pandorafms/pandora_console/include/load_session.php

<?php
/**
 * Session manager.
 *
 * @category   Session handler.
 * @package    Pandora FMS.
 * @subpackage OpenSource.
 * @version    1.0.0
 * @license    See below
 *
 *    ______                 ___                    _______ _______ ________
 *   |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
 *  |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
 * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
 *
 * ============================================================================
 * Copyright (c) 2005-2019 Artica Soluciones Tecnologicas
 * Please see http://pandorafms.org for full contribution list
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation for version 2.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * ============================================================================
 */

// Begin.


/**
 * Open session.
 *
 * @param string $save_path    Save path.
 * @param string $session_name Session name.
 *
 * @return boolean
 */
function pandora_session_open($save_path, $session_name)
{
    return true;
}


/**
 * Close session.
 *
 * @return boolean
 */
function pandora_session_close()
{
    return true;
}


/**
 * Read a session.
 *
 * @param string $session_id Session ID.
 *
 * @return string Session data.
 */
function pandora_session_read($session_id)
{
    $session_id = addslashes($session_id);
    $session_data = db_get_value(
        'data',
        'tsessions_php',
        'id_session',
        $session_id
    );

    if (!empty($session_data)) {
        return $session_data;
    } else {
        return '';
    }
}


/**
 * Write session data.
 *
 * @param string $session_id Session id.
 * @param string $data       Data.
 *
 * @return boolean
 */
function pandora_session_write($session_id, $data)
{
    $session_id = addslashes($session_id);

    if (is_ajax()) {
        // Avoid session upadte while processing ajax responses - notifications.
        if (get_parameter('check_new_notifications', false)) {
            return true;
        }
    }

    $values = [];
    $values['last_active'] = time();

    if (!empty($data)) {
        $values['data'] = addslashes($data);
    }

    $session_exists = (bool) db_get_value(
        'COUNT(id_session)',
        'tsessions_php',
        'id_session',
        $session_id
    );

    if (!$session_exists) {
        $values['id_session'] = $session_id;
        $retval_write = db_process_sql_insert('tsessions_php', $values);
    } else {
        $retval_write = db_process_sql_update(
            'tsessions_php',
            $values,
            ['id_session' => $session_id]
        );
    }

    return $retval_write !== false;
}


/**
 * Destroy a session.
 *
 * @param string $session_id Session Id.
 *
 * @return boolean
 */
function pandora_session_destroy($session_id)
{
    $session_id = addslashes($session_id);

    $retval = (bool) db_process_sql_delete(
        'tsessions_php',
        ['id_session' => $session_id]
    );

    return $retval;
}


/**
 * Session garbage collector.
 *
 * @param integer $max_lifetime Max lifetime.
 *
 * @return boolean.
 */
function pandora_session_gc($max_lifetime=300)
{
    global $config;

    if (isset($config['session_timeout'])) {
        $session_timeout = $config['session_timeout'];
    } else {
        // If $config doesn`t work ...
        $session_timeout = db_get_value(
            'value',
            'tconfig',
            'token',
            'session_timeout'
        );
    }

    if (empty($session_timeout) === false) {
        if ($session_timeout == -1) {
            // The session expires in 10 years.
            $session_timeout = 315576000;
        } else {
            $session_timeout *= 60;
        }

        $max_lifetime = $session_timeout;
    }

    $time_limit = (time() - $max_lifetime);

    $retval = (bool) db_process_sql_delete(
        'tsessions_php',
        [
            'last_active' => '<'.$time_limit,
        ]
    );

    // Deleting cron and empty sessions.
    $sql = 'DELETE FROM tsessions_php WHERE data IS NULL';
    db_process_sql($sql);

    return $retval;
}


// TODO: SAML should work with pandora session handlers.
if (db_get_value('value', 'tconfig', 'token', 'auth') != 'saml') {
    $result_handler = session_set_save_handler(
        'pandora_session_open',
        'pandora_session_close',
        'pandora_session_read',
        'pandora_session_write',
        'pandora_session_destroy',
        'pandora_session_gc'
    );
}
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`<?php`
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Session manager.`
			`*`
			`* @category Session handler.`
			`* @package Pandora FMS.`
			`* @subpackage OpenSource.`
			`* @version 1.0.0`
			`* @license See below`
			`*`
			`* ______ ___ _______ _______ ________`
			`* \| __ \.-----.--.--.--\| \|.-----.----.-----. \| ___\| \| \| __\|`
			`* \| __/\| _ \| \| _ \|\| _ \| _\| _ \| \| ___\| \|__ \|`
			`* \|___\| \|___._\|__\|__\|_____\|\|_____\|__\| \|___._\| \|___\| \|__\|_\|__\|_______\|`
			`*`
			`* ============================================================================`
			`* Copyright (c) 2005-2019 Artica Soluciones Tecnologicas`
			`* Please see http://pandorafms.org for full contribution list`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public License`
			`* as published by the Free Software Foundation for version 2.`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`* ============================================================================`
			`*/`

			`// Begin.`


			`/**`
			`* Open session.`
			`*`
			`* @param string $save_path Save path.`
			`* @param string $session_name Session name.`
			`*`
			`* @return boolean`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_open($save_path, $session_name)`
			`{`
			`return true;`
			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00

Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Close session.`
			`*`
			`* @return boolean`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_close()`
			`{`
			`return true;`
Refactored to fix some errors and improve the scalability 2015-05-11 20:54:23 +02:00			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00

Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Read a session.`
			`*`
			`* @param string $session_id Session ID.`
			`*`
			`* @return string Session data.`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_read($session_id)`
			`{`
			`$session_id = addslashes($session_id);`
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$session_data = db_get_value(`
			`'data',`
			`'tsessions_php',`
			`'id_session',`
			`$session_id`
			`);`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
			`if (!empty($session_data)) {`
			`return $session_data;`
			`} else {`
			`return '';`
			`}`
Refactored to fix some errors and improve the scalability 2015-05-11 20:54:23 +02:00			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00
fixed errors session_start 2018-11-21 13:08:58 +01:00
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Write session data.`
			`*`
			`* @param string $session_id Session id.`
			`* @param string $data Data.`
			`*`
			`* @return boolean`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_write($session_id, $data)`
			`{`
			`$session_id = addslashes($session_id);`

Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`if (is_ajax()) {`
			`// Avoid session upadte while processing ajax responses - notifications.`
			`if (get_parameter('check_new_notifications', false)) {`
minor fix to avoid log messages 2019-07-09 12:02:07 +02:00			`return true;`
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`}`
			`}`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`$values = [];`
			`$values['last_active'] = time();`
fixed errors session_start 2018-11-21 13:08:58 +01:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (!empty($data)) {`
			`$values['data'] = addslashes($data);`
			`}`
fixed errors session_start 2018-11-21 13:08:58 +01:00
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$session_exists = (bool) db_get_value(`
			`'COUNT(id_session)',`
			`'tsessions_php',`
			`'id_session',`
			`$session_id`
			`);`
fixed errors session_start 2018-11-21 13:08:58 +01:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (!$session_exists) {`
			`$values['id_session'] = $session_id;`
			`$retval_write = db_process_sql_insert('tsessions_php', $values);`
			`} else {`
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$retval_write = db_process_sql_update(`
			`'tsessions_php',`
			`$values,`
			`['id_session' => $session_id]`
			`);`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`return $retval_write !== false;`
Refactored to fix some errors and improve the scalability 2015-05-11 20:54:23 +02:00			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Destroy a session.`
			`*`
			`* @param string $session_id Session Id.`
			`*`
			`* @return boolean`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_destroy($session_id)`
			`{`
			`$session_id = addslashes($session_id);`

Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$retval = (bool) db_process_sql_delete(`
			`'tsessions_php',`
			`['id_session' => $session_id]`
			`);`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
			`return $retval;`
Refactored to fix some errors and improve the scalability 2015-05-11 20:54:23 +02:00			`}`
Ticket #1354. 2015-04-13 11:27:23 +02:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`/**`
			`* Session garbage collector.`
			`*`
			`* @param integer $max_lifetime Max lifetime.`
			`*`
			`* @return boolean.`
			`*/`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`function pandora_session_gc($max_lifetime=300)`
			`{`
			`global $config;`

			`if (isset($config['session_timeout'])) {`
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`$session_timeout = $config['session_timeout'];`
			`} else {`
Avoid close cron sessions while gc 2019-10-25 12:24:02 +02:00			// If $config doesn`t work ...
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`$session_timeout = db_get_value(`
			`'value',`
			`'tconfig',`
			`'token',`
			`'session_timeout'`
			`);`
			`}`

Avoid close cron sessions while gc 2019-10-25 12:24:02 +02:00			`if (empty($session_timeout) === false) {`
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`if ($session_timeout == -1) {`
Avoid close cron sessions while gc 2019-10-25 12:24:02 +02:00			`// The session expires in 10 years.`
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`$session_timeout = 315576000;`
			`} else {`
			`$session_timeout *= 60;`
			`}`

			`$max_lifetime = $session_timeout;`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`}`

			`$time_limit = (time() - $max_lifetime);`

Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$retval = (bool) db_process_sql_delete(`
			`'tsessions_php',`
			`[`
			`'last_active' => '<'.$time_limit,`
			`]`
			`);`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`// Deleting cron and empty sessions.`
Avoid close cron sessions while gc 2019-10-25 12:23:00 +02:00			`$sql = 'DELETE FROM tsessions_php WHERE data IS NULL';`
Fixed session garbage collector 2019-08-28 11:33:02 +02:00			`db_process_sql($sql);`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`return $retval;`
Ticket #1354. 2015-04-13 11:27:23 +02:00			`}`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00
Avoid close cron sessions while gc 2019-10-25 12:24:02 +02:00			`// TODO: SAML should work with pandora session handlers.`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (db_get_value('value', 'tconfig', 'token', 'auth') != 'saml') {`
Session expiration ignoring notifications checks 2019-07-01 12:46:09 +02:00			`$result_handler = session_set_save_handler(`
			`'pandora_session_open',`
			`'pandora_session_close',`
			`'pandora_session_read',`
			`'pandora_session_write',`
			`'pandora_session_destroy',`
			`'pandora_session_gc'`
			`);`
Patch to SAML login. It wont pass for pandora session handlers 2018-11-23 11:37:05 +01:00			`}`