dolibarr  17.0.4
phpsessionindb.lib.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2020 Laurent Destailleur <eldy@users.sourceforge.net>
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 3 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program. If not, see <https://www.gnu.org/licenses/>.
16  * or see https://www.gnu.org/
17  */
18 
25 // The session handler file must be included just after the call of the master.inc.php into main.inc.php
26 // The $conf is already defined from conf.php file.
27 // To use it set in your PHP.ini: session.save_handler = user
28 
36 function dolSessionOpen($save_path, $session_name)
37 {
38  global $dbsession;
39 
40  global $dolibarr_main_db_type, $dolibarr_main_db_host;
41  global $dolibarr_main_db_user, $dolibarr_main_db_pass, $dolibarr_main_db_name, $dolibarr_main_db_port;
42 
43  global $dolibarr_session_db_type, $dolibarr_session_db_host;
44  global $dolibarr_session_db_user, $dolibarr_session_db_pass, $dolibarr_session_db_name, $dolibarr_session_db_port;
45 
46  if (empty($dolibarr_session_db_type)) { $dolibarr_session_db_type = $dolibarr_main_db_type; }
47  if (empty($dolibarr_session_db_host)) { $dolibarr_session_db_host = $dolibarr_main_db_host; }
48  if (empty($dolibarr_session_db_user)) { $dolibarr_session_db_user = $dolibarr_main_db_user; }
49  if (empty($dolibarr_session_db_pass)) { $dolibarr_session_db_pass = $dolibarr_main_db_pass; }
50  if (empty($dolibarr_session_db_name)) { $dolibarr_session_db_name = $dolibarr_main_db_name; }
51  if (empty($dolibarr_session_db_port)) { $dolibarr_session_db_port = $dolibarr_main_db_port; }
52  //var_dump('open '.$database_name.' '.$table_name);
53 
54  $dbsession = getDoliDBInstance($dolibarr_session_db_type, $dolibarr_session_db_host, $dolibarr_session_db_user, $dolibarr_session_db_pass, $dolibarr_session_db_name, $dolibarr_session_db_port);
55 
56  return true;
57 }
58 
65 function dolSessionRead($sess_id)
66 {
67  global $dbsession;
68  global $sessionlastvalueread;
69  global $sessionidfound;
70 
71  $sql = "SELECT session_id, session_variable FROM ".MAIN_DB_PREFIX."session";
72  $sql .= " WHERE session_id = '".$dbsession->escape($sess_id)."'";
73 
74  // Execute the query
75  $resql = $dbsession->query($sql);
76  $num_rows = $dbsession->num_rows($resql);
77  if ($num_rows == 0) {
78  // No session found - return an empty string
79  $sessionlastvalueread = '';
80  $sessionidfound = '';
81  return '';
82  } else {
83  // Found a session - return the serialized string
84  $obj = $dbsession->fetch_object($resql);
85  $sessionlastvalueread = $obj->session_variable;
86  $sessionidfound = $obj->session_id;
87  //var_dump($sessionlastvalueread);
88  //var_dump($sessionidfound);
89  return $obj->session_variable;
90  }
91 }
92 
101 function dolSessionWrite($sess_id, $val)
102 {
103  global $dbsession;
104  global $sessionlastvalueread;
105  global $sessionidfound;
106 
107  //var_dump('write '.$sess_id);
108  //var_dump($val);
109  //var_dump('sessionlastvalueread='.$sessionlastvalueread.' sessionidfound='.$sessionidfound);
110 
111  //$sessionlastvalueread='';
112  if ($sessionlastvalueread != $val) {
113  $time_stamp = dol_now();
114 
115  if (empty($sessionidfound)) {
116  // No session found, insert a new one
117  $insert_query = "INSERT INTO ".MAIN_DB_PREFIX."session";
118  $insert_query .= "(session_id, session_variable, last_accessed, fk_user, remote_ip, user_agent)";
119  $insert_query .= " VALUES ('".$dbsession->escape($sess_id)."', '".$dbsession->escape($val)."', '".$dbsession->idate($time_stamp)."', 0, '".$dbsession->escape(getUserRemoteIP())."', '".$dbsession->escape(substr($_SERVER['HTTP_USER_AGENT'], 0, 255))."')";
120 
121  $result = $dbsession->query($insert_query);
122  if (!$result) {
123  dol_print_error($dbsession);
124  return false;
125  }
126  } else {
127  if ($sessionidfound != $sess_id) {
128  // oops. How can this happen ?
129  dol_print_error($dbsession, 'Oops sess_id received in dolSessionWrite differs from the cache value $sessionidfound. How can this happen ?');
130  return false;
131  }
132  /*$sql = "SELECT session_id, session_variable FROM ".MAIN_DB_PREFIX."session";
133  $sql .= " WHERE session_id = '".$dbsession->escape($sess_id)."'";
134 
135  // Execute the query
136  $resql = $dbsession->query($sql);
137  $num_rows = $dbsession->num_rows($resql);
138  if ($num_rows == 0) {
139  // No session found, insert a new one
140  $insert_query = "INSERT INTO ".MAIN_DB_PREFIX."session";
141  $insert_query .= "(session_id, session_variable, last_accessed, fk_user, remote_ip, user_agent)";
142  $insert_query .= " VALUES ('".$dbsession->escape($sess_id)."', '".$dbsession->escape($val)."', '".$dbsession->idate($time_stamp)."', 0, '".$dbsession->escape(getUserRemoteIP())."', '".$dbsession->escape(substr($_SERVER['HTTP_USER_AGENT'], 0, 255)."')";
143  //var_dump($insert_query);
144  $result = $dbsession->query($insert_query);
145  if (!$result) {
146  dol_print_error($dbsession);
147  return false;
148  }
149  } else {
150  */
151  // Existing session found - Update the session variables
152  $update_query = "UPDATE ".MAIN_DB_PREFIX."session";
153  $update_query .= " SET session_variable = '".$dbsession->escape($val)."',";
154  $update_query .= " last_accessed = '".$dbsession->idate($time_stamp)."',";
155  $update_query .= " remote_ip = '".$dbsession->escape(getUserRemoteIP())."',";
156  $update_query .= " user_agent = '".$dbsession->escape($_SERVER['HTTP_USER_AGENT'])."'";
157  $update_query .= " WHERE session_id = '".$dbsession->escape($sess_id)."'";
158 
159  $result = $dbsession->query($update_query);
160  if (!$result) {
161  dol_print_error($dbsession);
162  return false;
163  }
164  }
165  }
166 
167  return true;
168 }
169 
175 function dolSessionClose()
176 {
177  global $dbsession;
178 
179  //var_dump('close');
180 
181  $dbsession->close();
182 
183  return true;
184 }
185 
192 function dolSessionDestroy($sess_id)
193 {
194  global $dbsession;
195 
196  //var_dump('destroy');
197 
198  $delete_query = "DELETE FROM ".MAIN_DB_PREFIX."session";
199  $delete_query .= " WHERE session_id = '".$dbsession->escape($sess_id)."'";
200  $dbsession->query($delete_query);
201 
202  return true;
203 }
204 
212 function dolSessionGC($max_lifetime)
213 {
214  global $dbsession;
215 
216  $time_stamp = dol_now();
217 
218  $delete_query = "DELETE FROM ".MAIN_DB_PREFIX."session";
219  $delete_query .= " WHERE last_accessed < '".$dbsession->idate($time_stamp - $max_lifetime)."'";
220 
221  $resql = $dbsession->query($delete_query);
222  if ($resql) {
223  return true;
224  } else {
225  return false;
226  }
227 }
228 
229 // Call to register user call back functions.
230 session_set_save_handler("dolSessionOpen", "dolSessionClose", "dolSessionRead", "dolSessionWrite", "dolSessionDestroy", "dolSessionGC");
if(isModEnabled('facture') &&!empty($user->rights->facture->lire)) if((isModEnabled('fournisseur') &&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight("fournisseur", "facture", "lire"))||(isModEnabled('supplier_invoice') && $user->hasRight("supplier_invoice", "lire"))) if(isModEnabled('don') &&!empty($user->rights->don->lire)) if(isModEnabled('tax') &&!empty($user->rights->tax->charges->lire)) if(isModEnabled('facture') &&isModEnabled('commande') && $user->hasRight("commande", "lire") &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) $resql
Social contributions to pay.
Definition: index.php:745
dol_print_error($db='', $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
dol_now($mode='auto')
Return date for now.
getUserRemoteIP()
Return the IP of remote user.
getDoliDBInstance($type, $host, $user, $pass, $name, $port)
Return a DoliDB instance (database handler).
dolSessionOpen($save_path, $session_name)
The session open handler called by PHP whenever a session is initialized.
dolSessionWrite($sess_id, $val)
This function is called when a session is initialized with a session_start( ) call,...
dolSessionDestroy($sess_id)
This is called whenever the session_destroy() function call is made.
dolSessionClose()
This function is executed on shutdown of the session.
dolSessionGC($max_lifetime)
This function is called on a session's start up with the probability specified in session....
dolSessionRead($sess_id)
This function is called whenever a session_start() call is made and reads the session variables.