/[libdata]/branches/paul/admin/include/sessionClass.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /branches/paul/admin/include/sessionClass.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 67 - (show annotations)
Thu Mar 18 19:24:54 2004 UTC (20 years ago) by dpavlin
File size: 10435 byte(s)
updated to libdata 2.00

1 <?php
2 class sessionClass {
3
4 /**********************************************************
5 sessionClass Properties
6 Author: Paul Bramscher
7 Last Modified: 10.29.2002
8 ***********************************************************
9 Comments:
10 For documentation, see separate Word-format .DOC file.
11 **********************************************************/
12 var $con_session;
13 var $result_session;
14 var $user_ip;
15 var $staff_account;
16 var $session_id;
17 var $valid;
18 var $time_human;
19 var $time_unix;
20 var $time_expire;
21
22 // Default session duration parameters
23 var $default_duration = 120;
24 var $max_duration = 43200;
25
26 // Database variables
27 var $db_session = "libsession";
28 var $db_session_srv = "yourlibrary.edu";
29 var $db_session_usr = "libsession";
30 var $db_session_pwd = "ch4ngeME";
31
32
33 /**********************************************************
34 Constructor Method: sessionClass
35 Author: Paul Bramscher
36 Last Modified: 10.29.2002
37 ***********************************************************
38 Comments:
39 Generates a unique session ID, fetches the system time and
40 writes it into a table.
41 **********************************************************/
42 function sessionClass($duration, $session_id, $staff_account) {
43
44 // Set the database connection variables
45 $this->con_session = @mysql_connect ( $this->db_session_srv, $this->db_session_usr, $this->db_session_pwd )
46 or die ( "ERROR: Could not connect to database server!" );
47 $this->result_session = mysql_select_db ( $this->db_session, $this->con_session )
48 or die ( "ERROR: Could not connect to database!" );
49
50 // Fetch user ip
51 $user_ip = $GLOBALS["REMOTE_ADDR"];
52
53 // Determine whether to generate a new session
54 If ($session_id == "" && strlen($staff_account) > 0) {
55
56 // Generate a session ID and store it
57 $this->session_id = $this->generateSessionID();
58 $session_id = $this->session_id;
59
60 // Fetch a unix microsecond timestamp
61 $time_unix = $this->getmicrotime();
62
63 // Attempt to use a non-default session duration
64 if ( (float) $duration > 0) {
65 if ( (float) $duration > $this->max_duration) $duration = $this->max_duration;
66 $time_expire = (float) $duration + (float) $time_unix;
67 }
68 // Otherwise use the default duration
69 else $time_expire = (float) $this->default_duration + (float) $time_unix;
70
71 // Calculate human-readable and mySQL-friendly date-time format
72 $time_convert = getdate($time_unix);
73 $mon = $time_convert[mon];
74 $mday = $time_convert[mday];
75 $year = $time_convert[year];
76 $hours = $time_convert[hours];
77 $minutes = $time_convert[minutes];
78 $seconds = $time_convert[seconds];
79
80 // Back-fill in case we have single-digits.
81 if (strlen($mday) < 2) $mday = "0" . $mday;
82 if (strlen($mon) < 2) $mon = "0" . $mon;
83 if (strlen($hours) < 2) $hours = "0" . $hours;
84 if (strlen($minutes) < 2) $minutes = "0" . $minutes;
85 if (strlen($seconds) < 2) $seconds = "0" . $seconds;
86
87 // Generate a mySQL-friendly stamp
88 $time_human = $year . "-" . $mon . "-" . $mday . " " . $hours . ":" . $minutes . ":" . $seconds;
89
90 // Build the SQL line to insert it into the database
91 $sql = "INSERT INTO session (staff_account, user_ip, session_id, time_human, time_unix, time_expire) VALUES ('"
92 . $staff_account
93 . "', '"
94 . $user_ip
95 . "', '"
96 . $session_id
97 . "', '"
98 . $time_human
99 . "', '"
100 . $time_unix
101 . "', '"
102 . $time_expire
103 . "')";
104
105 // mysql_query ("LOCK TABLE session WRITE", $this->con_session);
106 if (!mysql_query($sql, $this->con_session)){
107 mysql_query ("UNLOCK TABLES", $this->con_session);
108 $this->bailout();
109 }
110 else {
111 mysql_query("UNLOCK TABLES", $this->con_session);
112 }
113
114
115 // Set the client libsession cookie. Expiration equals expiration in the database
116 setcookie ("libsession", $session_id, $time_expire); /* expire in 1 hour */
117
118
119 } // finished generating a new session
120
121
122 // Whether or not this is a new session, set the object properties
123 $this->setProperties($session_id, $user_ip);
124 }
125
126
127 /**********************************************************
128 Method: bailout
129 Author: Paul Bramscher
130 Last Modified: 10.04.2001
131 ***********************************************************
132 Comments:
133 Attempt to gracefully finish out HTML in the event of a
134 severe mySQL database problem.
135 **********************************************************/
136 function bailout() {
137 die ( "Bailing Out!<br>\n</body></html>\n" );
138 }
139
140
141 /**********************************************************
142 Method: getmicrotime
143 Author: http://www.php.net microtime example
144 Last Modified: 10.04.2001
145 ***********************************************************
146 Comments:
147 Displays a Unix timestamp of the number of seconds
148 elapsed from 0:00:00 January 1, 1970 GMT
149 **********************************************************/
150 function getmicrotime(){
151 list($usec, $sec) = explode(" ",microtime());
152 return ((float)$usec + (float)$sec);
153 }
154
155
156 /**********************************************************
157 Method: secondsRemaining
158 Author: Paul Bramscher
159 Last Modified: 10.09.2001
160 ***********************************************************
161 Comments:
162 Returns the number of seconds remaining for this
163 session before expiration.
164 **********************************************************/
165 function secondsRemaining(){
166 return (float) $this->time_expire - (float) $this->getmicrotime();
167 }
168
169 /**********************************************************
170 Method: generateSessionID
171 Author: Paul Bramscher
172 Last Modified: 10.04.2001
173 ***********************************************************
174 Comments:
175 Seeds a random number generator with the system time
176 and generates a md5 hash value. The value is confirmed
177 against the session table in the rare instance it
178 already exists. If so, another attempt is made.
179 **********************************************************/
180 function generateSessionID() {
181 $con_session = $this->con_session;
182
183 // Seed with current time & generate the md5 hash
184 mt_srand((double)microtime()*1000000);
185 $hash = md5(mt_rand(0,9999));
186
187 // Variable declarations
188 $duplicate = 1;
189
190 // The SQL
191 $sql = "SELECT * FROM session where session_id = '" . $hash . "'";
192 $rs = mysql_query($sql, $con_session);
193 $duplicate = mysql_num_rows($rs);
194 if ($duplicate > 0) {
195 $duplicate = 1;
196 $hash = "0";
197 }
198
199 return $hash;
200 }
201
202
203 /**********************************************************
204 Method: setProperties
205 Author: Paul Bramscher
206 Last Modified: 10.9.2001
207 ***********************************************************
208 Comments:
209 This member function sets the $valid, $time_human,
210 $time_unix, and $500_id properties of an instantiation of the
211 sessionClass object. It is called whenever the class is
212 instantiated, either immediately after creating a new
213 session, or testing an existing session ID.
214 **********************************************************/
215 function setProperties($session_id, $user_ip) {
216
217 // Collect some important values
218 $con_session = $this->con_session;
219
220 // Pure all expired sessions
221 $this->expireSessions();
222
223 // Assume this is an invalid session
224 $valid = 0;
225
226 // Generate the SQL
227 $sql = "SELECT * from session where session_id = '"
228 . $session_id
229 . "' AND user_ip = '"
230 . $user_ip
231 ."'";
232 $rs = mysql_query($sql, $con_session);
233 $valid = mysql_num_rows($rs);
234 $row = mysql_fetch_array ($rs);
235 $time_human = $row["time_human"];
236 $time_unix = $row["time_unix"];
237 $time_expire = $row["time_expire"];
238 $session_id = $row["session_id"];
239 $staff_account = $row["staff_account"];
240
241 // Valid session, load all of the member properties.
242 if ($valid > 0) {
243 $this->valid = 1;
244 $this->time_human = $time_human;
245 $this->time_unix = $time_unix;
246 $this->time_expire = $time_expire;
247 $this->user_ip = $user_ip;
248 $this->session_id = $session_id;
249 $this->staff_account = $staff_account;
250 }
251 // Expired or invalid. Reset all of the member properties.
252 else {
253 $this->valid = 0;
254 $this->time_human = "";
255 $this->time_unix = "";
256 $this->time_expire = "";
257 $this->staff_account = "";
258 $this->user_ip = "";
259 $this->session_id = "";
260 }
261 }
262
263
264 /**********************************************************
265 Method: logoutSessionID
266 Author: Paul Bramscher
267 Last Modified: 10.09.2001
268 ***********************************************************
269 Comments:
270 When a user decides to logout, the session ID is deleted
271 from the session table.
272 **********************************************************/
273 function logoutSessionID() {
274
275 // Initialize
276 $con_session = $this->con_session;
277
278 // Fetch user ip
279 $user_ip = $GLOBALS["REMOTE_ADDR"];
280
281 // Continue only if the current IP matches the object IP, and the
282 // session is currently valid.
283 if ($user_ip == $this->user_ip && $this->valid == 1) {
284
285 // Get the object's session_id
286 $session_id = $this->session_id;
287
288 // Build the SQL line to delete
289 $sql = "DELETE FROM session WHERE session_id = '"
290 . $session_id
291 . "' AND user_ip = '"
292 . $user_ip
293 . "'";
294
295 //mysql_query ("LOCK TABLE session WRITE", $con_session);
296 if (!mysql_query($sql, $con_session)){
297 mysql_query ("UNLOCK TABLES", $con_session);
298 $this->bailout();
299 }
300 else {
301 mysql_query("UNLOCK TABLES", $con_session);
302 $this->setProperties($session_id, $user_ip);
303 }
304
305
306 // Kill the client-side cookie, set expiration equal to an hour ago.
307 setcookie ("libsession", "", time() - 3600);
308
309 }
310
311 }
312
313
314 /**********************************************************
315 Method: expireSessions
316 Author: Paul Bramscher
317 Last Modified: 10.9.2001
318 ***********************************************************
319 Comments:
320 This function is called periodically to cull expired
321 sessions from the table. It ought to be called in tandem
322 with any
323 **********************************************************/
324 function expireSessions() {
325 $con_session = $this->con_session;
326
327 // Fetch current microtime
328 $time_unix = $this->getmicrotime();
329
330 $sql = "DELETE FROM session where time_expire < " . $time_unix;
331
332 if (!mysql_query($sql, $con_session)){
333 sql_err($con_session);
334 mysql_query ("UNLOCK TABLES", $con_session);
335 bailout();
336 }
337 else {
338 mysql_query("UNLOCK TABLES", $con_session);
339 }
340 } // end of function
341 } // end of class
342 ?>

  ViewVC Help
Powered by ViewVC 1.1.26