friendica_2021-01/include/session.php
Roland Haeder 3e701b90ac
Continued rewriting:
- use dba::is_result() everywhere (where I found the old, bad way)
- converted some spaces -> tabs for code
- converted some CRLF -> LF as mixures of both is not good

Signed-off-by: Roland Haeder <roland@mxchange.org>
2016-05-01 14:24:44 +02:00

84 lines
2 KiB
PHP

<?php
// Session management functions. These provide database storage of PHP
// session info.
$session_exists = 0;
$session_expire = 180000;
if(! function_exists('ref_session_open')) {
function ref_session_open ($s,$n) {
return true;
}}
if(! function_exists('ref_session_read')) {
function ref_session_read ($id) {
global $session_exists;
if(x($id))
$r = q("SELECT `data` FROM `session` WHERE `sid`= '%s'", dbesc($id));
if(dba::is_result($r)) {
$session_exists = true;
return $r[0]['data'];
} else {
logger("no data for session $id", LOGGER_TRACE);
}
return '';
}}
if(! function_exists('ref_session_write')) {
function ref_session_write ($id,$data) {
global $session_exists, $session_expire;
if(! $id || ! $data) {
return false;
}
$expire = time() + $session_expire;
$default_expire = time() + 300;
if($session_exists) {
$r = q("UPDATE `session`
SET `data` = '%s'
WHERE `data` != '%s' AND `sid` = '%s'",
dbesc($data), dbesc($data), dbesc($id));
$r = q("UPDATE `session`
SET `expire` = '%s'
WHERE `expire` != '%s' AND `sid` = '%s'",
dbesc($expire), dbesc($expire), dbesc($id));
} else
$r = q("INSERT INTO `session`
SET `sid` = '%s', `expire` = '%s', `data` = '%s'",
dbesc($id), dbesc($default_expire), dbesc($data));
return true;
}}
if(! function_exists('ref_session_close')) {
function ref_session_close() {
return true;
}}
if(! function_exists('ref_session_destroy')) {
function ref_session_destroy ($id) {
q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id));
return true;
}}
if(! function_exists('ref_session_gc')) {
function ref_session_gc($expire) {
q("DELETE FROM `session` WHERE `expire` < %d", dbesc(time()));
return true;
}}
$gc_probability = 50;
ini_set('session.gc_probability', $gc_probability);
ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1);
if (!get_config('system', 'disable_database_session'))
session_set_save_handler('ref_session_open', 'ref_session_close',
'ref_session_read', 'ref_session_write',
'ref_session_destroy', 'ref_session_gc');