1
mondarse
Session Bug Patch
  • 2003/12/3 10:40

  • mondarse

  • Just popping in

  • Posts: 96

  • Since: 2003/2/3 1


Hi, I have made myself a patch that solves the bug I have described earlier in this topic:
https://xoops.org/modules/newbb/viewtopic.php?topic_id=14208&forum=21#forumpost57443

The patch only includes two new lines of code, that calls Garbage Colector function (included already) that clears session counter:
File: kernel\session.php
Lines Patched: #129 and #147
Code:
Quote:

<?php
// $Id: session.php,v 1.2 2003/03/12 21:02:08 okazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
// <https://xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// You may not change or alter any portion of this comment or credits //
// of supporting developers from this source code or any supporting //
// source code which is considered copyrighted (c) material of the //
// original comment or credit authors. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------ //
// Author: Kazumi Ono (AKA onokazu) //
// URL:http://www.myweb.ne.jp/,https://xoops.org/,http://www.xoopscube.jp/ //
// Project: The XOOPS Project //
// ------------------------------------------------------------------------- //
/**
* @package kernel
*
* @author Kazumi Ono <onokazu@xoops.org>
* @copyright copyright (c) 2000-2003 XOOPS.org
*/


/**
* Handler for a session
* @package kernel
*
* @author Kazumi Ono <onokazu@xoops.org>
* @copyright copyright (c) 2000-2003 XOOPS.org
*/
class XoopsSessionHandler
{

/**
* Database connection
*
* @var object
* @access private
*/
var $db;

/**
* Constructor
*
* @param object &$mf reference to a XoopsManagerFactory
*
*/
function XoopsSessionHandler(&$db)
{
$this->db =& $db;
}

/**
* Open a session
*
* @param string $save_path
* @param string $session_name
*
* @return bool
*/
function open($save_path, $session_name)
{
return true;
}

/**
* Close a session
*
* @return bool
*/
function close()
{
return true;
}

/**
* Read a session from the database
*
* @param string &sess_id ID of the session
*
* @return array Session data
*/
function read($sess_id)
{
$sql = "SELECT sess_data FROM ".$this->db->prefix('session')." WHERE sess_id = '$sess_id'";
if (false != $result = $this->db->query($sql)) {
if (list($sess_data) = $this->db->fetchRow($result)) {
return $sess_data;
}
}
return '';
}

/**
* Write a session to the database
*
* @param string $sess_id
* @param string $sess_data
*
* @return bool
**/
function write($sess_id, $sess_data)
{
global $HTTP_SERVER_VARS;
list($count) = $this->db->fetchRow($this->db->query("SELECT COUNT(*) FROM ".$this->db->prefix('session')." WHERE sess_id='".$sess_id."'"));
if ( $count > 0 ) {
$sql = sprintf("UPDATE %s SET sess_updated = %u, sess_data = '%s' WHERE sess_id = '%s'", $this->db->prefix('session'), time(), $sess_data, $sess_id);
} else {
$sql = sprintf("INSERT INTO %s (sess_id, sess_updated, sess_ip, sess_data) VALUES ('%s', %u, '%s', '%s')", $this->db->prefix('session'), $sess_id, time(), $HTTP_SERVER_VARS['REMOTE_ADDR'], $sess_data);
}
if (!$this->db->queryF($sql)) {
return false;
}
// MonDarse Hack//
$this->gc(300);
// MonDarse Hack//

return true;
}

/**
* Destroy a session
*
* @param string $sess_id
*
* @return bool
**/
function destroy($sess_id)
{
$sql = sprintf("DELETE FROM %s WHERE sess_id = '%s'", $this->db->prefix('session'), $sess_id);
if ( !$result = $this->db->queryF($sql) ) {
return false;
}
// MonDarse Hack//
$this->gc(300);
// MonDarse Hack//

return true;
}

/**
* Garbage Collector
*
* @param int $expire Time in seconds until a session expires
**/
function gc($expire)
{
$mintime = time() - intval($expire);
$sql = sprintf("DELETE FROM %s WHERE sess_updated < %u", $this->db->prefix('session'), $mintime);
$this->db->queryF($sql);
}
}
?>


I hope this would be usefull for others, or for the dev team

2
Herko
Re: Session Bug Patch
  • 2003/12/3 11:21

  • Herko

  • XOOPS is my life!

  • Posts: 4238

  • Since: 2002/2/4 1


Devs are notified

Herko

3
mondarse
Re: Session Bug Patch
  • 2003/12/3 18:21

  • mondarse

  • Just popping in

  • Posts: 96

  • Since: 2003/2/3 1


Ok, I'm proud to be able to help XOOPS community.


4
CBlue
Re: Session Bug Patch

Thanks Mondarse! I installed your hack on both of my sites and it seems to be working great! No problems that I can see with using this hack.

5
mvandam
Re: Session Bug Patch
  • 2003/12/3 19:28

  • mvandam

  • Quite a regular

  • Posts: 253

  • Since: 2003/2/7 2


Just a suggestion about this hack... it would be better to use the admin-configured session-lifetime rather than a fixed value of 300 seconds.

6
mondarse
Re: Session Bug Patch
  • 2003/12/3 22:52

  • mondarse

  • Just popping in

  • Posts: 96

  • Since: 2003/2/3 1


Quote:

Just a suggestion about this hack... it would be better to use the admin-configured session-lifetime rather than a fixed value of 300 seconds.


Yes thats right. Please, post the code, I don't know much about XOOPS core and I'm completely new with php.

(It took me an hour to know that I must use "$this->gc()" and not "gc()")

7
mvandam
Re: Session Bug Patch
  • 2003/12/11 1:03

  • mvandam

  • Quite a regular

  • Posts: 253

  • Since: 2003/2/7 2


I think you can just do the following:

Quote:

global $xoopsConfig;
$expiretime = $xoopsConfig['session_expire'] * 60;


This will give you the configured session lifetime, converted to seconds.

8
mondarse
Re: Session Bug Patch
  • 2003/12/11 7:29

  • mondarse

  • Just popping in

  • Posts: 96

  • Since: 2003/2/3 1


Thank you very much!!!

9
Anonymous
Re: Session Bug Patch
  • 2003/12/11 9:59

  • Anonymous

  • Posts: 0

  • Since:


So new version of the fix looks like this:

<?php
// $Id: session.php,v 1.2 2003/03/12 21:02:08 okazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
// <https://xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// You may not change or alter any portion of this comment or credits //
// of supporting developers from this source code or any supporting //
// source code which is considered copyrighted (c) material of the //
// original comment or credit authors. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------ //
// Author: Kazumi Ono (AKA onokazu) //
// URL: http://www.myweb.ne.jp/, https://xoops.org/, http://www.xoopscube.jp/ //
// Project: The XOOPS Project //
// ------------------------------------------------------------------------- //
/**
* @package kernel
*
* @author Kazumi Ono <onokazu@xoops.org>
* @copyright copyright (c) 2000-2003 XOOPS.org
*/


/**
* Handler for a session
* @package kernel
*
* @author Kazumi Ono <onokazu@xoops.org>
* @copyright copyright (c) 2000-2003 XOOPS.org
*/
class XoopsSessionHandler
{

/**
* Database connection
*
* @var object
* @access private
*/
var $db;

/**
* Constructor
*
* @param object &$mf reference to a XoopsManagerFactory
*
*/
function XoopsSessionHandler(&$db)
{
$this->db =& $db;
}

/**
* Open a session
*
* @param string $save_path
* @param string $session_name
*
* @return bool
*/
function open($save_path$session_name)
{
return 
true;
}

/**
* Close a session
*
* @return bool
*/
function close()
{
return 
true;
}

/**
* Read a session from the database
*
* @param string &sess_id ID of the session
*
* @return array Session data
*/
function read($sess_id)
{
$sql "SELECT sess_data FROM ".$this->db->prefix('session')." WHERE sess_id = '$sess_id'";
if (
false != $result $this->db->query($sql)) {
if (list(
$sess_data) = $this->db->fetchRow($result)) {
return 
$sess_data;
}
}
return 
'';
}

/**
* Write a session to the database
*
* @param string $sess_id
* @param string $sess_data
*
* @return bool
**/
function write($sess_id$sess_data)
{
global 
$HTTP_SERVER_VARS,[color=FF0000]$xoopsConfig;
$expiretime $xoopsConfig['session_expire'] * 60;
[/
color]
list(
$count) = $this->db->fetchRow($this->db->query("SELECT COUNT(*) FROM ".$this->db->prefix('session')." WHERE sess_id='".$sess_id."'"));
if ( 
$count ) {
$sql sprintf("UPDATE %s SET sess_updated = %u, sess_data = '%s' WHERE sess_id = '%s'"$this->db->prefix('session'), time(), $sess_data$sess_id);
} else {
$sql sprintf("INSERT INTO %s (sess_id, sess_updated, sess_ip, sess_data) VALUES ('%s', %u, '%s', '%s')"$this->db->prefix('session'), $sess_idtime(), $HTTP_SERVER_VARS['REMOTE_ADDR'], $sess_data);
}
if (!
$this->db->queryF($sql)) {
return 
false;
}
[
color=FF0000]
// MonDarse Hack//
$this->gc($expiretime);
// MonDarse Hack//
return true;
[/
color]
}

/**
* Destroy a session
*
* @param string $sess_id
*
* @return bool
**/
function destroy($sess_id)
{
[
color=FF0000]
global 
$xoopsConfig;
$expiretime $xoopsConfig['session_expire'] * 60;
[/
color]
$sql sprintf("DELETE FROM %s WHERE sess_id = '%s'"$this->db->prefix('session'), $sess_id);
if ( !
$result $this->db->queryF($sql) ) {
return 
false;
}
[
color=FF0000]
// MonDarse Hack//
$this->gc($expiretime);
// MonDarse Hack//
return true;
[/
color]
}

/**
* Garbage Collector
*
* @param int $expire Time in seconds until a session expires
**/
function gc($expire)
{
$mintime time() - intval($expire);
$sql sprintf("DELETE FROM %s WHERE sess_updated < %u"$this->db->prefix('session'), $mintime);
$this->db->queryF($sql);
}
}
?>


10
CBlue
Re: Session Bug Patch

Thanks Predator! I changed my kernel/session.php to your new code above.

Login

Who's Online

176 user(s) are online (116 user(s) are browsing Support Forums)


Members: 0


Guests: 176


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits