From 40203496d8ee42d9643024895a058badca39e870 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Wed, 26 May 2004 20:29:39 +0000 Subject: [PATCH] session updates, please review git-svn-id: file:///svn/phpbb/trunk@4897 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/session.php | 93 +++++++++++++++++++++++++++++++------- 1 file changed, 76 insertions(+), 17 deletions(-) diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 160a3ef6cf..aa7e02fc4f 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -18,6 +18,7 @@ class session var $browser = ''; var $ip = ''; var $page = ''; + var $cur_page = ''; var $load; // Called at each page start ... checks for, updates and/or creates a session @@ -28,18 +29,22 @@ class session $current_time = time(); $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT']; $this->page = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : $_ENV['REQUEST_URI']; + + // Generate Valid URL + $this->cur_page = preg_replace('#^.*?([a-z]+?)\.' . $phpEx . '\?sid=[a-z0-9]*?(&.*)?$#i', '\1.' . $phpEx . '?\2', htmlspecialchars($this->page)); + $this->page = preg_replace('#^.*?([a-z]+?)\.' . $phpEx . '\?sid=[a-z0-9]*?(&.*)?$#i', '\1\2', $this->page); $this->page .= (isset($_POST['f'])) ? 'f=' . intval($_POST['f']) : ''; if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data'])) { - $sessiondata = (!empty($_COOKIE[$config['cookie_name'] . '_data'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : ''; + $sessiondata = (!empty($_COOKIE[$config['cookie_name'] . '_data'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : array(); $this->session_id = request_var($config['cookie_name'] . '_sid', ''); $SID = (defined('NEED_SID')) ? '?sid=' . $this->session_id : '?sid='; } else { - $sessiondata = ''; + $sessiondata = array(); $this->session_id = request_var('sid', ''); $SID = '?sid=' . $this->session_id; } @@ -79,10 +84,11 @@ class session // session_id exists so go ahead and attempt to grab all data in preparation if (!empty($this->session_id) && (!defined('NEED_SID') || $this->session_id == $_GET['sid'])) { - $sql = 'SELECT u.*, s.* - FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u + $sql = 'SELECT u.*, s.*, g.* + FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . ' u, ' . GROUPS_TABLE . " g WHERE s.session_id = '" . $db->sql_escape($this->session_id) . "' - AND u.user_id = s.session_user_id"; + AND u.user_id = s.session_user_id + AND g.group_id = u.group_id"; $result = $db->sql_query($sql); $this->data = $db->sql_fetchrow($result); @@ -171,12 +177,19 @@ class session } // Grab user data ... join on session if it exists for session time - $sql = 'SELECT u.*, s.session_time, s.session_id + $sql = 'SELECT u.*, s.session_time, s.session_id, g.* + FROM (' . USERS_TABLE . ' u, ' . GROUPS_TABLE . ' g + LEFT JOIN ' . SESSIONS_TABLE . " s ON s.session_user_id = u.user_id) + WHERE u.user_id = $user_id + AND u.group_id = g.group_id + ORDER BY s.session_time DESC"; + +/* $sql = 'SELECT u.*, s.session_time, s.session_id FROM (' . USERS_TABLE . ' u LEFT JOIN ' . SESSIONS_TABLE . " s ON s.session_user_id = u.user_id) WHERE u.user_id = $user_id - ORDER BY s.session_time DESC"; - $result = $db->sql_query($sql); + ORDER BY s.session_time DESC";*/ + $result = $db->sql_query_limit($sql, 1); $this->data = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -472,7 +485,7 @@ class user extends session if ($this->data['user_id'] != ANONYMOUS) { - $this->lang_name = (file_exists($phpbb_root_path . 'language/' . $this->data['user_lang'])) ? $this->data['user_lang'] : $config['default_lang']; + $this->lang_name = (file_exists($phpbb_root_path . 'language/' . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : $config['default_lang']; $this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/'; $this->date_format = $this->data['user_dateformat']; @@ -494,7 +507,7 @@ class user extends session { // Set correct format ... guess full xx_YY form $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); - if (file_exists($phpbb_root_path . 'language/' . $accept_lang)) + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $accept_lang; $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang . '/'; @@ -504,7 +517,7 @@ class user extends session { // No match on xx_YY so try xx $accept_lang = substr($accept_lang, 0, 2); - if (file_exists($phpbb_root_path . 'language/' . $accept_lang)) + if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx")) { $this->lang_name = $accept_lang; $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang . '/'; @@ -551,6 +564,36 @@ class user extends session unset($row); unset($row2); + // Set theme info + $theme_info = array(); + $default_theme_info = array( + 'pagination_sep' => ', ', + 'pagination_goto_page' => true, + 'avatar_img_class' => '' + ); + + foreach ($this->theme as $style_priority => $row) + { + if (file_exists($phpbb_root_path . 'styles/' . $row['theme_path'] . '/theme/theme_info.' . $phpEx)) + { + $theme_info = array(); + include($phpbb_root_path . 'styles/' . $row['theme_path'] . '/theme/theme_info.' . $phpEx); + if (sizeof($theme_info)) + { + $this->theme[$style_priority] = array_merge($this->theme[$style_priority], $theme_info); + } + } + + foreach ($default_theme_info as $key => $value) + { + if (!isset($this->theme[$style_priority][$key])) + { + $this->theme[$style_priority][$key] = $value; + } + } + } + unset($theme_info, $default_theme_info); + $template->set_template(); $this->img_lang = (file_exists($phpbb_root_path . 'styles/' . $this->theme['primary']['imageset_path'] . '/imageset/' . $this->lang_name)) ? $this->lang_name : $config['default_lang']; @@ -638,7 +681,7 @@ class user extends session if (!$use_db) { - require($this->lang_path . (($use_help) ? 'help_' : '') . "$lang_file.$phpEx"); + require ($this->lang_path . (($use_help) ? 'help_' : '') . "$lang_file.$phpEx"); } else if ($use_db) { @@ -669,7 +712,7 @@ class user extends session { global $config, $db; - if ($this->lang_id) + if (isset($this->lang_id)) { return $this->lang_id; } @@ -706,10 +749,16 @@ class user extends session function img($img, $alt = '', $width = false, $suffix = '') { - static $imgs; + static $imgs, $phpbb_root_path; if (empty($imgs[$img . $suffix]) || $width) { + if (!$this->theme['primary'][$img]) + { + $imgs[$img . $suffix] = $alt; //'{{IMG:' . $img . '}}'; + return $imgs[$img . $suffix]; + } + if (!$width) { list($imgsrc, $height, $width) = explode('*', $this->theme['primary'][$img]); @@ -729,7 +778,7 @@ class user extends session $height = ($height) ? ' height="' . $height . '"' : ''; $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : $alt; - $imgs[$img . $suffix] = '' . $alt . ''; + $imgs[$img . $suffix] = '' . $alt . ''; } return $imgs[$img . $suffix]; @@ -825,6 +874,10 @@ class auth $i = 0; while ($subseq = substr($seq, $i, 6)) { + if (!isset($this->acl[$f])) + { + $this->acl[$f] = ''; + } $this->acl[$f] .= str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT); $i += 6; } @@ -843,11 +896,17 @@ class auth $cache[$f][$opt] = false; if (isset($this->acl_options['global'][$opt])) { - $cache[$f][$opt] = $this->acl[0]{$this->acl_options['global'][$opt]}; + if (isset($this->acl[0])) + { + $cache[$f][$opt] = $this->acl[0]{$this->acl_options['global'][$opt]}; + } } if (isset($this->acl_options['local'][$opt])) { - $cache[$f][$opt] |= $this->acl[$f]{$this->acl_options['local'][$opt]}; + if (isset($this->acl[$f])) + { + $cache[$f][$opt] |= $this->acl[$f]{$this->acl_options['local'][$opt]}; + } } }