From 9384c24217189dd6c2b648493d475dea6f80cce9 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Tue, 21 Oct 2003 10:46:33 +0000 Subject: [PATCH] fixed php4-sessions to work with xmlrpc, our sessionid is now identical to the php4 sessionid --- phpgwapi/inc/class.sessions.inc.php | 27 ++++++++++++++++++------ phpgwapi/inc/class.sessions_db.inc.php | 7 +++++- phpgwapi/inc/class.sessions_php4.inc.php | 12 +++++++++-- 3 files changed, 36 insertions(+), 10 deletions(-) diff --git a/phpgwapi/inc/class.sessions.inc.php b/phpgwapi/inc/class.sessions.inc.php index 93afa61ca8..0e35ab4aae 100644 --- a/phpgwapi/inc/class.sessions.inc.php +++ b/phpgwapi/inc/class.sessions.inc.php @@ -260,9 +260,13 @@ $this->sessionid = $sessionid; $this->kp3 = $kp3; - $session = $this->read_session($sessionid); - //echo "

session::verify(id='$sessionid'): \n"; print_r($session); echo "

\n"; - + $session = $this->read_session(); + //echo "
session::verify(id='$sessionid'): \n".print_r($session,True)."
\n"; + /* + $fp = fopen('/tmp/session_verify','a+'); + fwrite($fp,"session::verify(id='$sessionid'): \n".print_r($session,True)."\n\n"); + fclose($fp); + */ if ($session['session_dla'] <= (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout'])) { $this->clean_sessions(); @@ -523,7 +527,7 @@ } $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; $GLOBALS['phpgw']->accounts->accounts($this->account_id); - $this->sessionid = md5($GLOBALS['phpgw']->common->randomstring(15)); + $this->sessionid = $this->new_session_id(); $this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15)); if ($GLOBALS['phpgw_info']['server']['usecookies']) @@ -688,7 +692,7 @@ $this->sessionid = $sessionid; $this->kp3 = $kp3; - $session = $this->read_session($this->sessionid); + $session = $this->read_session(); $this->session_flags = $session['session_flags']; list($this->account_lid,$this->account_domain) = explode('@', $session['session_lid']); @@ -1203,10 +1207,11 @@ /** * Load user's session information * - * @param string $sessionid user's session id string + * The sessionid of the session to read is passed in the class-var $this->sessionid + * * @return mixed the session data */ - function read_session($sessionid) + function read_session() {} /** @@ -1224,6 +1229,14 @@ function set_cookie_params($domain) {} + /** + * Create a new session id + * + * @return string a new session id + */ + function new_session_id() + {} + /** * Create a new session * diff --git a/phpgwapi/inc/class.sessions_db.inc.php b/phpgwapi/inc/class.sessions_db.inc.php index d519f16c73..11f05fad00 100644 --- a/phpgwapi/inc/class.sessions_db.inc.php +++ b/phpgwapi/inc/class.sessions_db.inc.php @@ -30,7 +30,7 @@ $this->sessions_(); } - function read_session($sessionid) + function read_session() { $this->db->query("SELECT * FROM phpgw_sessions WHERE session_id='" . $this->sessionid . "'",__LINE__,__FILE__); $this->db->next_record(); @@ -52,6 +52,11 @@ . "'",__LINE__,__FILE__); } + function new_session_id() + { + return md5($GLOBALS['phpgw']->common->randomstring(15)); + } + function register_session($login,$user_ip,$now,$session_flags) { $GLOBALS['phpgw']->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid diff --git a/phpgwapi/inc/class.sessions_php4.inc.php b/phpgwapi/inc/class.sessions_php4.inc.php index 81ca82ca96..a90a3b65c5 100644 --- a/phpgwapi/inc/class.sessions_php4.inc.php +++ b/phpgwapi/inc/class.sessions_php4.inc.php @@ -34,8 +34,9 @@ define('PHPGW_PHPSESSID', ini_get('session.name')); } - function read_session($sessionid) + function read_session() { + session_id($this->sessionid); session_start(); return $GLOBALS['phpgw_session'] = $_SESSION['phpgw_session']; } @@ -45,10 +46,17 @@ session_set_cookie_params(0,'/',$domain); } - function register_session($login,$user_ip,$now,$session_flags) + function new_session_id() { session_start(); + return session_id(); + } + + function register_session($login,$user_ip,$now,$session_flags) + { + // session_start() is now called in new_session_id() !!! + $GLOBALS['phpgw_session']['session_id'] = $this->sessionid; $GLOBALS['phpgw_session']['session_lid'] = $login; $GLOBALS['phpgw_session']['session_ip'] = $user_ip;