetime <= 1) { $lifetime = 1440; } } $expire_notify = $GLOBALS['ADODB_SESSION_EXPIRE_NOTIFY']; $notify = ''; if (isset($expire_notify)) { $var = reset($expire_notify); global ${$var}; if (isset(${$var})) { $notify = ${$var}; } } $CurrentTime = time() + $lifetime; $data = rawurlencode($data); foreach ($filter as $f) { if (is_object($f)) { $data = $f->write($data, ADODB_Session::_sessionKey()); } } $db_object->execute("UPDATE {$table} SET {$dataFieldName} = '{$data}', expiry = '{$CurrentTime}', expireref = '{$notify}' WHERE SessionID = '{$sess_id}'"); return true; }
// No errors ini_set('display_errors', '0'); // Don't show them $db_logging = false; // True gives an admin log entry for any SQL calls that update/insert/delete, and turns on adodb's sql logging. Only for use during development!This makes a huge amount of logs! You have been warned!! } ini_set('url_rewriter.tags', ''); // Ensure that the session id is *not* passed on the url - this is a possible security hole for logins - including admin. global $ADODB_CRYPT_KEY; global $ADODB_SESSION_CONNECT, $ADODB_SESSION_USER, $ADODB_SESSION_DB; $ADODB_SESS_CONN = ''; $ADODB_SESSION_TBL = $db_prefix . "sessions"; // We explicitly use encrypted sessions, but this adds compression as well. ADODB_Session::encryptionKey($ADODB_CRYPT_KEY); // The data field name "data" violates SQL reserved words - switch it to SESSDATA ADODB_Session::dataFieldName('SESSDATA'); global $db; connectdb(); $db->prefix = $db_prefix; $db->logging = $db_logging; if ($db_logging) { adodb_perf::table("{$db->prefix}adodb_logsql"); $db->LogSQL(); // Turn on adodb performance logging } if (!isset($index_page)) { $index_page = false; } if (!$index_page) { // Ensure that we do not set cookies on the index page, until the player chooses to allow them. if (!isset($_SESSION)) {
$ADODB_SESSION_CONNECT = $host; $ADODB_SESSION_DB = $database; $ADODB_SESSION_DRIVER = $driver; $ADODB_SESSION_PWD = $password; $ADODB_SESSION_TBL = $table; $ADODB_SESSION_USER = $user; $ADODB_SESSION_USE_LOBS = $clob; $ADODB_SESS_DEBUG = $debug; $ADODB_SESS_LIFE = $lifetime; if ($optimize) { define('ADODB_SESSION_OPTIMIZE', $optimize); } define('ADODB_SESSION_SYNCH_SECS', $sync_seconds); if (class_exists('ADODB_Session')) { ADODB_Session::clob($clob); ADODB_Session::dataFieldName($data_field_name); ADODB_Session::database($database); ADODB_Session::debug($debug); ADODB_Session::driver($driver); ADODB_Session::filter($filters); ADODB_Session::host($host); ADODB_Session::lifetime($lifetime); ADODB_Session::optimize($optimize); ADODB_Session::password($password); ADODB_Session::syncSeconds($sync_seconds); ADODB_Session::table($table); ADODB_Session::user($user); } function NotifyFn($var, $sesskey) { echo "NotifyFn({$var}, {$sesskey}) called<br />\n";
// a package can decide to override the default user class $userClass = $gBitSystem->getConfig('user_class', defined('ROLE_MODEL') ? 'RolePermUser' : 'BitPermUser'); require_once USERS_PKG_PATH . $userClass . '.php'; // set session lifetime if ($gBitSystem->isFeatureActive('site_session_lifetime')) { ini_set('session.gc_maxlifetime', $gBitSystem->isFeatureActive('site_session_lifetime')); } // is session data stored in DB or in filesystem? if ($gBitSystem->isFeatureActive('site_store_session_db') && !empty($gBitDbType)) { if (file_exists(EXTERNAL_LIBS_PATH . 'adodb/session/adodb-session.php')) { include_once EXTERNAL_LIBS_PATH . 'adodb/session/adodb-session.php'; } elseif (file_exists(UTIL_PKG_PATH . 'adodb/session/adodb-session.php')) { include_once UTIL_PKG_PATH . 'adodb/session/adodb-session.php'; } if (class_exists('ADODB_Session')) { ADODB_Session::dataFieldName('session_data'); ADODB_Session::driver($gBitDbType); ADODB_Session::host($gBitDbHost); ADODB_Session::user($gBitDbUser); ADODB_Session::password($gBitDbPassword); ADODB_Session::database($gBitDbName); ADODB_Session::table(BIT_DB_PREFIX . 'sessions'); ini_set('session.save_handler', 'user'); } } session_name(BIT_SESSION_NAME); if ($gBitSystem->isFeatureActive('users_remember_me')) { session_set_cookie_params($gBitSystem->getConfig('site_session_lifetime'), $gBitSystem->getConfig('cookie_path', BIT_ROOT_URL), $gBitSystem->getConfig('cookie_domain', '')); } else { session_set_cookie_params($gBitSystem->getConfig('site_session_lifetime'), BIT_ROOT_URL, ''); }