diff options
| author | Andrew Dolgov <[email protected]> | 2017-06-28 12:32:48 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2017-06-28 12:32:48 +0300 |
| commit | 9f4927825bb5efeefdff9a2aac05c5b3200f5ef6 (patch) | |
| tree | f7782cb57127c68bfd5c67fb0d90c725eb8f0e68 /sessions.php | |
| parent | 4496d4a5e1f3ddb5fd0b3a0315f12c207e7c9041 (diff) | |
move to internal user management because it's impossible to implement
proper transparent offline mode with http auth (worker is incapable of
authenticating properly)
MIGRATION:
1. disable HTTP authentication (this is important!)
2. add two new tables to db/scratch.db (sessions & users)
3. create users via useradm.php (same names and passwords, previous data
is kept)
Diffstat (limited to 'sessions.php')
| -rw-r--r-- | sessions.php | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/sessions.php b/sessions.php new file mode 100644 index 0000000..9a90ad4 --- /dev/null +++ b/sessions.php @@ -0,0 +1,68 @@ +<?php + require_once "config.php"; + require_once "db.php"; + + define('SESSION_LIFETIME', 365 * 86400); + + ini_set("session.name", "epube_sid"); + ini_set("session.use_only_cookies", true); + ini_set("session.gc_maxlifetime", SESSION_LIFETIME); + ini_set("session.cookie_lifetime", SESSION_LIFETIME); + + if (@$_SERVER['HTTPS'] == "on") { + ini_set("session.cookie_secure", true); + } + + session_set_cookie_params(SESSION_LIFETIME); + + function s_open ($s, $n) { + return true; + } + + function s_read ($id){ + $res = Db::get()->query("SELECT data FROM epube_sessions WHERE id='$id'"); + + if ($line = $res->fetchArray(SQLITE3_ASSOC)) { + return base64_decode($line["data"]); + } else { + $expire = time() + SESSION_LIFETIME; + + Db::get()->query("INSERT INTO epube_sessions (id, data, expire) + VALUES ('$id', '', '$expire')"); + } + + } + + function s_write ($id, $data) { + $data = base64_encode($data); + $expire = time() + SESSION_LIFETIME; + + Db::get()->query("UPDATE epube_sessions SET data = '$data', expire = '$expire' WHERE id = '$id'"); + + return true; + } + + function s_close () { + return true; + } + + function s_destroy($id) { + Db::get()->query("DELETE FROM epube_sessions WHERE id = '$id'"); + + return true; + } + + function s_gc ($expire) { + Db::get()->query("DELETE FROM epube_sessions WHERE expire < " . time()); + + return true; + } + session_set_save_handler("s_open", + "s_close", "s_read", "s_write", + "s_destroy", "s_gc"); + + register_shutdown_function('session_write_close'); + + session_start(); + +?> |