|
|
|
|
@@ -24,7 +24,7 @@
|
|
|
|
|
// Adds/updates a new session to the database for the given userid.
|
|
|
|
|
// Returns the new session ID on success.
|
|
|
|
|
//
|
|
|
|
|
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)
|
|
|
|
|
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
|
|
|
|
|
{
|
|
|
|
|
global $db, $board_config;
|
|
|
|
|
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
|
|
|
|
|
@@ -155,16 +155,18 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
|
|
|
|
|
// Create or update the session
|
|
|
|
|
//
|
|
|
|
|
$sql = "UPDATE " . SESSIONS_TABLE . "
|
|
|
|
|
SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
|
|
|
|
|
SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
|
|
|
|
|
WHERE session_id = '" . $session_id . "'
|
|
|
|
|
AND session_ip = '$user_ip'";
|
|
|
|
|
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
|
|
|
|
|
{
|
|
|
|
|
$session_id = md5(uniqid($user_ip));
|
|
|
|
|
list($sec, $usec) = explode(' ', microtime());
|
|
|
|
|
mt_srand((float) $sec + ((float) $usec * 100000));
|
|
|
|
|
$session_id = md5(uniqid(mt_rand(), true));
|
|
|
|
|
|
|
|
|
|
$sql = "INSERT INTO " . SESSIONS_TABLE . "
|
|
|
|
|
(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
|
|
|
|
|
VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
|
|
|
|
|
(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
|
|
|
|
|
VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
|
|
|
|
|
if ( !$db->sql_query($sql) )
|
|
|
|
|
{
|
|
|
|
|
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
|
|
|
|
|
@@ -175,17 +177,20 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
|
|
|
|
|
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
|
|
|
|
|
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
|
|
|
|
|
|
|
|
|
|
$sql = "UPDATE " . USERS_TABLE . "
|
|
|
|
|
SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
|
|
|
|
|
WHERE user_id = $user_id";
|
|
|
|
|
if ( !$db->sql_query($sql) )
|
|
|
|
|
if (!$admin)
|
|
|
|
|
{
|
|
|
|
|
message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
|
|
|
|
|
$sql = "UPDATE " . USERS_TABLE . "
|
|
|
|
|
SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
|
|
|
|
|
WHERE user_id = $user_id";
|
|
|
|
|
if ( !$db->sql_query($sql) )
|
|
|
|
|
{
|
|
|
|
|
message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$userdata['user_lastvisit'] = $last_visit;
|
|
|
|
|
|
|
|
|
|
$sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';
|
|
|
|
|
$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
|
|
|
|
|
$sessiondata['userid'] = $user_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@@ -196,6 +201,7 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
|
|
|
|
|
$userdata['session_page'] = $page_id;
|
|
|
|
|
$userdata['session_start'] = $current_time;
|
|
|
|
|
$userdata['session_time'] = $current_time;
|
|
|
|
|
$userdata['session_admin'] = $admin;
|
|
|
|
|
|
|
|
|
|
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
|
|
|
|
|
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
|
|
|
|
|
@@ -285,8 +291,11 @@ function session_pagestart($user_ip, $thispage_id)
|
|
|
|
|
//
|
|
|
|
|
if ( $current_time - $userdata['session_time'] > 60 )
|
|
|
|
|
{
|
|
|
|
|
// A little trick to reset session_admin on session re-usage
|
|
|
|
|
$update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';
|
|
|
|
|
|
|
|
|
|
$sql = "UPDATE " . SESSIONS_TABLE . "
|
|
|
|
|
SET session_time = $current_time, session_page = $thispage_id
|
|
|
|
|
SET session_time = $current_time, session_page = $thispage_id$update_admin
|
|
|
|
|
WHERE session_id = '" . $userdata['session_id'] . "'";
|
|
|
|
|
if ( !$db->sql_query($sql) )
|
|
|
|
|
{
|
|
|
|
|
@@ -296,7 +305,7 @@ function session_pagestart($user_ip, $thispage_id)
|
|
|
|
|
if ( $userdata['user_id'] != ANONYMOUS )
|
|
|
|
|
{
|
|
|
|
|
$sql = "UPDATE " . USERS_TABLE . "
|
|
|
|
|
SET user_session_time = $current_time, user_session_page = $thispage_id
|
|
|
|
|
SET user_session_time = $current_time, user_session_page = $thispage_id
|
|
|
|
|
WHERE user_id = " . $userdata['user_id'];
|
|
|
|
|
if ( !$db->sql_query($sql) )
|
|
|
|
|
{
|
|
|
|
|
@@ -308,6 +317,7 @@ function session_pagestart($user_ip, $thispage_id)
|
|
|
|
|
// Delete expired sessions
|
|
|
|
|
//
|
|
|
|
|
$expiry_time = $current_time - $board_config['session_length'];
|
|
|
|
|
|
|
|
|
|
$sql = "DELETE FROM " . SESSIONS_TABLE . "
|
|
|
|
|
WHERE session_time < $expiry_time
|
|
|
|
|
AND session_id <> '$session_id'";
|
|
|
|
|
|
Meik Sievertsen