corpus_parole: cms/drupal/includes/session.inc@2c579ea45608 (annotated)

541 e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	2
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	3	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	4	* @file
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	5	* User session handling functions.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	6	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	7	* The user-level session storage handlers:
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	8	* - _drupal_session_open()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	9	* - _drupal_session_close()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	10	* - _drupal_session_read()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	11	* - _drupal_session_write()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	12	* - _drupal_session_destroy()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	13	* - _drupal_session_garbage_collection()
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	14	* are assigned by session_set_save_handler() in bootstrap.inc and are called
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	15	* automatically by PHP. These functions should not be called directly. Session
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	16	* data should instead be accessed via the $_SESSION superglobal.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	17	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	18
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	19	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	20	* Session handler assigned by session_set_save_handler().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	21	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	22	* This function is used to handle any initialization, such as file paths or
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	23	* database connections, that is needed before accessing session data. Drupal
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	24	* does not need to initialize anything in this function.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	25	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	26	* This function should not be called directly.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	27	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	28	* @return
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	29	* This function will always return TRUE.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	30	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	31	function _drupal_session_open() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	32	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	33	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	34
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	35	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	36	* Session handler assigned by session_set_save_handler().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	37	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	38	* This function is used to close the current session. Because Drupal stores
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	39	* session data in the database immediately on write, this function does
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	40	* not need to do anything.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	41	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	42	* This function should not be called directly.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	43	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	44	* @return
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	45	* This function will always return TRUE.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	46	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	47	function _drupal_session_close() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	48	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	49	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	50
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	51	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	52	* Reads an entire session from the database (internal use only).
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	53	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	54	* Also initializes the $user object for the user associated with the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	55	* This function is registered with session_set_save_handler() to support
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	56	* database-backed sessions. It is called on every page load when PHP sets
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	57	* up the $_SESSION superglobal.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	58	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	59	* This function is an internal function and must not be called directly.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	60	* Doing so may result in logging out the current user, corrupting session data
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	61	* or other unexpected behavior. Session data must always be accessed via the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	62	* $_SESSION superglobal.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	63	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	64	* @param $sid
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	65	* The session ID of the session to retrieve.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	66	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	67	* @return
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	68	* The user's session, or an empty string if no session exists.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	69	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	70	function _drupal_session_read($sid) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	71	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	72
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	73	// Write and Close handlers are called after destructing objects
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	74	// since PHP 5.0.5.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	75	// Thus destructors can use sessions but session handler can't use objects.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	76	// So we are moving session closure before destructing objects.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	77	drupal_register_shutdown_function('session_write_close');
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	78
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	79	// Handle the case of first time visitors and clients that don't store
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	80	// cookies (eg. web crawlers).
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	81	$insecure_session_name = substr(session_name(), 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	82	if (empty($sid) \|\| (!isset($_COOKIE[session_name()]) && !isset($_COOKIE[$insecure_session_name]))) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	83	$user = drupal_anonymous_user();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	84	return '';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	85	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	86
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	87	// Otherwise, if the session is still active, we have a record of the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	88	// client's session in the database. If it's HTTPS then we are either have
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	89	// a HTTPS session or we are about to log in so we check the sessions table
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	90	// for an anonymous session with the non-HTTPS-only cookie.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	91	if ($is_https) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	92	$user = db_query("SELECT u., s. FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchObject();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	93	if (!$user) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	94	if (isset($_COOKIE[$insecure_session_name])) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	95	$user = db_query("SELECT u., s. FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array(
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	96	':sid' => $_COOKIE[$insecure_session_name]))
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	97	->fetchObject();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	98	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	99	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	100	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	101	else {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	102	$user = db_query("SELECT u., s. FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchObject();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	103	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	104
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	105	// We found the client's session record and they are an authenticated,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	106	// active user.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	107	if ($user && $user->uid > 0 && $user->status == 1) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	108	// This is done to unserialize the data member of $user.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	109	$user->data = unserialize($user->data);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	110
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	111	// Add roles element to $user.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	112	$user->roles = array();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	113	$user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	114	$user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	115	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	116	elseif ($user) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	117	// The user is anonymous or blocked. Only preserve two fields from the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	118	// {sessions} table.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	119	$account = drupal_anonymous_user();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	120	$account->session = $user->session;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	121	$account->timestamp = $user->timestamp;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	122	$user = $account;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	123	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	124	else {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	125	// The session has expired.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	126	$user = drupal_anonymous_user();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	127	$user->session = '';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	128	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	129
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	130	// Store the session that was read for comparison in _drupal_session_write().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	131	$last_read = &drupal_static('drupal_session_last_read');
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	132	$last_read = array(
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	133	'sid' => $sid,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	134	'value' => $user->session,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	135	);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	136
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	137	return $user->session;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	138	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	139
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	140	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	141	* Writes an entire session to the database (internal use only).
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	142	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	143	* This function is registered with session_set_save_handler() to support
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	144	* database-backed sessions.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	145	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	146	* This function is an internal function and must not be called directly.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	147	* Doing so may result in corrupted session data or other unexpected behavior.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	148	* Session data must always be accessed via the $_SESSION superglobal.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	149	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	150	* @param $sid
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	151	* The session ID of the session to write to.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	152	* @param $value
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	153	* Session data to write as a serialized string.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	154	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	155	* @return
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	156	* Always returns TRUE.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	157	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	158	function _drupal_session_write($sid, $value) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	159	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	160
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	161	// The exception handler is not active at this point, so we need to do it
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	162	// manually.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	163	try {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	164	if (!drupal_save_session()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	165	// We don't have anything to do if we are not allowed to save the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	166	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	167	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	168
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	169	// Check whether $_SESSION has been changed in this request.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	170	$last_read = &drupal_static('drupal_session_last_read');
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	171	$is_changed = !isset($last_read) \|\| $last_read['sid'] != $sid \|\| $last_read['value'] !== $value;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	172
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	173	// For performance reasons, do not update the sessions table, unless
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	174	// $_SESSION has changed or more than 180 has passed since the last update.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	175	if ($is_changed \|\| !isset($user->timestamp) \|\| REQUEST_TIME - $user->timestamp > variable_get('session_write_interval', 180)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	176	// Either ssid or sid or both will be added from $key below.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	177	$fields = array(
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	178	'uid' => $user->uid,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	179	'cache' => isset($user->cache) ? $user->cache : 0,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	180	'hostname' => ip_address(),
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	181	'session' => $value,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	182	'timestamp' => REQUEST_TIME,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	183	);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	184
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	185	// Use the session ID as 'sid' and an empty string as 'ssid' by default.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	186	// _drupal_session_read() does not allow empty strings so that's a safe
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	187	// default.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	188	$key = array('sid' => $sid, 'ssid' => '');
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	189	// On HTTPS connections, use the session ID as both 'sid' and 'ssid'.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	190	if ($is_https) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	191	$key['ssid'] = $sid;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	192	// The "secure pages" setting allows a site to simultaneously use both
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	193	// secure and insecure session cookies. If enabled and both cookies are
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	194	// presented then use both keys.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	195	if (variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	196	$insecure_session_name = substr(session_name(), 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	197	if (isset($_COOKIE[$insecure_session_name])) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	198	$key['sid'] = $_COOKIE[$insecure_session_name];
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	199	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	200	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	201	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	202	elseif (variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	203	unset($key['ssid']);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	204	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	205
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	206	db_merge('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	207	->key($key)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	208	->fields($fields)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	209	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	210	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	211
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	212	// Likewise, do not update access time more than once per 180 seconds.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	213	if ($user->uid && REQUEST_TIME - $user->access > variable_get('session_write_interval', 180)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	214	db_update('users')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	215	->fields(array(
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	216	'access' => REQUEST_TIME
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	217	))
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	218	->condition('uid', $user->uid)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	219	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	220	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	221
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	222	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	223	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	224	catch (Exception $exception) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	225	require_once DRUPAL_ROOT . '/includes/errors.inc';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	226	// If we are displaying errors, then do so with no possibility of a further
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	227	// uncaught exception being thrown.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	228	if (error_displayable()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	229	print '<h1>Uncaught exception thrown in session handler.</h1>';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	230	print '<p>' . _drupal_render_exception_safe($exception) . '</p><hr />';
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	231	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	232	return FALSE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	233	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	234	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	235
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	236	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	237	* Initializes the session handler, starting a session if needed.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	238	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	239	function drupal_session_initialize() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	240	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	241
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	242	session_set_save_handler('_drupal_session_open', '_drupal_session_close', '_drupal_session_read', '_drupal_session_write', '_drupal_session_destroy', '_drupal_session_garbage_collection');
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	243
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	244	// We use !empty() in the following check to ensure that blank session IDs
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	245	// are not valid.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	246	if (!empty($_COOKIE[session_name()]) \|\| ($is_https && variable_get('https', FALSE) && !empty($_COOKIE[substr(session_name(), 1)]))) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	247	// If a session cookie exists, initialize the session. Otherwise the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	248	// session is only started on demand in drupal_session_commit(), making
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	249	// anonymous users not use a session cookie unless something is stored in
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	250	// $_SESSION. This allows HTTP proxies to cache anonymous pageviews.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	251	drupal_session_start();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	252	if (!empty($user->uid) \|\| !empty($_SESSION)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	253	drupal_page_is_cacheable(FALSE);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	254	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	255	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	256	else {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	257	// Set a session identifier for this request. This is necessary because
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	258	// we lazily start sessions at the end of this request, and some
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	259	// processes (like drupal_get_token()) needs to know the future
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	260	// session ID in advance.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	261	$GLOBALS['lazy_session'] = TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	262	$user = drupal_anonymous_user();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	263	// Less random sessions (which are much faster to generate) are used for
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	264	// anonymous users than are generated in drupal_session_regenerate() when
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	265	// a user becomes authenticated.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	266	session_id(drupal_random_key());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	267	if ($is_https && variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	268	$insecure_session_name = substr(session_name(), 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	269	$session_id = drupal_random_key();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	270	$_COOKIE[$insecure_session_name] = $session_id;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	271	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	272	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	273	date_default_timezone_set(drupal_get_user_timezone());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	274	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	275
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	276	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	277	* Starts a session forcefully, preserving already set session data.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	278	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	279	* @ingroup php_wrappers
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	280	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	281	function drupal_session_start() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	282	// Command line clients do not support cookies nor sessions.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	283	if (!drupal_session_started() && !drupal_is_cli()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	284	// Save current session data before starting it, as PHP will destroy it.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	285	$session_data = isset($_SESSION) ? $_SESSION : NULL;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	286
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	287	session_start();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	288	drupal_session_started(TRUE);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	289
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	290	// Restore session data.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	291	if (!empty($session_data)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	292	$_SESSION += $session_data;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	293	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	294	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	295	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	296
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	297	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	298	* Commits the current session, if necessary.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	299	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	300	* If an anonymous user already have an empty session, destroy it.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	301	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	302	function drupal_session_commit() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	303	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	304
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	305	if (!drupal_save_session()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	306	// We don't have anything to do if we are not allowed to save the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	307	return;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	308	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	309
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	310	if (empty($user->uid) && empty($_SESSION)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	311	// There is no session data to store, destroy the session if it was
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	312	// previously started.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	313	if (drupal_session_started()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	314	session_destroy();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	315	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	316	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	317	else {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	318	// There is session data to store. Start the session if it is not already
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	319	// started.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	320	if (!drupal_session_started()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	321	drupal_session_start();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	322	if ($is_https && variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	323	$insecure_session_name = substr(session_name(), 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	324	$params = session_get_cookie_params();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	325	$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	326	setcookie($insecure_session_name, $_COOKIE[$insecure_session_name], $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	327	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	328	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	329	// Write the session data.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	330	session_write_close();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	331	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	332	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	333
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	334	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	335	* Returns whether a session has been started.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	336	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	337	function drupal_session_started($set = NULL) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	338	static $session_started = FALSE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	339	if (isset($set)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	340	$session_started = $set;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	341	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	342	return $session_started && session_id();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	343	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	344
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	345	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	346	* Called when an anonymous user becomes authenticated or vice-versa.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	347	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	348	* @ingroup php_wrappers
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	349	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	350	function drupal_session_regenerate() {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	351	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	352	// Nothing to do if we are not allowed to change the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	353	if (!drupal_save_session()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	354	return;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	355	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	356
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	357	if ($is_https && variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	358	$insecure_session_name = substr(session_name(), 1);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	359	if (!isset($GLOBALS['lazy_session']) && isset($_COOKIE[$insecure_session_name])) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	360	$old_insecure_session_id = $_COOKIE[$insecure_session_name];
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	361	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	362	$params = session_get_cookie_params();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	363	$session_id = drupal_random_key();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	364	// If a session cookie lifetime is set, the session will expire
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	365	// $params['lifetime'] seconds from the current request. If it is not set,
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	366	// it will expire when the browser is closed.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	367	$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	368	setcookie($insecure_session_name, $session_id, $expire, $params['path'], $params['domain'], FALSE, $params['httponly']);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	369	$_COOKIE[$insecure_session_name] = $session_id;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	370	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	371
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	372	if (drupal_session_started()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	373	$old_session_id = session_id();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	374	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	375	session_id(drupal_random_key());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	376
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	377	if (isset($old_session_id)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	378	$params = session_get_cookie_params();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	379	$expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	380	setcookie(session_name(), session_id(), $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	381	$fields = array('sid' => session_id());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	382	if ($is_https) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	383	$fields['ssid'] = session_id();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	384	// If the "secure pages" setting is enabled, use the newly-created
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	385	// insecure session identifier as the regenerated sid.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	386	if (variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	387	$fields['sid'] = $session_id;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	388	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	389	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	390	db_update('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	391	->fields($fields)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	392	->condition($is_https ? 'ssid' : 'sid', $old_session_id)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	393	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	394	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	395	elseif (isset($old_insecure_session_id)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	396	// If logging in to the secure site, and there was no active session on the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	397	// secure site but a session was active on the insecure site, update the
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	398	// insecure session with the new session identifiers.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	399	db_update('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	400	->fields(array('sid' => $session_id, 'ssid' => session_id()))
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	401	->condition('sid', $old_insecure_session_id)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	402	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	403	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	404	else {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	405	// Start the session when it doesn't exist yet.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	406	// Preserve the logged in user, as it will be reset to anonymous
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	407	// by _drupal_session_read.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	408	$account = $user;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	409	drupal_session_start();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	410	$user = $account;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	411	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	412	date_default_timezone_set(drupal_get_user_timezone());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	413	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	414
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	415	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	416	* Session handler assigned by session_set_save_handler().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	417	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	418	* Cleans up a specific session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	419	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	420	* @param $sid
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	421	* Session ID.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	422	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	423	function _drupal_session_destroy($sid) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	424	global $user, $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	425
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	426	// Nothing to do if we are not allowed to change the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	427	if (!drupal_save_session()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	428	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	429	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	430
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	431	// Delete session data.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	432	db_delete('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	433	->condition($is_https ? 'ssid' : 'sid', $sid)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	434	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	435
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	436	// Reset $_SESSION and $user to prevent a new session from being started
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	437	// in drupal_session_commit().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	438	$_SESSION = array();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	439	$user = drupal_anonymous_user();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	440
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	441	// Unset the session cookies.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	442	_drupal_session_delete_cookie(session_name());
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	443	if ($is_https) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	444	_drupal_session_delete_cookie(substr(session_name(), 1), FALSE);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	445	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	446	elseif (variable_get('https', FALSE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	447	_drupal_session_delete_cookie('S' . session_name(), TRUE);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	448	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	449
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	450	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	451	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	452
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	453	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	454	* Deletes the session cookie.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	455	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	456	* @param $name
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	457	* Name of session cookie to delete.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	458	* @param boolean $secure
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	459	* Force the secure value of the cookie.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	460	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	461	function _drupal_session_delete_cookie($name, $secure = NULL) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	462	global $is_https;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	463	if (isset($_COOKIE[$name]) \|\| (!$is_https && $secure === TRUE)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	464	$params = session_get_cookie_params();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	465	if ($secure !== NULL) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	466	$params['secure'] = $secure;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	467	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	468	setcookie($name, '', REQUEST_TIME - 3600, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	469	unset($_COOKIE[$name]);
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	470	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	471	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	472
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	473	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	474	* Ends a specific user's session(s).
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	475	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	476	* @param $uid
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	477	* User ID.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	478	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	479	function drupal_session_destroy_uid($uid) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	480	// Nothing to do if we are not allowed to change the session.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	481	if (!drupal_save_session()) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	482	return;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	483	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	484
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	485	db_delete('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	486	->condition('uid', $uid)
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	487	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	488	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	489
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	490	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	491	* Session handler assigned by session_set_save_handler().
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	492	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	493	* Cleans up stalled sessions.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	494	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	495	* @param $lifetime
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	496	* The value of session.gc_maxlifetime, passed by PHP.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	497	* Sessions not updated for more than $lifetime seconds will be removed.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	498	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	499	function _drupal_session_garbage_collection($lifetime) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	500	// Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	501	// value. For example, if you want user sessions to stay in your database
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	502	// for three weeks before deleting them, you need to set gc_maxlifetime
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	503	// to '1814400'. At that value, only after a user doesn't log in after
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	504	// three weeks (1814400 seconds) will his/her session be removed.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	505	db_delete('sessions')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	506	->condition('timestamp', REQUEST_TIME - $lifetime, '<')
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	507	->execute();
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	508	return TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	509	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	510
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	511	/**
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	512	* Determines whether to save session data of the current request.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	513	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	514	* This function allows the caller to temporarily disable writing of
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	515	* session data, should the request end while performing potentially
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	516	* dangerous operations, such as manipulating the global $user object.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	517	* See http://drupal.org/node/218104 for usage.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	518	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	519	* @param $status
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	520	* Disables writing of session data when FALSE, (re-)enables
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	521	* writing when TRUE.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	522	*
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	523	* @return
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	524	* FALSE if writing session data has been disabled. Otherwise, TRUE.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	525	*/
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	526	function drupal_save_session($status = NULL) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	527	// PHP session ID, session, and cookie handling happens in the global scope.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	528	// This value has to persist across calls to drupal_static_reset(), since a
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	529	// potentially wrong or disallowed session would be written otherwise.
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	530	static $save_session = TRUE;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	531	if (isset($status)) {
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	532	$save_session = $status;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	533	}
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	534	return $save_session;
e756a8c72c3d integrate drupal and correct build process. update version ymh <ymh.work@gmail.com> parents: diff changeset	535	}

author	ymh <ymh.work@gmail.com>
	Mon, 16 Oct 2017 15:22:08 +0200
changeset 552	2c579ea45608
parent 541	e756a8c72c3d
permissions	-rw-r--r--