diff --git a/admin/inc/class.boaccounts.inc.php b/admin/inc/class.boaccounts.inc.php index 9fda826417..8ce8c6a7cf 100755 --- a/admin/inc/class.boaccounts.inc.php +++ b/admin/inc/class.boaccounts.inc.php @@ -444,56 +444,23 @@ // Set group acl $acl =& CreateObject('phpgwapi.acl',$group_info['account_id']); $old_group_list = $acl->get_ids_for_location($group_info['account_id'],1,'phpgw_group'); - @reset($old_group_list); - while($old_group_list && list($key,$user_id) = each($old_group_list)) + if (is_array($old_group_list)) { - $acl->delete_repository('phpgw_group',$group_info['account_id'],$user_id); - if(!$group_info['account_user'][$user_id]) + foreach($old_group_list as $key => $user_id) { - // If the user is logged in, it will force a refresh of the session_info - $GLOBALS['egw']->db->query("update phpgw_sessions set session_action='' " - ."where session_lid='" . $GLOBALS['egw']->accounts->id2name($user_id) - . '@' . $GLOBALS['egw_info']['user']['domain'] . "'",__LINE__,__FILE__); - $GLOBALS['egw']->session->delete_cache($user_id); + $acl->delete_repository('phpgw_group',$group_info['account_id'],$user_id); } } - @reset($group_info['account_user']); - while(list($user_id,$dummy) = each($group_info['account_user'])) + if (is_array($group_info['account_user'])) { - if(!$dummy) + foreach($group_info['account_user'] as $user_id => $dummy) { - continue; - } - $acl->add_repository('phpgw_group',$group_info['account_id'],$user_id,1); - - // If the user is logged in, it will force a refresh of the session_info - $GLOBALS['egw']->db->query("update phpgw_sessions set session_action='' " - ."where session_lid='" . $GLOBALS['egw']->accounts->id2name($user_id) - . '@' . $GLOBALS['egw_info']['user']['domain'] . "'",__LINE__,__FILE__); - - $GLOBALS['egw']->session->delete_cache($user_id); - - // The following sets any default preferences needed for new applications.. - // This is smart enough to know if previous preferences were selected, use them. - $docommit = False; - if($new_apps) - { - $GLOBALS['pref'] =& CreateObject('phpgwapi.preferences',$user_id); - $t = $GLOBALS['pref']->read_repository(); - @reset($new_apps); - while(list($app_key,$app_name) = each($new_apps)) + if(!$dummy) { - if (!$t[($app_name=='admin'?'common':$app_name)]) - { - $GLOBALS['egw']->hooks->single('add_def_pref', $app_name); - $docommit = True; - } + continue; } - } - if ($docommit) - { - $GLOBALS['pref']->save_repository(); + $acl->add_repository('phpgw_group',$group_info['account_id'],$user_id,1); } } diff --git a/phpgwapi/inc/class.db_backup.inc.php b/phpgwapi/inc/class.db_backup.inc.php index 21b7bce9aa..b88069ad32 100644 --- a/phpgwapi/inc/class.db_backup.inc.php +++ b/phpgwapi/inc/class.db_backup.inc.php @@ -29,7 +29,7 @@ var $schema_proc; /** schema_proc class */ var $schemas = array(); /** array tablename => schema */ var $exclude_tables = array( /** exclude from backup */ - 'phpgw_sessions','phpgw_app_sessions', // eGW's session-tables + 'egw_sessions','egw_app_sessions','phpgw_sessions','phpgw_app_sessions', // eGW's session-tables 'phpgw_anglemail', // email's cache 'egw_felamimail_cache','egw_felamimail_folderstatus','phpgw_felamimail_cache','phpgw_felamimail_folderstatus', // felamimail's cache ); diff --git a/phpgwapi/inc/class.sessions_db.inc.php b/phpgwapi/inc/class.sessions_db.inc.php index 82c19f51fd..908b92d6c6 100644 --- a/phpgwapi/inc/class.sessions_db.inc.php +++ b/phpgwapi/inc/class.sessions_db.inc.php @@ -36,6 +36,9 @@ class sessions extends sessions_ { + var $sessions_table = 'egw_sessions'; + var $app_sessions_table = 'egw_app_sessions'; + function sessions($domain_names=null) { $this->sessions_($domain_names); @@ -43,24 +46,25 @@ function read_session() { - $this->db->query("SELECT * FROM phpgw_sessions WHERE session_id='" . $this->sessionid . "'",__LINE__,__FILE__); - $this->db->next_record(); + $this->db->select($this->sessions_table,'*',array('session_id' => $this->sessionid),__LINE__,__FILE__); - return $this->db->Record; + return $this->db->row(true); } - // This will remove stale sessions out of the database + /** + * remove stale sessions out of the database + */ function clean_sessions() { - // If you plan on using the cron apps, please remove the following lines. - // I am going to make this a config option durring 0.9.11, instead of an application (jengo) - - $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_dla <= '" . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']) - . "' AND session_flags !='A'",__LINE__,__FILE__); + $this->db->delete($this->sessions_table,array( + 'session_dla <= ' . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']), + "session_flags != 'A'", + ),__LINE__,__FILE__); // This is set a little higher, we don't want to kill session data for anonymous sessions. - $GLOBALS['egw']->db->query("DELETE FROM phpgw_app_sessions WHERE session_dla <= '" . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']) - . "'",__LINE__,__FILE__); + $GLOBALS['egw']->db->delete($this->app_sessions_table,array( + 'session_dla <= ' . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']), + ),__LINE__,__FILE__); } function new_session_id() @@ -70,15 +74,21 @@ function register_session($login,$user_ip,$now,$session_flags) { - $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='$this->sessionid'",__LINE__,__FILE__); - - $GLOBALS['egw']->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid - . "','".$login."','" . $user_ip . "','" - . $now . "','" . $now . "','" . $_SERVER['PHP_SELF'] . "','" . $session_flags - . "')",__LINE__,__FILE__); + $GLOBALS['egw']->db->insert($this->sessions_table,array( + 'session_lid' => $login, + 'session_ip' => $user_ip, + 'session_logintime' => $now, + 'session_dla' => $now, + 'session_action' => $_SERVER['PHP_SELF'], + 'session_flags' => $session_flags, + ),array( + 'session_id' => $this->sessionid, + ),__LINE__,__FILE__); } - // This will update the DateLastActive column, so the login does not expire + /** + * update the DateLastActive column, so the login does not expire + */ function update_dla() { if (@isset($_GET['menuaction'])) @@ -97,26 +107,33 @@ $action = $this->xmlrpc_method_called; } - $GLOBALS['egw']->db->query("UPDATE phpgw_sessions SET session_dla='" . time() . "', session_action='$action' " - . "WHERE session_id='" . $this->sessionid."'",__LINE__,__FILE__); + $GLOBALS['egw']->db->update($this->sessions_table,array( + 'session_dla' => time(), + 'session_action' => $action, + ),array( + 'session_id' => $this->sessionid, + ),__LINE__,__FILE__); + + $GLOBALS['egw']->db->update($this->app_sessions_table,array( + 'session_dla' => time(), + ),array( + 'sessionid' => $this->sessionid, + ),__LINE__,__FILE__); - $GLOBALS['egw']->db->query("UPDATE phpgw_app_sessions SET session_dla='" . time() . "' " - . "WHERE sessionid='" . $this->sessionid."'",__LINE__,__FILE__); return True; } function destroy($sessionid, $kp3) { - if (! $sessionid && $kp3) + if (!$sessionid && $kp3) { return False; } - $GLOBALS['egw']->db->transaction_begin(); - $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='" - . $sessionid . "'",__LINE__,__FILE__); - $GLOBALS['egw']->db->query("DELETE FROM phpgw_app_sessions WHERE sessionid='" - . $sessionid . "'",__LINE__,__FILE__); + + $GLOBALS['egw']->db->delete($this->sessions_table,array('session_id' => $sessionid),__LINE__,__FILE__); + $GLOBALS['egw']->db->delete($this->app_sessions_table,array('sessionid' => $sessionid),__LINE__,__FILE__); + $this->log_access($this->sessionid); // log logout-time // Only do the following, if where working with the current user @@ -133,14 +150,13 @@ * Functions for appsession data and session cache * \*************************************************************************/ + /** + * delete the old phpgw_info cache + * + * @deprecated not longer used + */ function delete_cache($accountid='') { - $account_id = get_account_id($accountid,$this->account_id); - - $query = "DELETE FROM phpgw_app_sessions WHERE loginid = '".$account_id."'" - ." AND app = 'phpgwapi' AND location = 'phpgw_info_cache'"; - - $GLOBALS['egw']->db->query($query); } function appsession($location = 'default', $appname = '', $data = '##NOTHING##') @@ -149,7 +165,7 @@ { return False; // this can happen during login or logout } - if (! $appname) + if (!$appname) { $appname = $GLOBALS['egw_info']['flags']['currentapp']; } @@ -157,87 +173,64 @@ /* This allows the user to put '' as the value. */ if ($data == '##NOTHING##') { - $query = "SELECT content FROM phpgw_app_sessions WHERE" - ." sessionid='".$this->sessionid."' AND loginid='".$this->account_id."'" - ." AND app = '".$appname."' AND location='".$location."'"; - - $GLOBALS['egw']->db->query($query,__LINE__,__FILE__); + $GLOBALS['egw']->db->select($this->app_sessions_table,'content',array( + 'sessionid' => $this->sessionid, + 'loginid' => $this->account_id, + 'app' => $appname, + 'location' => $location, + ),__LINE__,__FILE__); $GLOBALS['egw']->db->next_record(); - // I added these into seperate steps for easier debugging - $data = $GLOBALS['egw']->db->f('content'); - // Changed by Skeeter 2001 Mar 04 0400Z - // This was not properly decoding structures saved into session data properly -// $data = $GLOBALS['egw']->common->decrypt($data); -// return stripslashes($data); - // Changed by milosch 2001 Dec 20 - // do not stripslashes here unless this proves to be a problem. - // Changed by milosch 2001 Dec 25 - /* do not decrypt and return if no data (decrypt returning garbage) */ - if($data) + // do not decrypt and return if no data (decrypt returning garbage) + if(($data = $GLOBALS['egw']->db->f('content'))) { - $data = $GLOBALS['egw']->crypto->decrypt($data); -// echo 'appsession returning: '; _debug_array($data); - return $data; + return $GLOBALS['egw']->crypto->decrypt($data); } + return null; } - else - { - $GLOBALS['egw']->db->query("SELECT content FROM phpgw_app_sessions WHERE " - . "sessionid = '".$this->sessionid."' AND loginid = '".$this->account_id."'" - . " AND app = '".$appname."' AND location = '".$location."'",__LINE__,__FILE__); + $GLOBALS['egw']->db->insert($this->app_sessions_table,array( + 'content' => $GLOBALS['egw']->crypto->encrypt($data), + ),array( + 'sessionid' => $this->sessionid, + 'loginid' => $this->account_id, + 'app' => $appname, + 'location' => $location, + ),__LINE__,__FILE__); - $encrypteddata = $GLOBALS['egw']->crypto->encrypt($data); - $encrypteddata = $GLOBALS['egw']->db->db_addslashes($encrypteddata); - - if ($GLOBALS['egw']->db->num_rows()==0) - { - $GLOBALS['egw']->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) " - . "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname - . "','".$location."','".$encrypteddata."','" . time() . "')",__LINE__,__FILE__); - } - else - { - $GLOBALS['egw']->db->query("UPDATE phpgw_app_sessions SET content='".$encrypteddata."'" - . "WHERE sessionid = '".$this->sessionid."'" - . "AND loginid = '".$this->account_id."' AND app = '".$appname."'" - . "AND location = '".$location."'",__LINE__,__FILE__); - } - return $data; - } + return $data; } + /** + * list all sessions + */ function list_sessions($start, $order, $sort, $all_no_sort = False) { $values = array(); - $ordermethod = 'order by session_dla asc'; - $this->db->limit_query("select * from phpgw_sessions where session_flags != 'A' order by $sort $order",$start,__LINE__,__FILE__); - - while ($this->db->next_record()) + $order_by = 'ORDER BY '.$sort.' '.$order; + if (!preg_match('/^[a-z_0-9, ]+$/i',$sort) || !preg_match('/^(asc|desc)?$/i',$sort)) { - $values[] = array( - 'session_id' => $this->db->f('session_id'), - 'session_lid' => $this->db->f('session_lid'), - 'session_ip' => $this->db->f('session_ip'), - 'session_logintime' => $this->db->f('session_logintime'), - 'session_action' => $this->db->f('session_action'), - 'session_dla' => $this->db->f('session_dla') - ); + $order_by = 'ORDER BY session_dla asc'; + } + $this->db->select($this->sessions_table,'*',"session_flags != 'A'",__LINE__,__FILE__,(int)$start,$order_by); + + while (($row = $this->db->row(true))) + { + $values[] = $row; } return $values; } - /*! - @function total - @abstract get number of normal / non-anonymous sessions - */ + /** + * get number of regular / non-anonymous sessions + * + * @return int + */ function total() { - $this->db->query("select count(*) from phpgw_sessions where session_flags != 'A'",__LINE__,__FILE__); - $this->db->next_record(); + $this->db->select($this->sessions_table,'COUNT(*)',"session_flags != 'A'",__LINE__,__FILE__); - return $this->db->f(0); + return $this->db->next_record() ? $this->db->f(0) : 0; } } ?> diff --git a/phpgwapi/setup/setup.inc.php b/phpgwapi/setup/setup.inc.php index 19bae8b7a2..b113331daf 100755 --- a/phpgwapi/setup/setup.inc.php +++ b/phpgwapi/setup/setup.inc.php @@ -14,7 +14,7 @@ /* Basic information about this app */ $setup_info['phpgwapi']['name'] = 'phpgwapi'; $setup_info['phpgwapi']['title'] = 'eGroupWare API'; - $setup_info['phpgwapi']['version'] = '1.0.1.023'; + $setup_info['phpgwapi']['version'] = '1.0.1.024'; $setup_info['phpgwapi']['versions']['current_header'] = '1.28'; $setup_info['phpgwapi']['enable'] = 3; $setup_info['phpgwapi']['app_order'] = 1; @@ -25,8 +25,8 @@ $setup_info['phpgwapi']['tables'][] = 'egw_acl'; $setup_info['phpgwapi']['tables'][] = 'egw_accounts'; $setup_info['phpgwapi']['tables'][] = 'egw_preferences'; - $setup_info['phpgwapi']['tables'][] = 'phpgw_sessions'; - $setup_info['phpgwapi']['tables'][] = 'phpgw_app_sessions'; + $setup_info['phpgwapi']['tables'][] = 'egw_sessions'; + $setup_info['phpgwapi']['tables'][] = 'egw_app_sessions'; $setup_info['phpgwapi']['tables'][] = 'phpgw_access_log'; $setup_info['phpgwapi']['tables'][] = 'egw_hooks'; $setup_info['phpgwapi']['tables'][] = 'egw_languages'; diff --git a/phpgwapi/setup/tables_current.inc.php b/phpgwapi/setup/tables_current.inc.php index 3b160bbc7c..4b12d5d840 100644 --- a/phpgwapi/setup/tables_current.inc.php +++ b/phpgwapi/setup/tables_current.inc.php @@ -83,29 +83,29 @@ 'ix' => array(), 'uc' => array() ), - 'phpgw_sessions' => array( + 'egw_sessions' => array( 'fd' => array( 'session_id' => array('type' => 'varchar','precision' => '128','nullable' => False), 'session_lid' => array('type' => 'varchar','precision' => '128'), 'session_ip' => array('type' => 'varchar','precision' => '40'), - 'session_logintime' => array('type' => 'int','precision' => '4'), - 'session_dla' => array('type' => 'int','precision' => '4'), + 'session_logintime' => array('type' => 'int','precision' => '8'), + 'session_dla' => array('type' => 'int','precision' => '8'), 'session_action' => array('type' => 'varchar','precision' => '255'), 'session_flags' => array('type' => 'char','precision' => '2') ), - 'pk' => array(), + 'pk' => array('session_id'), 'fk' => array(), 'ix' => array(array('session_flags','session_dla')), - 'uc' => array('session_id') + 'uc' => array() ), - 'phpgw_app_sessions' => array( + 'egw_app_sessions' => array( 'fd' => array( 'sessionid' => array('type' => 'varchar','precision' => '128','nullable' => False), 'loginid' => array('type' => 'int','precision' => '4','nullable' => False), 'app' => array('type' => 'varchar','precision' => '25','nullable' => False), 'location' => array('type' => 'varchar','precision' => '128','nullable' => False), 'content' => array('type' => 'longtext'), - 'session_dla' => array('type' => 'int','precision' => '4') + 'session_dla' => array('type' => 'int','precision' => '8') ), 'pk' => array('sessionid','loginid','app','location'), 'fk' => array(), diff --git a/phpgwapi/setup/tables_update.inc.php b/phpgwapi/setup/tables_update.inc.php index 7a1789e3c2..d4eeda4c10 100644 --- a/phpgwapi/setup/tables_update.inc.php +++ b/phpgwapi/setup/tables_update.inc.php @@ -838,4 +838,27 @@ return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.0.1.023'; } + + + $test[] = '1.0.1.023'; + function phpgwapi_upgrade1_0_1_023() + { + $GLOBALS['egw_setup']->oProc->RenameTable('phpgw_sessions','egw_sessions'); + $GLOBALS['egw_setup']->oProc->AlterColumn('egw_sessions','session_dla',array( + 'type' => 'int', + 'precision' => '8', // timestamps need to be 64bit since the 32bit overflow in 2003 + )); + $GLOBALS['egw_setup']->oProc->AlterColumn('egw_sessions','session_logintime',array( + 'type' => 'int', + 'precision' => '8', // timestamps need to be 64bit since the 32bit overflow in 2003 + )); + + $GLOBALS['egw_setup']->oProc->RenameTable('phpgw_app_sessions','egw_app_sessions'); + $GLOBALS['egw_setup']->oProc->AlterColumn('egw_app_sessions','session_dla',array( + 'type' => 'int', + 'precision' => '8', // timestamps need to be 64bit since the 32bit overflow in 2003 + )); + + return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.0.1.024'; + } ?> diff --git a/setup/inc/class.setup.inc.php b/setup/inc/class.setup.inc.php index d8cd25bf0d..182b8edeac 100644 --- a/setup/inc/class.setup.inc.php +++ b/setup/inc/class.setup.inc.php @@ -410,25 +410,10 @@ /** * Clear system/user level cache so as to have it rebuilt with the next access * - * AFAIK this code is not used anymore -- RalfBecker 2005/11/04 + * @deprecated AFAIK this code is not used anymore -- RalfBecker 2005/11/04 */ function clear_session_cache() { - return; // AFAIK this code is not used anymore -- RalfBecker 2005/11/04 - - $tables = Array(); - $tablenames = $this->db->table_names(); - foreach($tablenames as $key => $val) - { - $tables[] = $val['table_name']; - } - if(in_array('phpgw_app_sessions',$tables)) - { - $this->db->lock(array('phpgw_app_sessions')); - @$this->db->query("DELETE FROM phpgw_app_sessions WHERE sessionid = '0' and loginid = '0' and app = 'phpgwapi' and location = 'config'",__LINE__,__FILE__); - @$this->db->query("DELETE FROM phpgw_app_sessions WHERE app = 'phpgwapi' and location = 'phpgw_info_cache'",__LINE__,__FILE__); - $this->db->unlock(); - } } /**