1<?php
2
3require_once dirname(__FILE__).'/accesscheck.php';
4
5// try to set the configuration
6if (empty($GLOBALS['SessionTableName'])) {
7    return;
8}
9
10// only necessary on main pages, not in lt/dl etc
11if (basename($_SERVER['SCRIPT_NAME']) != 'index.php') {
12    return;
13}
14
15$SessionTableName = $GLOBALS['SessionTableName'];
16
17
18session_set_save_handler(
19	'mysql_session_open',
20	'mysql_session_close',
21	'mysql_session_read',
22	'mysql_session_write',
23	'mysql_session_destroy',
24	'mysql_session_gc'
25);
26
27if (!Sql_Table_exists($GLOBALS['SessionTableName'])) {
28    Sql_Create_Table($GLOBALS['SessionTableName'], array(
29        'sessionid'  => array('CHAR(32) NOT NULL PRIMARY KEY', ''),
30        'lastactive' => array('INTEGER NOT NULL', ''),
31        'data'       => array('LONGTEXT', ''),
32    ));
33}
34
35function mysql_session_open($save_path, $session_name)
36{
37    return true;
38}
39
40function mysql_session_close()
41{
42    return true;
43}
44
45function mysql_session_read($SessionID)
46{
47    //	dbg("Reading session info for $SessionID");
48    $SessionTableName = $GLOBALS['SessionTableName'];
49    $SessionID = addslashes($SessionID);
50
51    $session_data_req = sql_query("SELECT data FROM $SessionTableName WHERE sessionid = '$SessionID'");
52    if (Sql_Affected_Rows() == 1) {
53        $data = Sql_Fetch_Row($session_data_req);
54
55        return $data[0];
56    } else {
57        return '';
58    }
59}
60
61function mysql_session_write($SessionID, $val)
62{
63    //	dbg("writing session info for $SessionID");
64    $SessionTableName = $GLOBALS['SessionTableName'];
65    $SessionID = addslashes($SessionID);
66    $val = addslashes($val);
67
68    $SessionExists = sql_fetch_row_query("select count(*) from  $SessionTableName where sessionid = '$SessionID'");
69    if ($SessionExists[0] == 0) {
70        $retval = sql_query(sprintf('insert into %s (sessionid,lastactive,data) values("%s",UNIX_TIMESTAMP(NOW()),"%s")',
71            $SessionTableName, $SessionID, $val));
72    } else {
73        $retval = sql_query(sprintf('update %s SET data = "%s", lastactive = UNIX_TIMESTAMP(NOW()) where sessionid = "%s"',
74            $SessionTableName, $val, $SessionID));
75        if (sql_affected_rows() < 0) {
76            sendError("unable to update session data for session $SessionID");
77        }
78    }
79
80    return $retval;
81}
82
83function mysql_session_destroy($SessionID)
84{
85    $SessionTableName = $GLOBALS['SessionTableName'];
86    $SessionID = addslashes($SessionID);
87    $retval = sql_query("DELETE FROM $SessionTableName WHERE sessionid = '$SessionID'");
88
89    return $retval;
90}
91
92function mysql_session_gc($maxlifetime = 300)
93{
94    $SessionTableName = $GLOBALS['SessionTableName'];
95    $CutoffTime = time() - $maxlifetime;
96    $retval = sql_query("DELETE FROM $SessionTableName WHERE lastactive < $CutoffTime");
97
98    return $retval;
99}
100