2019-01-30 16:18:44 +01:00
|
|
|
<?php
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Session manager.
|
|
|
|
*
|
|
|
|
* @category Session handler.
|
|
|
|
* @package Pandora FMS.
|
|
|
|
* @subpackage OpenSource.
|
|
|
|
* @version 1.0.0
|
|
|
|
* @license See below
|
|
|
|
*
|
|
|
|
* ______ ___ _______ _______ ________
|
2023-06-08 12:42:10 +02:00
|
|
|
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
|
|
|
|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
|
2019-07-01 12:46:09 +02:00
|
|
|
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
|
|
|
|
*
|
|
|
|
* ============================================================================
|
2023-06-08 11:53:13 +02:00
|
|
|
* Copyright (c) 2005-2023 Pandora FMS
|
2023-06-08 13:10:16 +02:00
|
|
|
* Please see http://pandorafms.com/community/ for full contribution list
|
2019-07-01 12:46:09 +02:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation for version 2.
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
* ============================================================================
|
|
|
|
*/
|
|
|
|
|
|
|
|
// Begin.
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Open session.
|
|
|
|
*
|
|
|
|
* @param string $save_path Save path.
|
|
|
|
* @param string $session_name Session name.
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_open($save_path, $session_name)
|
|
|
|
{
|
|
|
|
return true;
|
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Close session.
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_close()
|
|
|
|
{
|
|
|
|
return true;
|
2015-05-11 20:54:23 +02:00
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Read a session.
|
|
|
|
*
|
|
|
|
* @param string $session_id Session ID.
|
|
|
|
*
|
|
|
|
* @return string Session data.
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_read($session_id)
|
|
|
|
{
|
|
|
|
$session_id = addslashes($session_id);
|
2020-10-19 10:59:46 +02:00
|
|
|
|
|
|
|
// Do not use SQL cache here.
|
|
|
|
$session_data = db_get_all_rows_sql(
|
|
|
|
sprintf(
|
|
|
|
'SELECT data
|
|
|
|
FROM `tsessions_php` WHERE id_session="%s"',
|
|
|
|
$session_id
|
|
|
|
),
|
|
|
|
false,
|
|
|
|
false
|
2019-07-01 12:46:09 +02:00
|
|
|
);
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2020-10-19 10:59:46 +02:00
|
|
|
if (is_array($session_data) === true) {
|
|
|
|
$session_data = $session_data[0]['data'];
|
|
|
|
}
|
|
|
|
|
|
|
|
if (empty($session_data) === false) {
|
2019-01-30 16:18:44 +01:00
|
|
|
return $session_data;
|
|
|
|
} else {
|
|
|
|
return '';
|
|
|
|
}
|
2015-05-11 20:54:23 +02:00
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
2018-11-21 13:08:58 +01:00
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Write session data.
|
|
|
|
*
|
|
|
|
* @param string $session_id Session id.
|
|
|
|
* @param string $data Data.
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_write($session_id, $data)
|
|
|
|
{
|
|
|
|
$session_id = addslashes($session_id);
|
2019-07-01 12:46:09 +02:00
|
|
|
if (is_ajax()) {
|
|
|
|
// Avoid session upadte while processing ajax responses - notifications.
|
|
|
|
if (get_parameter('check_new_notifications', false)) {
|
2019-07-09 12:02:07 +02:00
|
|
|
return true;
|
2019-07-01 12:46:09 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
$values = [];
|
|
|
|
$values['last_active'] = time();
|
2018-11-21 13:08:58 +01:00
|
|
|
|
2020-10-19 10:59:46 +02:00
|
|
|
if (empty($data) === false) {
|
2019-01-30 16:18:44 +01:00
|
|
|
$values['data'] = addslashes($data);
|
|
|
|
}
|
2018-11-21 13:08:58 +01:00
|
|
|
|
2020-10-19 10:59:46 +02:00
|
|
|
// Do not use SQL cache here.
|
|
|
|
$session_exists = db_get_all_rows_sql(
|
|
|
|
sprintf(
|
|
|
|
'SELECT id_session
|
|
|
|
FROM `tsessions_php` WHERE id_session="%s"',
|
|
|
|
$session_id
|
|
|
|
),
|
|
|
|
false,
|
|
|
|
false
|
2019-07-01 12:46:09 +02:00
|
|
|
);
|
2018-11-21 13:08:58 +01:00
|
|
|
|
2020-10-19 10:59:46 +02:00
|
|
|
if ($session_exists === false) {
|
2019-01-30 16:18:44 +01:00
|
|
|
$values['id_session'] = $session_id;
|
|
|
|
$retval_write = db_process_sql_insert('tsessions_php', $values);
|
|
|
|
} else {
|
2019-07-01 12:46:09 +02:00
|
|
|
$retval_write = db_process_sql_update(
|
|
|
|
'tsessions_php',
|
|
|
|
$values,
|
|
|
|
['id_session' => $session_id]
|
|
|
|
);
|
2019-01-30 16:18:44 +01:00
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
return $retval_write !== false;
|
2015-05-11 20:54:23 +02:00
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Destroy a session.
|
|
|
|
*
|
|
|
|
* @param string $session_id Session Id.
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_destroy($session_id)
|
|
|
|
{
|
|
|
|
$session_id = addslashes($session_id);
|
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
$retval = (bool) db_process_sql_delete(
|
|
|
|
'tsessions_php',
|
|
|
|
['id_session' => $session_id]
|
|
|
|
);
|
2019-01-30 16:18:44 +01:00
|
|
|
|
|
|
|
return $retval;
|
2015-05-11 20:54:23 +02:00
|
|
|
}
|
2015-04-13 11:27:23 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
/**
|
|
|
|
* Session garbage collector.
|
|
|
|
*
|
|
|
|
* @param integer $max_lifetime Max lifetime.
|
|
|
|
*
|
|
|
|
* @return boolean.
|
|
|
|
*/
|
2019-01-30 16:18:44 +01:00
|
|
|
function pandora_session_gc($max_lifetime=300)
|
|
|
|
{
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
if (isset($config['session_timeout'])) {
|
2019-08-28 11:33:02 +02:00
|
|
|
$session_timeout = $config['session_timeout'];
|
|
|
|
} else {
|
2019-10-25 12:24:02 +02:00
|
|
|
// If $config doesn`t work ...
|
2019-08-28 11:33:02 +02:00
|
|
|
$session_timeout = db_get_value(
|
|
|
|
'value',
|
|
|
|
'tconfig',
|
|
|
|
'token',
|
|
|
|
'session_timeout'
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2019-10-25 12:24:02 +02:00
|
|
|
if (empty($session_timeout) === false) {
|
2019-08-28 11:33:02 +02:00
|
|
|
if ($session_timeout == -1) {
|
2019-10-25 12:24:02 +02:00
|
|
|
// The session expires in 10 years.
|
2019-08-28 11:33:02 +02:00
|
|
|
$session_timeout = 315576000;
|
|
|
|
} else {
|
|
|
|
$session_timeout *= 60;
|
|
|
|
}
|
|
|
|
|
|
|
|
$max_lifetime = $session_timeout;
|
2019-01-30 16:18:44 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
$time_limit = (time() - $max_lifetime);
|
|
|
|
|
2019-07-01 12:46:09 +02:00
|
|
|
$retval = (bool) db_process_sql_delete(
|
|
|
|
'tsessions_php',
|
|
|
|
[
|
|
|
|
'last_active' => '<'.$time_limit,
|
|
|
|
]
|
|
|
|
);
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2019-08-28 11:33:02 +02:00
|
|
|
// Deleting cron and empty sessions.
|
2019-10-25 12:23:00 +02:00
|
|
|
$sql = 'DELETE FROM tsessions_php WHERE data IS NULL';
|
2019-08-28 11:33:02 +02:00
|
|
|
db_process_sql($sql);
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
return $retval;
|
2015-04-13 11:27:23 +02:00
|
|
|
}
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2020-10-16 14:00:38 +02:00
|
|
|
/**
|
|
|
|
* Enables custom session handlers.
|
|
|
|
*
|
|
|
|
* @return boolean Context changed or not.
|
|
|
|
*/
|
|
|
|
function enable_session_handlers()
|
|
|
|
{
|
|
|
|
global $config;
|
|
|
|
|
2021-02-09 10:25:08 +01:00
|
|
|
if (isset($config['_using_pandora_sessionhandlers']) !== true
|
|
|
|
|| $config['_using_pandora_sessionhandlers'] !== true
|
|
|
|
) {
|
2020-10-16 14:00:38 +02:00
|
|
|
if (session_status() !== PHP_SESSION_NONE) {
|
|
|
|
// Close previous version.
|
|
|
|
session_write_close();
|
|
|
|
}
|
|
|
|
|
|
|
|
$sesion_handler = session_set_save_handler(
|
|
|
|
'pandora_session_open',
|
|
|
|
'pandora_session_close',
|
|
|
|
'pandora_session_read',
|
|
|
|
'pandora_session_write',
|
|
|
|
'pandora_session_destroy',
|
|
|
|
'pandora_session_gc'
|
|
|
|
);
|
|
|
|
|
|
|
|
session_start();
|
|
|
|
|
|
|
|
// Restore previous session.
|
|
|
|
$config['_using_pandora_sessionhandlers'] = true;
|
|
|
|
return $sesion_handler;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Disables custom session handlers.
|
|
|
|
*
|
2020-10-16 15:24:21 +02:00
|
|
|
* @param string|null $id_session Force swap to target session.
|
|
|
|
*
|
2020-10-16 14:00:38 +02:00
|
|
|
* @return void
|
|
|
|
*/
|
2020-10-16 15:24:21 +02:00
|
|
|
function disable_session_handlers($id_session=null)
|
2020-10-16 14:00:38 +02:00
|
|
|
{
|
|
|
|
global $config;
|
|
|
|
|
|
|
|
if (session_status() !== PHP_SESSION_NONE) {
|
|
|
|
// Close previous version.
|
|
|
|
session_write_close();
|
|
|
|
}
|
|
|
|
|
|
|
|
$ss = new SessionHandler();
|
|
|
|
session_set_save_handler($ss, true);
|
|
|
|
|
2020-10-16 15:24:21 +02:00
|
|
|
if ($id_session !== null) {
|
|
|
|
session_id($id_session);
|
|
|
|
}
|
|
|
|
|
2020-10-16 14:00:38 +02:00
|
|
|
session_start();
|
|
|
|
|
|
|
|
$config['_using_pandora_sessionhandlers'] = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Always enable session handler.
|
|
|
|
$result_handler = enable_session_handlers();
|