Re: Session Bug Patch [Xoops 2.0 Bug Report] - XOOPS Web Application System

11

Re: Session Bug Patch

2004/1/13 7:58
sklic
Just popping in
Posts: 1
Since: 2004/1/13

I ran into the same problem, as well as the problem that when I login as a Member, the Anonymous version of me still stays in the who's online, so I end up with multiple copies of my IP address in the who's online "more..." window. I changed the session.php file as follows and it seems to have fixed all these problems. It makes the online module track a user based on not only uid but also ip address. That way Anonymous users are automatically replaced when a user logs in from that IP addy, and visa versa. I'm not sure what this will do if multiple computers use the same IP address, such as some NAT/firewall instance. But here was my fix for kernel/online.php:

Quote:

function write($uid, $uname, $time, $module, $ip)
{
$uid = intval($uid);
$sql = "SELECT COUNT(*) FROM ".$this->db->prefix('online')." WHERE online_ip='".$ip."'";
//if ($uid > 0) {
// $sql = "SELECT COUNT(*) FROM ".$this->db->prefix('online')." WHERE online_uid=".$uid;
//} else {
// $sql = "SELECT COUNT(*) FROM ".$this->db->prefix('online')." WHERE online_uid=".$uid." AND online_ip='".$ip."'";
//}
list($count) = $this->db->fetchRow($this->db->queryF($sql));
if ( $count > 0 ) {
$sql = "UPDATE ".$this->db->prefix('online')." SET online_uid=".$uid.", online_uname='".$uname."', online_updated=".$time.", online_module = ".$module." WHERE online_ip = '".$ip."'";
//$sql = "UPDATE ".$this->db->prefix('online')." SET online_updated=".$time.", online_module = ".$module." WHERE online_uid = ".$uid;
//if ($uid == 0) {
// $sql .= "AND online_ip='".$ip."'";
//}
} else {
$sql = sprintf("INSERT INTO %s (online_uid, online_uname, online_updated, online_ip, online_module) VALUES (%u, %s, %u, %s, %u)", $this->db->prefix('online'), $uid, $this->db->quoteString($uname), $time, $this->db->quoteString($ip), $module);
}
if (!$this->db->queryF($sql)) {
return false;
}
return true;
}

I'm sure the professionals can find a cleaner way to do this, and one that incorporates firewall issues. I think the Who's Online section definitely needs some of this kind of work considering how many problems have been posting regarding problems with it.

12

Re: Session Bug Patch

2004/1/21 1:59
pcracer
Just popping in
Posts: 31
Since: 2003/10/23

What I've noticed too is the popup only shows those @ the main page [news] & no others sections ever show. Knowing that my users are posting in the forums, viewing pics in MyAlbum or browsing MyDownloads.

Using the latest greatest 2.0.5.2

Is it possible in the next release to add the old 'last seen' part back into this module? I really miss that & currently use the hack version also, just for this purpose but it doesn't include the members/guest/more part, the code is there just doesn't seem to work...or @ least the version I have doesn't.

13

Re: Session Bug Patch

2004/2/19 0:12
Brad
Not too shy to talk
Posts: 150
Since: 2003/12/4

Am I safe to assume that this hack is no longer needed in XOOPS 2.0.6?

Brad

14

Re: Session Bug Patch

2004/2/25 13:31
Brad
Not too shy to talk
Posts: 150
Since: 2003/12/4

<bump>

15

Re: Session Bug Patch

2004/2/27 23:55
brash
Friend of XOOPS
Posts: 2206
Since: 2003/4/10

I'd say not. I'm running 2.0.6, and I just came to this thread looking for the accuracy hack again as my php-stats program is showing 2 people online, and the who's online block is showing 16.

*edit*

Loks like kernel/session.php has been updated as the hack included in this thread was for version 1.2, and the version of kernel/session.php included with XOOPS 2.0.6 is 1.3.

Anyone care to update the accuracy hack to work with 2.0.6?

16

Re: Session Bug Patch

2004/3/2 4:23
Brad
Not too shy to talk
Posts: 150
Since: 2003/12/4

For XOOPS v2.0.6 the changes are as follows (in red):


<?php

// $Id: session.php,v 1.3 2004/01/02 19:15:13 okazu Exp $

//  ------------------------------------------------------------------------ //

//                XOOPS - PHP Content Management System                      //

//                    Copyright (c) 2000 XOOPS.org                           //

//                       <https://xoops.org/>                             //

//  ------------------------------------------------------------------------ //

//  This program is free software; you can redistribute it and/or modify     //

//  it under the terms of the GNU General Public License as published by     //

//  the Free Software Foundation; either version 2 of the License, or        //

//  (at your option) any later version.                                      //

//                                                                           //

//  You may not change or alter any portion of this comment or credits       //

//  of supporting developers from this source code or any supporting         //

//  source code which is considered copyrighted (c) material of the          //

//  original comment or credit authors.                                      //

//                                                                           //

//  This program is distributed in the hope that it will be useful,          //

//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //

//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //

//  GNU General Public License for more details.                             //

//                                                                           //

//  You should have received a copy of the GNU General Public License        //

//  along with this program; if not, write to the Free Software              //

//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //

//  ------------------------------------------------------------------------ //

// Author: Kazumi Ono (AKA onokazu)                                          //

// URL: http://www.myweb.ne.jp/, https://xoops.org/, http://www.xoopscube.jp/ //

// Project: The XOOPS Project                                                //

// ------------------------------------------------------------------------- //

/**

 * @package     kernel

 * 

 * @author        Kazumi Ono    <onokazu@xoops.org>

 * @copyright    copyright (c) 2000-2003 XOOPS.org

 */





/**

 * Handler for a session

 * @package     kernel

 * 

 * @author        Kazumi Ono    <onokazu@xoops.org>

 * @copyright    copyright (c) 2000-2003 XOOPS.org

 */

class XoopsSessionHandler

{



    /**

     * Database connection

     * 

     * @var    object

     * @access    private

     */

    var $db;



    /**

     * Constructor

     * 

     * @param    object  &$mf    reference to a XoopsManagerFactory

     * 

     */

    function XoopsSessionHandler(&$db)

    {

        $this->db =& $db;

    }



    /**

     * Open a session

     * 

     * @param    string  $save_path

     * @param    string  $session_name

     * 

     * @return    bool

     */

    function open($save_path, $session_name)

    {

        return true;

    }



    /**

     * Close a session

     * 

     * @return    bool

     */

    function close()

    {

        return true;

    }



    /**

     * Read a session from the database

     * 

     * @param    string  &sess_id    ID of the session

     * 

     * @return    array   Session data

     */

    function read($sess_id)

    {

        $sql = sprintf('SELECT sess_data FROM %s WHERE sess_id = %s', $this->db->prefix('session'), $this->db->quoteString($sess_id));

        if (false != $result = $this->db->query($sql)) {

            if (list($sess_data) = $this->db->fetchRow($result)) {

                return $sess_data;

            }

        }

        return '';

    }



    /**

     * Write a session to the database

     * 

     * @param   string  $sess_id

     * @param   string  $sess_data

     * 

     * @return  bool    

     **/

    function write($sess_id, $sess_data)

    {

[color=cc0000][b]        global $xoopsConfig;

        

        $expiretime = $xoopsConfig['session_expire'] * 60;[/color][/b]



        $sess_id = $this->db->quoteString($sess_id);

        list($count) = $this->db->fetchRow($this->db->query("SELECT COUNT(*) FROM ".$this->db->prefix('session')." WHERE sess_id=".$sess_id));

        if ( $count > 0 ) {

            $sql = sprintf('UPDATE %s SET sess_updated = %u, sess_data = %s WHERE sess_id = %s', $this->db->prefix('session'), time(), $this->db->quoteString($sess_data), $sess_id);



        } else {

            $sql = sprintf('INSERT INTO %s (sess_id, sess_updated, sess_ip, sess_data) VALUES (%s, %u, %s, %s)', $this->db->prefix('session'), $sess_id, time(), $this->db->quoteString($_SERVER['REMOTE_ADDR']), $this->db->quoteString($sess_data));

        }

        if (!$this->db->queryF($sql)) {

            return false;

        }



[color=cc0000][b]        // MonDarse Hack//

        $this->gc($expiretime);

        // MonDarse Hack//[/color][/b]

        

        return true;

    }



    /**

     * Destroy a session

     * 

     * @param   string  $sess_id

     * 

     * @return  bool

     **/

    function destroy($sess_id)

    {

[color=cc0000][b]        global $xoopsConfig;

        

        $expiretime = $xoopsConfig['session_expire'] * 60;[/color][/b]



        $sql = sprintf('DELETE FROM %s WHERE sess_id = %s', $this->db->prefix('session'), $this->db->quoteString($sess_id));

        if ( !$result = $this->db->queryF($sql) ) {

            return false;

        }



[color=cc0000][b]        // MonDarse Hack//

        $this->gc($expiretime);

        // MonDarse Hack//[/color][/b]



        return true;

    }



    /**

     * Garbage Collector

     * 

     * @param   int $expire Time in seconds until a session expires

     * @return  bool

     **/

    function gc($expire)

    {

        $mintime = time() - intval($expire);

        $sql = sprintf('DELETE FROM %s WHERE sess_updated < %u', $this->db->prefix('session'), $mintime);

        return $this->db->queryF($sql);

    }

}

?>

17

Re: Session Bug Patch

2004/3/2 7:28
mondarse
Just popping in
Posts: 96
Since: 2003/2/3 1

Thank you BPJones,
I'm not a php coder, so it is hard to me to find any bug, and I would be not very easy to find a new bug without making a new step by step search.

MonDarSE

(Sorry for my english

)

18

Re: Session Bug Patch

2004/3/2 15:25
Brad
Not too shy to talk
Posts: 150
Since: 2003/12/4

I'm not a PHP coder either. However, I do have a number of years of other programming experience and that helps.

Having said that, I didn't have to use any of my programming experience to make the changes I did. All I did was review the diff file between 2.0.5.2 and 2.0.6 for session.php to see what changes were actually made and then I applied the code you and Predator provided in the same spots that it was in 2.0.5.x. Just some of the signposts were missing.

19

Re: Session Bug Patch

2004/3/26 15:29
brash
Friend of XOOPS
Posts: 2206
Since: 2003/4/10

Nice one Brad. Just implemented it, we'll see how it goes. Do you increase the accuracy (and server load) by just replacing 60 with a lower number?

20

Re: Session Bug Patch

2004/3/26 17:15
Brad
Not too shy to talk
Posts: 150
Since: 2003/12/4

Nope. I increased the accuracy at my site by making the change shown in .\modules\system\blocks\system_blocks.php as shown in the following code snippet:


function b_system_online_show()

{

    global $xoopsConfig, $xoopsUser, $xoopsModule, $HTTP_SERVER_VARS;

    $online_handler =& xoops_gethandler('online');

    mt_srand((double)microtime()*1000000);

    // set gc probabillity to 10% for now..

    if (mt_rand(1, 100) < 11) {

        [color=cc0000][d]$online_handler->gc(300);[/d]

        $online_handler->gc(60);[/color]

    }

    if (is_object($xoopsUser)) {

        $uid = $xoopsUser->getVar('uid');

        $uname = $xoopsUser->getVar('uname');

    } else {

        $uid = 0;

        $uname = '';

    }

The change I made means that at least 10% of the time, the "who's online" block will be accurate up to within 1 minute.

Keep in mind that I haven't done much testing on the change I've made. Just some quick testing before I moved on to other things. Also, the site that I made the change for isn't yet operational so the change hasn't gotten a lot of real-world testing.

Brad

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Re: Session Bug Patch

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}