API tools faq
paste
Advertisement
elisam69

piwigo

elisam69
Aug 14th, 2011
234
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.45 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // +-----------------------------------------------------------------------+
  3. // | Piwigo - a PHP based photo gallery |
  4. // +-----------------------------------------------------------------------+
  5. // | Copyright(C) 2008-2011 Piwigo Team http://piwigo.org |
  6. // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
  7. // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
  8. // +-----------------------------------------------------------------------+
  9. // | This program is free software; you can redistribute it and/or modify |
  10. // | it under the terms of the GNU General Public License as published by |
  11. // | the Free Software Foundation |
  12. // | |
  13. // | This program is distributed in the hope that it will be useful, but |
  14. // | WITHOUT ANY WARRANTY; without even the implied warranty of |
  15. // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16. // | General Public License for more details. |
  17. // | |
  18. // | You should have received a copy of the GNU General Public License |
  19. // | along with this program; if not, write to the Free Software |
  20. // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
  21. // | USA. |
  22. // +-----------------------------------------------------------------------+
  23.  
  24. // The function generate_key creates a string with pseudo random characters.
  25. // the size of the string depends on the $conf['session_id_size'].
  26. // Characters used are a-z A-Z and numerical values. Examples :
  27. // "Er4Tgh6", "Rrp08P", "54gj"
  28. // input : none (using global variable)
  29. // output : $key
  30. function generate_key($size)
  31. {
  32. global $conf;
  33.  
  34. $md5 = md5(substr(microtime(), 2, 6));
  35. $init = '';
  36. for ( $i = 0; $i < strlen( $md5 ); $i++ )
  37. {
  38. if ( is_numeric( $md5[$i] ) ) $init.= $md5[$i];
  39. }
  40. $init = substr( $init, 0, 8 );
  41. mt_srand( $init );
  42. $key = '';
  43. for ( $i = 0; $i < $size; $i++ )
  44. {
  45. $c = mt_rand( 0, 2 );
  46. if ( $c == 0 ) $key .= chr( mt_rand( 65, 90 ) );
  47. else if ( $c == 1 ) $key .= chr( mt_rand( 97, 122 ) );
  48. else $key .= mt_rand( 0, 9 );
  49. }
  50. return $key;
  51. }
  52.  
  53. if (isset($conf['session_save_handler'])
  54. and ($conf['session_save_handler'] == 'db')
  55. and defined('PHPWG_INSTALLED'))
  56. {
  57. session_set_save_handler('pwg_session_open',
  58. 'pwg_session_close',
  59. 'pwg_session_read',
  60. 'pwg_session_write',
  61. 'pwg_session_destroy',
  62. 'pwg_session_gc'
  63. );
  64. if ( function_exists('ini_set') )
  65. {
  66. ini_set('session.use_cookies', $conf['session_use_cookies']);
  67. ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
  68. ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
  69. ini_set('session.cookie_httponly', 1);
  70. }
  71. session_name($conf['session_name']);
  72. session_set_cookie_params(0, cookie_path());
  73. register_shutdown_function('session_write_close');
  74. }
  75.  
  76. /**
  77. * returns true; used when the session_start() function is called
  78. *
  79. * @params not use but useful for php engine
  80. */
  81. function pwg_session_open($path, $name)
  82. {
  83. return true;
  84. }
  85.  
  86. /**
  87. * returns true; used when the session is closed (unset($_SESSION))
  88. *
  89. */
  90. function pwg_session_close()
  91. {
  92. return true;
  93. }
  94.  
  95. function get_remote_addr_session_hash()
  96. {
  97. $separator = (FALSE === strpos($_SERVER['REMOTE_ADDR'],'.'))
  98. ? ':'
  99. : '.'
  100. ;
  101.  
  102. /*return vsprintf(
  103. "%02X%02X",
  104. explode($separator,$_SERVER['REMOTE_ADDR'])
  105. ); */
  106. return substr(md5($_SERVER['REMOTE_ADDR']), 0, 4);
  107. }
  108. /**
  109. * this function returns
  110. * a string corresponding to the value of the variable save in the session
  111. * or an empty string when the variable doesn't exist
  112. *
  113. * @param string session id
  114. */
  115. function pwg_session_read($session_id)
  116. {
  117. $query = '
  118. SELECT data
  119. FROM '.SESSIONS_TABLE.'
  120. WHERE id = \''.get_remote_addr_session_hash().$session_id.'\'
  121. ;';
  122. $result = pwg_query($query);
  123. if ($result)
  124. {
  125. $row = pwg_db_fetch_assoc($result);
  126. return $row['data'];
  127. }
  128. else
  129. {
  130. return '';
  131. }
  132. }
  133.  
  134. /**
  135. * returns true; writes set a variable in the active session
  136. *
  137. * @param string session id
  138. * @data string value of date to be saved
  139. */
  140. function pwg_session_write($session_id, $data)
  141. {
  142. $query = '
  143. REPLACE INTO '.SESSIONS_TABLE.'
  144. (id,data,expiration)
  145. VALUES(\''.get_remote_addr_session_hash().$session_id.'\',\''.$data.'\',now())
  146. ;';
  147. pwg_query($query);
  148. return true;
  149. }
  150.  
  151. /**
  152. * returns true; delete the active session
  153. *
  154. * @param string session id
  155. */
  156. function pwg_session_destroy($session_id)
  157. {
  158. $query = '
  159. DELETE
  160. FROM '.SESSIONS_TABLE.'
  161. WHERE id = \''.get_remote_addr_session_hash().$session_id.'\'
  162. ;';
  163. pwg_query($query);
  164. return true;
  165. }
  166.  
  167. /**
  168. * returns true; delete expired sessions
  169. * called each time a session is closed.
  170. */
  171. function pwg_session_gc()
  172. {
  173. global $conf;
  174.  
  175. $query = '
  176. DELETE
  177. FROM '.SESSIONS_TABLE.'
  178. WHERE '.pwg_db_date_to_ts('NOW()').' - '.pwg_db_date_to_ts('expiration').' > '
  179. .$conf['session_length'].'
  180. ;';
  181. pwg_query($query);
  182. return true;
  183. }
  184.  
  185.  
  186. /**
  187. * persistently stores a variable for the current session
  188. * currently we use standard php sessions but it might change
  189. * @return boolean true on success
  190. * @see pwg_get_session_var, pwg_unset_session_var
  191. */
  192. function pwg_set_session_var($var, $value)
  193. {
  194. if ( !isset($_SESSION) )
  195. return false;
  196. $_SESSION['pwg_'.$var] = $value;
  197. return true;
  198. }
  199.  
  200. /**
  201. * retrieves the value of a persistent variable for the current session
  202. * currently we use standard php sessions but it might change
  203. * @return mixed
  204. * @see pwg_set_session_var, pwg_unset_session_var
  205. */
  206. function pwg_get_session_var($var, $default = null)
  207. {
  208. if (isset( $_SESSION['pwg_'.$var] ) )
  209. {
  210. return $_SESSION['pwg_'.$var];
  211. }
  212. return $default;
  213. }
  214.  
  215. /**
  216. * deletes a persistent variable for the current session
  217. * currently we use standard php sessions but it might change
  218. * @return boolean true on success
  219. * @see pwg_set_session_var, pwg_get_session_var
  220. */
  221. function pwg_unset_session_var($var)
  222. {
  223. if ( !isset($_SESSION) )
  224. return false;
  225. unset( $_SESSION['pwg_'.$var] );
  226. return true;
  227. }
  228.  
  229. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!