fixed php4-sessions to work with xmlrpc, our sessionid is now identical to the php4 sessionid

2024-11-08 00:54:50 +01:00 · 2003-10-21 10:46:33 +00:00 · 2003-10-21 10:46:33 +00:00 · 9384c24217
commit 9384c24217
parent b26fa6246a
3 changed files with 36 additions and 10 deletions
--- a/phpgwapi/inc/class.sessions.inc.php
+++ b/phpgwapi/inc/class.sessions.inc.php
@ -260,9 +260,13 @@
 			$this->sessionid = $sessionid;
 			$this->kp3       = $kp3;

-			$session = $this->read_session($sessionid);
-			//echo "<p>session::verify(id='$sessionid'): \n"; print_r($session); echo "</p>\n";
-
+			$session = $this->read_session();
+			//echo "<pre>session::verify(id='$sessionid'): \n".print_r($session,True)."</pre>\n";
+			/*
+			$fp = fopen('/tmp/session_verify','a+');
+			fwrite($fp,"session::verify(id='$sessionid'): \n".print_r($session,True)."\n\n");
+			fclose($fp);
+			*/
 			if ($session['session_dla'] <= (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout']))
 			{
 				$this->clean_sessions();
@ -523,7 +527,7 @@
 			}
 			$GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id;
 			$GLOBALS['phpgw']->accounts->accounts($this->account_id);
-			$this->sessionid = md5($GLOBALS['phpgw']->common->randomstring(15));
+			$this->sessionid = $this->new_session_id();
 			$this->kp3       = md5($GLOBALS['phpgw']->common->randomstring(15));

 			if ($GLOBALS['phpgw_info']['server']['usecookies'])
@ -688,7 +692,7 @@
 			$this->sessionid = $sessionid;
 			$this->kp3       = $kp3;

-			$session = $this->read_session($this->sessionid);
+			$session = $this->read_session();
 			$this->session_flags = $session['session_flags'];

 			list($this->account_lid,$this->account_domain) = explode('@', $session['session_lid']);
@ -1203,10 +1207,11 @@
 		/**
 		* Load user's session information
 		*
-		* @param string $sessionid user's session id string
+		* The sessionid of the session to read is passed in the class-var $this->sessionid
+		*
 		* @return mixed the session data
 		*/
-		function read_session($sessionid)
+		function read_session()
 		{}

 		/**
@ -1224,6 +1229,14 @@
 		function set_cookie_params($domain)
 		{}

+		/**
+		* Create a new session id
+		*
+		* @return string a new session id
+		*/
+		function new_session_id()
+		{}
+
 		/**
 		* Create a new session
 		*
--- a/phpgwapi/inc/class.sessions_db.inc.php
+++ b/phpgwapi/inc/class.sessions_db.inc.php
@ -30,7 +30,7 @@
 			$this->sessions_();
 		}
 		
-		function read_session($sessionid)
+		function read_session()
 		{
 			$this->db->query("SELECT * FROM phpgw_sessions WHERE session_id='" . $this->sessionid . "'",__LINE__,__FILE__);
 			$this->db->next_record();
@ -52,6 +52,11 @@
 				. "'",__LINE__,__FILE__);
 		}

+		function new_session_id()
+		{
+			return md5($GLOBALS['phpgw']->common->randomstring(15));
+		}
+
 		function register_session($login,$user_ip,$now,$session_flags)
 		{
 			$GLOBALS['phpgw']->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid
--- a/phpgwapi/inc/class.sessions_php4.inc.php
+++ b/phpgwapi/inc/class.sessions_php4.inc.php
@ -34,8 +34,9 @@
 			define('PHPGW_PHPSESSID', ini_get('session.name'));
 		}
 		
-		function read_session($sessionid)
+		function read_session()
 		{
+			session_id($this->sessionid);
 			session_start();
 			return $GLOBALS['phpgw_session'] = $_SESSION['phpgw_session'];
 		}
@ -45,10 +46,17 @@
 			session_set_cookie_params(0,'/',$domain);
 		}

-		function register_session($login,$user_ip,$now,$session_flags)
+		function new_session_id()
 		{
 			session_start();

+			return session_id();
+		}
+
+		function register_session($login,$user_ip,$now,$session_flags)
+		{
+			// session_start() is now called in new_session_id() !!!
+
 			$GLOBALS['phpgw_session']['session_id'] = $this->sessionid;
 			$GLOBALS['phpgw_session']['session_lid'] = $login;
 			$GLOBALS['phpgw_session']['session_ip'] = $user_ip;