session_address = ?,
session_config_id = ?
EOQ
, $session_guid, $useragent_id, $_SERVER['REMOTE_ADDR'], $session_config_id) != 1)
fatal('unable to insert new session in DB');
$session_id = mysqli_insert_id($GLOBALS['db']);
db_exec('INSERT INTO session_log SET session_id = ?', $session_id);
$GLOBALS['session_state']['session_log_id'] = mysqli_insert_id($GLOBALS['db']);
// set new session_id
$old_session_id = $GLOBALS['session_state']['session_id'];
$GLOBALS['session_state']['session_id'] = $session_id;
// get redirect location
$redirect_to = db_single_field(<<<EOQ
SELECT request_uri FROM session_log WHERE session_id = ? AND session_prev_log_id = ?
EOQ
, $old_session_id, $_GET['session_log_id']);
//echo("redirect_to=$redirect_to\n");
// replace session_guid by new value
$really_redirect_to = preg_replace('/\?session_guid='.$_GET['session_guid'].'/', '?session_guid='.$session_guid, $redirect_to);
//echo("really redirect_to=$really_redirect_to\n");
header('Location: '.$really_redirect_to);
?>
function db_get_useragent_id($useragent_string) {
$hash = hash('sha256', $useragent_string);
db_direct('LOCK TABLES useragents WRITE');
$id = db_single_field('SELECT useragent_id FROM useragents WHERE useragent_hash = ?', $hash);
if (!$id) {
if (db_exec('INSERT INTO useragents ( useragent_string, useragent_hash ) VALUES ( ?, ? )', $useragent_string, $hash) != 1)
fatal('expected INSERT to affect precisely 1 row, but it did not');
$id = mysqli_insert_id($GLOBALS['db']);
}
db_direct('UNLOCK TABLES');
return $id;
}