mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 12:20:44 +02:00
Code Issues Releases Wiki Activity

Issue #4176 - Incremental introduction of database sessions - Experimental (work in progress)

Browse Source
This commit is contained in:
Cameron
2020-06-02 13:43:21 -07:00
parent 988f5e32cd
commit 7439d599f8
6 changed files with 62 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
e107_admin/prefs.php
View File

@@ -1431,7 +1431,7 @@ $text .= "
* *
*/ */
$text .= " $text .= "
<tr> <tr>
<td><label for='disallowmultilogin'>".PRFLAN_129."</label></td> <td><label for='disallowmultilogin'>".PRFLAN_129."</label></td>
@@ -1463,9 +1463,26 @@ $text .= "
<div class='smalltext field-help'>".PRFLAN_273."</div> <div class='smalltext field-help'>".PRFLAN_273."</div>
</td> </td>
</tr> </tr>
";
if(e_DEVELOPER) // Experimental (translate terms after this check is removed)
{
// $systemSaveMethod = ini_get('session.save_handler');
// $saveMethod = (!empty($systemSaveMethod)) ? $systemSaveMethod : 'files';
// $systemSaveMethod => PRFLAN_276,
$text .= "
<tr>
<td><label for='session-save-method'>".PRFLAN_282."</label></td>
<td class='form-inline'>
".$frm->select('session_save_method', [ 'db'=>'Database', 'files'=>'Files'], $pref['session_save_method'])."
<!-- <div class='smalltext field-help'>".PRFLAN_273."</div>-->
<span class='label label-warning'>Experimental</span>
</td>
</tr>
";
}
$text .= "
<tr> <tr>
<td><label for='passwordencoding'>".PRFLAN_188.":</label></td> <td><label for='passwordencoding'>".PRFLAN_188.":</label></td>

2
e107_admin/update_routines.php
View File

@@ -766,7 +766,7 @@ function update_706_to_800($type='')
); );
// List of DB tables not required (includes a few from 0.6xx) // List of DB tables not required (includes a few from 0.6xx)
$obs_tables = array('flood', 'stat_info', 'stat_counter', 'stat_last', 'session', 'preset', 'tinymce'); $obs_tables = array('flood', 'stat_info', 'stat_counter', 'stat_last', 'preset', 'tinymce');
// List of DB tables newly required (defined in core_sql.php) (The existing dblog table gets renamed) // List of DB tables newly required (defined in core_sql.php) (The existing dblog table gets renamed)

14
e107_core/sql/core_sql.php
View File

@@ -468,6 +468,20 @@ CREATE TABLE rate (
) ENGINE=MyISAM; ) ENGINE=MyISAM;
# -------------------------------------------------------- # --------------------------------------------------------
#
# Table structure for table `session`
#
CREATE TABLE session (
session_id varchar(255) NOT NULL default '',
session_expires int(10) unsigned NOT NULL default 0,
session_user int(10) unsigned default NULL,
session_data text NOT NULL,
PRIMARY KEY (session_id)
) ENGINE=MyISAM;
# --------------------------------------------------------
# #
# Table structure for table `submitnews` # Table structure for table `submitnews`
# #

1
e107_core/xml/default_install.xml
View File

@@ -253,6 +253,7 @@
<core name="search_highlight">1</core> <core name="search_highlight">1</core>
<core name="search_restrict">0</core> <core name="search_restrict">0</core>
<core name="session_lifetime">86400</core> <core name="session_lifetime">86400</core>
<core name="session_save_method">files</core>
<core name="shortdate">%d %b %Y : %H:%M</core> <core name="shortdate">%d %b %Y : %H:%M</core>
<core name="signcode">0</core> <core name="signcode">0</core>
<core name="signup_disallow_text"></core> <core name="signup_disallow_text"></core>

57
e107_handlers/session_handler.php
View File

@@ -93,7 +93,7 @@ class e_session
/** /**
* Highest system protection, session id and token values are regenerated on every page request, * Highest system protection, session id and token values are regenerated on every page request,
* label 'Insane' * label 'Insane'
* @var unknown_type * @var int unknown_type
*/ */
const SECURITY_LEVEL_INSANE = 10; const SECURITY_LEVEL_INSANE = 10;
@@ -107,7 +107,7 @@ class e_session
* Session save method * Session save method
* @var string files|db * @var string files|db
*/ */
protected $_sessionSaveMethod = 'files'; protected $_sessionSaveMethod = 'files';//'files';
/** /**
* Session cache limiter, ignored if empty * Session cache limiter, ignored if empty
@@ -212,15 +212,15 @@ class e_session
{ {
$systemSaveMethod = ini_get('session.save_handler'); $systemSaveMethod = ini_get('session.save_handler');
// e107::getDebug()->log("Save Method:".$systemSaveMethod);
$saveMethod = (!empty($systemSaveMethod)) ? $systemSaveMethod : 'files'; $saveMethod = (!empty($systemSaveMethod)) ? $systemSaveMethod : 'files';
$config['SavePath'] = e107::getPref('session_save_path', false); // FIXME - new pref $config['SavePath'] = e107::getPref('session_save_path', false); // FIXME - new pref
$config['SaveMethod'] = e107::getPref('session_save_method', $saveMethod); // FIXME - new pref $config['SaveMethod'] = e107::getPref('session_save_method', $saveMethod);
$options['lifetime'] = (integer)e107::getPref('session_lifetime', 86400); // $options['lifetime'] = (integer)e107::getPref('session_lifetime', 86400);
$options['path'] = e107::getPref('session_cookie_path', ''); // FIXME - new pref $options['path'] = e107::getPref('session_cookie_path', ''); // FIXME - new pref
$options['secure'] = e107::getPref('ssl_enabled', false); // $options['secure'] = e107::getPref('ssl_enabled', false); //
e107::getDebug()->log("Session Save Method: ".$config['SaveMethod']);
if (!empty($options['secure'])) if (!empty($options['secure']))
{ {
@@ -485,12 +485,12 @@ class e_session
{ {
session_save_path($this->_sessionSavePath); session_save_path($this->_sessionSavePath);
} }
switch ($this->_sessionSaveMethod) switch ($this->_sessionSaveMethod)
{ {
case 'db': // TODO session db handling, more methods (e.g. memcache) case 'db':
ini_set('session.save_handler', 'user'); ini_set('session.save_handler', 'user');
$session = new e_db_session; $session = new e_session_db;
$session->setSaveHandler(); $session->setSaveHandler();
break; break;
@@ -1063,18 +1063,11 @@ class e_core_session extends e_session
} }
} }
/* SQL to be added
CREATE TABLE session ( class e_session_db
`session_id` varchar(255) NOT NULL default '',
`session_expires` int(10) unsigned NOT NULL default 0,
`session_data` text NOT NULL,
PRIMARY KEY (`session_id`),
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
*/
class e_db_session
{ {
/** /**
* @var e_db_mysql * @var e_db
*/ */
protected $_db = null; protected $_db = null;
@@ -1109,7 +1102,7 @@ class e_db_session
/** /**
* @param string $table * @param string $table
* @return e_db_session * @return e_session_db
*/ */
public function setTable($table) public function setTable($table)
{ {
@@ -1135,7 +1128,7 @@ class e_db_session
/** /**
* @param integer $seconds * @param integer $seconds
* @return e_db_session * @return e_session_db
*/ */
public function setLifetime($seconds = null) public function setLifetime($seconds = null)
{ {
@@ -1145,7 +1138,7 @@ class e_db_session
/** /**
* Set session save handler * Set session save handler
* @return e_db_session * @return e_session_db
*/ */
public function setSaveHandler() public function setSaveHandler()
{ {
@@ -1189,10 +1182,10 @@ class e_db_session
public function read($session_id) public function read($session_id)
{ {
$data = false; $data = false;
$check = $this->_db->db_Select($this->getTable(), 'session_data', "session_id='".$this->_sanitize($session_id)."' AND session_expires>".time()); $check = $this->_db->select($this->getTable(), 'session_data', "session_id='".$this->_sanitize($session_id)."' AND session_expires>".time());
if($check) if($check)
{ {
$tmp = $this->_db->db_Fetch(); $tmp = $this->_db->fetch();
$data = base64_decode($tmp['session_data']); $data = base64_decode($tmp['session_data']);
} }
elseif(false !== $check) elseif(false !== $check)
@@ -1227,12 +1220,12 @@ class e_db_session
return false; return false;
} }
$check = $this->_db->db_Select($this->getTable(), 'session_id', "`session_id`='{$session_id}'"); $check = $this->_db->select($this->getTable(), 'session_id', "`session_id`='{$session_id}'");
if($check) if($check)
{ {
$data['WHERE'] = "`session_id`='{$session_id}'"; $data['WHERE'] = "`session_id`='{$session_id}'";
if(false !== $this->_db->db_Update($this->getTable(), $data)) if(false !== $this->_db->update($this->getTable(), $data))
{ {
return true; return true;
} }
@@ -1240,7 +1233,7 @@ class e_db_session
else else
{ {
$data['data']['session_id'] = $session_id; $data['data']['session_id'] = $session_id;
if($this->_db->db_Insert($this->getTable(), $data)) if($this->_db->insert($this->getTable(), $data))
{ {
return true; return true;
} }
@@ -1256,7 +1249,7 @@ class e_db_session
public function destroy($session_id) public function destroy($session_id)
{ {
$session_id = $this->_sanitize($session_id); $session_id = $this->_sanitize($session_id);
$this->_db->db_Delete($this->getTable(), "`session_id`='{$session_id}'"); $this->_db->delete($this->getTable(), "`session_id`='{$session_id}'");
return true; return true;
} }
@@ -1267,7 +1260,7 @@ class e_db_session
*/ */
public function gc($session_maxlf) public function gc($session_maxlf)
{ {
$this->_db->db_Delete($this->getTable(), '`session_expires`<'.time()); $this->_db->delete($this->getTable(), '`session_expires`<'.time());
return true; return true;
} }

2
e107_languages/English/admin/lan_prefs.php
View File

@@ -301,3 +301,5 @@ define("PRFLAN_278", "URL to the Privacy Policy");
define("PRFLAN_279", "Make sure the url exists! It's best to use an absolute url. This setting will be used on all places that require a consent from the user (e.g. signup, contact form/menu, etc.)."); define("PRFLAN_279", "Make sure the url exists! It's best to use an absolute url. This setting will be used on all places that require a consent from the user (e.g. signup, contact form/menu, etc.).");
define("PRFLAN_280", "URL to the website terms and conditions"); define("PRFLAN_280", "URL to the website terms and conditions");
define("PRFLAN_281", "The 2 links above are used on various page on this site (e.g. signup and contact form/menu).\nPlease create 2 pages (if not already done) that contain your 'Privacy Policy' and the websites 'Terms and conditions'.\nThere are several websites that can generate those text for you.\nCopy the urls of this websites into the fields above (e.g. /page/privacy-policy or /page/terms-and-conditions).\nJust make sure, the pages and urls exist and are working!"); define("PRFLAN_281", "The 2 links above are used on various page on this site (e.g. signup and contact form/menu).\nPlease create 2 pages (if not already done) that contain your 'Privacy Policy' and the websites 'Terms and conditions'.\nThere are several websites that can generate those text for you.\nCopy the urls of this websites into the fields above (e.g. /page/privacy-policy or /page/terms-and-conditions).\nJust make sure, the pages and urls exist and are working!");
define("PRFLAN_282", "Session Save Method");