SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Location
    KSA
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Sessions vs Cookie

    Please , look this class not working , What is the problem ?

    I'm not knowing what is cause ?

    Database
    PHP Code:
     CREATE TABLE `session` (                                                                                                                                                                                                                                                        
             `
    session_idvarchar(32NOT NULL default '',                                                                                                                                                                                                                                 
             `
    session_user_idmediumint(8NOT NULL default '0',                                                                                                                                                                                                                         
             `
    session_lastactionint(11NOT NULL default '0',                                                                                                                                                                                                                             
             `
    session_ipvarchar(15NOT NULL default '',                                                                                                                                                                                                                                 
             
    PRIMARY KEY (`session_id`)                                                                                                                                                                                                                                                    
             
    TYPE=MyISAM 
    CREATE TABLE 
    `sessionvars` (                                                                                                                                                                             
                 `
    session_idvarchar(32NOT NULL default '',                                                                                                                                                            
                 `
    sessionvars_namevarchar(30NOT NULL default '',                                                                                                                                                     
                 `
    sessionvars_valuetext,                                                                                                                                                                                
                 
    PRIMARY KEY (`session_id`)                                                                                                                                                                             
                 
    TYPE=MyISAM 
    CREATE TABLE 
    `users` (                                                                                                                                                                                                                                                                                                                                                                                             
             `
    user_idint(12NOT NULL auto_increment,                                                                                                                                                                                                                                                                                                                                                                         
             `
    user_levelsmallint(5NOT NULL default '-1',                                                                                                                                                                                                                                                                                                                                                                     
             `
    user_namevarchar(255NOT NULL default '',                                                                                                                                                                                                                                                                                                                                                                     
             `
    user_passwordvarchar(255NOT NULL default '',                                                                                                                                                                                                                                                                                                                                                                 
             `
    user_emailvarchar(255NOT NULL default '',                                                                                                                                                                                                                                                                                                                                                                     
             `
    user_lastactionint(12NOT NULL default '0',                                                                                                                                                                                                                                                                                                                                                                     
             `
    user_lastvisitint(12NOT NULL default '0',                                                                                                                                                                                                                                                                                                                                                                     
             
    PRIMARY KEY (`user_id`)                                                                                                                                                                                                                                                                                                                                                                                            
             
    TYPE=MyISAM 
    file global.php
    PHP Code:
     <?php
    $dbHostname 
    "localhost";
    $dbUsername "root";
    $dbPassword "root";
    $dbName "session";
    // User levels
    define('GUEST', -1);
    define('USER_AWAITING'1);
    define('USER'2);
    define('ADMIN'9);
    //Table
    define('SESSIONS_TABLE''session');
    define('USERS_TABLE''users');
    define('SESSIONVARS_TABLE''sessionvars');
    $session_info = array();
    $user_info = array();
    include(
    'db_mysql.php');
    $site_db = new Db($dbHostname,$dbUsername,$dbPassword,$dbName);
    require(
    'sessions.php');
    ?>
    file session.php
    PHP Code:
     <?php
    // Start Configuration
    define('SESSION_NAME''session_id');
    $user_table_fields = array(
    "user_id" => "user_id",
    "user_level" => "user_level",
    "user_name" => "user_name",
    "user_password" => "user_password",
    "user_email" => "user_email",
    "user_lastaction" => "user_lastaction",
    "user_lastvisit" => "user_lastvisit"
    );
    // End Configuration
    function get_user_table_field($add$user_field) {
    global 
    $user_table_fields;
    return (!empty(
    $user_table_fields[$user_field])) ? $add.$user_table_fields[$user_field] : "";
    }
    class 
    Session {
    var 
    $session_id;
    var 
    $user_ip;
    var 
    $current_time;
    var 
    $session_timeout;
    var 
    $mode "get";
    var 
    $session_info = array();
    var 
    $user_info = array();
    function 
    Session() {
        
    $this->session_timeout 15 60;
        
    $this->user_ip $this->get_user_ip();
        
    $this->current_time time();
        
    $this->demand_session();
    }
    function 
    set_cookie_data($name$value$permanent 1) {
        
    $cookie_expire = ($permanent) ? $this->current_time 60 60 24 365 0;
        
    $cookie_name COOKIE_NAME.$name;
        
    setcookie($cookie_name$value$cookie_expireCOOKIE_PATHCOOKIE_DOMAINCOOKIE_SECURE);
    }
    function 
    read_cookie_data($name) {
        global 
    $HTTP_COOKIE_VARS;
        
    $cookie_name COOKIE_NAME.$name;
        return (isset(
    $HTTP_COOKIE_VARS[$cookie_name])) ? $HTTP_COOKIE_VARS[$cookie_name] : false;
    }
    function 
    get_session_id() {
        global 
    $HTTP_GET_VARS$HTTP_POST_VARS;
        if (
    $this->session_id $this->read_cookie_data("sid")) {
         
    $this->mode "cookie";
        }
        else {
         if (isset(
    $HTTP_GET_VARS[SESSION_NAME])) {
            
    $this->session_id $HTTP_GET_VARS[SESSION_NAME];
         }
         elseif (isset(
    $HTTP_POST_VARS[SESSION_NAME])) {
            
    $this->session_id $HTTP_POST_VARS[SESSION_NAME];
         }
         else {
            
    $this->session_id false;
         }
        }
    }
    function 
    demand_session() {
        
    $this->get_session_id();
        if (!
    $this->load_session_info()) {
         
    $this->delete_old_sessions();
         
    $user_id = ($this->read_cookie_data("userid")) ? $this->read_cookie_data("userid") : GUEST;
         
    $this->start_session($user_id);
        }
        else {
         
    $this->user_info $this->load_user_info($this->session_info['session_user_id']);
         
    $update_cutoff = ($this->user_info['user_id'] != GUEST) ? $this->current_time $this->user_info['user_lastaction'] : $this->current_time $this->session_info['session_lastaction'];
         if (
    $update_cutoff 60) {
            
    $this->update_session();
            
    $this->delete_old_sessions();
         }
        }
    }
    function 
    start_session($user_id GUEST$login_process 0) {
        global 
    $site_db;
        
    $this->user_info $this->load_user_info($user_id);
        if (
    $this->user_info['user_id'] != GUEST && !$login_process) {
         if (
    $this->read_cookie_data("userpass") == $this->user_info['user_password'] && $this->user_info['user_level'] > USER_AWAITING) {
            
    $this->set_cookie_data("userpass"$this->user_info['user_password']);
         }
         else {
            
    $this->set_cookie_data("userpass"""0);
            
    $this->user_info $this->load_user_info(GUEST);
         }
        }
        
    $this->session_id $this->generate_session_id();
        
    $sql "INSERT INTO ".SESSIONS_TABLE.
                (session_id, session_user_id, session_lastaction, session_ip) 
                VALUES 
                ('
    $this->session_id', ".$this->user_info['user_id'].", $this->current_time, '$this->user_ip')";
        
    $site_db->query($sql);
        
    $this->session_info['session_user_id'] = $this->user_info['user_id'];
        
    $this->session_info['session_lastaction'] = $this->current_time;
        
    $this->session_info['session_ip'] = $this->user_ip;
        if (
    $this->user_info['user_id'] != GUEST) {
         
    $this->user_info['user_lastvisit'] = (!empty($this->user_info['user_lastaction'])) ? $this->user_info['user_lastaction'] : $this->current_time;
         
    $sql "UPDATE ".USERS_TABLE.
                 SET "
    .get_user_table_field("""user_lastaction")." = $this->current_time, ".get_user_table_field("""user_lastvisit")." = ".$this->user_info['user_lastvisit'].
                 WHERE "
    .get_user_table_field("""user_id")." = ".$this->user_info['user_id'];
         
    $site_db->query($sql);
        }
        
    $this->set_cookie_data("sid"$this->session_id0);
        
    $this->set_cookie_data("lastvisit"$this->user_info['user_lastvisit']);
        
    $this->set_cookie_data("userid"$this->user_info['user_id']);
        return 
    true;
    }
    function 
    login($user_name ""$user_password ""$auto_login 0$set_auto_login 1) {
        global 
    $site_db$user_table_fields;
        if (empty(
    $user_name) || empty($user_password)) {
         return 
    false;
        }
        
    $sql "SELECT ".get_user_table_field("""user_id").get_user_table_field(", ""user_level").get_user_table_field(", ""user_name").get_user_table_field(", ""user_password").get_user_table_field(", ""user_lastaction").
                FROM "
    .USERS_TABLE.
                WHERE "
    .get_user_table_field("""user_name")." = '$user_name' AND ".get_user_table_field("""user_level")." <> ".USER_AWAITING;
        
    $row $site_db->query_firstrow($sql);
     
        
    $user_id = (isset($row[$user_table_fields['user_id']])) ? $row[$user_table_fields['user_id']] : GUEST;
        
    $user_password md5($user_password);
        if (
    $user_id != GUEST) {
         if (
    $row[$user_table_fields['user_password']] == $user_password) { 
            
    $ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" "";
            
    $sql "DELETE FROM ".SESSIONS_TABLE.
                    WHERE session_id = '
    $this->session_id'";
            
    $site_db->query($sql);
            if (
    $set_auto_login) {
             
    $this->set_cookie_data("userpass", ($auto_login) ? $user_password "");
            }
            
    $this->start_session($user_id1);
            return 
    true;
         }
        }
        return 
    false;
    }
    function 
    logout($user_id) {
        global 
    $site_db;
        
    $sql "DELETE FROM ".SESSIONS_TABLE.
                WHERE session_id = '
    $this->session_id' OR session_user_id = $user_id";
        
    $site_db->query($sql);
        
    $this->set_cookie_data("userpass"""0);
        
    $this->set_cookie_data("userid"GUEST);
        return 
    true;
    }
    function 
    delete_old_sessions() {
        global 
    $site_db;
        
    $expiry_time $this->current_time $this->session_timeout;
        
    $sql "DELETE FROM ".SESSIONS_TABLE.
                WHERE session_lastaction < 
    $expiry_time";
        
    $site_db->query($sql);
        
    $sql "SELECT session_id 
                FROM "
    .SESSIONS_TABLE;
        
    $result $site_db->query($sql);
        if (
    $result) {
         
    $session_ids_sql "";
         while (
    $row $site_db->fetch_array($result)) {
            
    $session_ids_sql .= (($session_ids_sql != "") ? ", " "") . "'".$row['session_id']."'";
         }
        }
        if (!empty(
    $session_ids_sql)) {
         
    $sql "DELETE FROM ".SESSIONVARS_TABLE.
                 WHERE session_id NOT IN (
    $session_ids_sql)";
         
    $site_db->query($sql);
        }
        return 
    true;
    }
    function 
    update_session() {
        global 
    $site_db;
        
    $ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" "";
        
    $sql "UPDATE ".SESSIONS_TABLE.
                SET session_lastaction = 
    $this->current_time 
                WHERE session_id = '
    $this->session_id
                
    $ip_sql";
        
    $site_db->query($sql);
        if (
    $this->user_info['user_id'] != GUEST) {
         
    $sql "UPDATE ".USERS_TABLE.
                 SET "
    .get_user_table_field("""user_lastaction")." = $this->current_time
                 WHERE "
    .get_user_table_field("""user_id")." = ".$this->user_info['user_id'];
         
    $site_db->query($sql);
        }
        return;
    }
    function 
    generate_session_id() {
        global 
    $site_db;
        
    $sid md5(uniqid(microtime()));
        
    $i 0;
        while (
    $i == 0) {
         
    $sql "SELECT session_id 
                 FROM "
    .SESSIONS_TABLE.
                 WHERE session_id = '
    $sid'";
         if (
    $site_db->is_empty($sql)) {
            
    $i 1;
         }
         else {
            
    $i 0;
            
    $sid md5(uniqid(microtime()));
         }
        }
        return 
    $sid;
    }
    function 
    return_session_info() {
        return 
    $this->session_info;
    }
    function 
    return_user_info() {
        return 
    $this->user_info;
    }
     
    function 
    freeze() {
        return;
    }
    function 
    load_session_info() {
        global 
    $site_db;
        if (!
    $this->session_id) {
         return 
    false;
        }
        
    $ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" "";
        
    $this->session_info = array();
        
    $sql "SELECT session_id, session_lastaction, session_ip, session_user_id 
                FROM "
    .SESSIONS_TABLE.
                WHERE session_id = '
    $this->session_id'
                
    $ip_sql";
        
    $this->session_info $site_db->query_firstrow($sql);
        if (!isset(
    $this->session_info['session_user_id'])) {
         return 
    false;
        }
        else {
         
    $sql "SELECT sessionvars_name, sessionvars_value 
                 FROM "
    .SESSIONVARS_TABLE.
                 WHERE session_id = '
    $this->session_id'";
         
    $result $site_db->query($sql);
         while (
    $row $site_db->fetch_array($result)) {
            
    $this->session_info[$row['sessionvars_name']] = $row['sessionvars_value'];
         }
         return 
    $this->session_info;
        }
    }
    function 
    load_user_info($user_id GUEST) {
        global 
    $site_db$user_table_fields;
        if (
    $user_id != GUEST) {
         
    $sql "SELECT *
                 FROM "
    .USERS_TABLE."
                 WHERE "
    .get_user_table_field("""user_id")." ="$user_id";
         
    $user_info = $site_db->query_firstrow($sql);
         if (!
    $user_info) {
            
    $sql = "SELECT 
                    
    FROM ".USERS_TABLE." 
                    
    WHERE ".get_user_table_field("", "user_id")." =". $user_id";
            
    $user_info $site_db->query_firstrow($sql);
         }
        }
        if (empty(
    $user_info[$user_table_fields['user_id']])) {
         
    $user_info = array();
         
    $user_info['user_id'] = GUEST;
         
    $user_info['user_level'] = GUEST;
         
    $user_info['user_lastaction'] = $this->current_time;
         
    $user_info['user_lastvisit'] = ($this->read_cookie_data("lastvisit")) ? $this->read_cookie_data("lastvisit") : $this->current_time;
        }
        foreach (
    $user_table_fields as $key => $val) {
         if (isset(
    $user_info[$val])) {
            
    $user_info[$key] = $user_info[$val];
         }
         elseif (!isset(
    $user_info[$key])) {
            
    $user_info[$key] = "";
         }
        }
        return 
    $user_info;
    }
    function 
    set_session_var($var_name$value) {
        global 
    $site_db;
        
    $sql "SELECT session_id 
                FROM "
    .SESSIONVARS_TABLE.
                WHERE sessionvars_name = '
    $var_name' AND session_id = '$this->session_id'";
        if (
    $site_db->is_empty($sql)) {
         
    $sql "INSERT INTO ".SESSIONVARS_TABLE.
                 (session_id, sessionvars_name, sessionvars_value) 
                 VALUES 
                 ('
    $this->session_id', '$var_name', '$value')";
         
    $site_db->query($sql);
        }
        else {
         
    $sql "UPDATE ".SESSIONVARS_TABLE.
                 SET sessionvars_value = '
    $value
                 WHERE sessionvars_name = '
    $var_name' AND session_id = '$this->session_id'";
         
    $site_db->query($sql);
        }
        
    $this->session_info[$var_name] = $value;
        return 
    true;
    }
    function 
    get_session_var($var_name) {
        global 
    $site_db;
        if (isset(
    $this->session_info[$var_name])) {
         return 
    $this->session_info[$var_name];
        }
        else {
         
    $sql "SELECT sessionvars_value 
                 FROM "
    .SESSIONVARS_TABLE.
                 WHERE sessionvars_name = '
    $var_name' AND session_id = '$this->session_id'";
         
    $value $site_db->query_firstrow($sql);
         if (
    $value) {
            
    $this->session_info[$var_name] = $value['sessionvars_value'];
            return 
    $value['sessionvars_value'];
         }
         else {
            return 
    "";
         }
        }
    }
    function 
    drop_session_var($var_name) {
        global 
    $site_db;
        
    $sql "DELETE FROM ".SESSIONVARS_TABLE.
                WHERE sessionvars_name = '
    $var_name' AND session_id = '$this->session_id'";
        return (
    $site_db->query($sql)) ? 0;
    }
    function 
    get_user_ip() {
        global 
    $HTTP_SERVER_VARS$HTTP_ENV_VARS;
        
    $ip = (!empty($HTTP_SERVER_VARS['REMOTE_ADDR'])) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ((!empty($HTTP_ENV_VARS['REMOTE_ADDR'])) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv("REMOTE_ADDR"));
        
    $ip preg_replace("/[^\.0-9]+/"""$ip);
        return 
    substr($ip050);
    }
    //end of class
    //-----------------------------------------------------
    //--- Start Session -----------------------------------
    //-----------------------------------------------------
    define('COOKIE_NAME''writer_');
    define('COOKIE_PATH''/');
    define('COOKIE_DOMAIN''');
    define('COOKIE_SECURE''0');
    $site_sess = new Session();
    // Get Userinfo
    $session_info $site_sess->return_session_info();
    $user_info $site_sess->return_user_info();
    ?>
    Last edited by KSA; May 22, 2004 at 22:30.

  2. #2
    SitePoint Wizard Dangermouse's Avatar
    Join Date
    Oct 2003
    Posts
    1,024
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    With that amount of code youre going to have to give us a bit more detail than 'not working'. Do you get any error messages, what is it you wanted it to do, what is it doing instead etc? (Looks like you need to sort out your quotes by the colour of that code)

  3. #3
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Location
    KSA
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm not get any error messages

    This would example :
    PHP Code:
     <?php
    include('global.php');
    $username trim($_POST['userlog']);
    $password trim($_POST['passlog']);
    if(
    $site_sess->login($username$password)) {
    print 
    "<a href='page2.php'>Next Page</a>";
    }else{
    print 
    "ERROR";
    }
    ?>
    Here the problem , no include
    PHP Code:
     $site_sess->login($username$password

  4. #4
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Location
    KSA
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Please help me .

  5. #5
    &lt;!-- Insert thoughts here --&gt; pitcher17's Avatar
    Join Date
    Apr 2004
    Location
    The great white north
    Posts
    293
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    function load_user_info($user_id = GUEST) {
        global $site_db, $user_table_fields;
        if ($user_id != GUEST) {
         $sql = "SELECT *
                 FROM ".USERS_TABLE."
                 WHERE ".get_user_table_field("", "user_id")." = $user_id;
    As mentioned already, your quotes are messed up. Check out this part and the other half of this if statement. You are missing some quotation marks.
    The more time I save by not planning and documenting,
    the more time I have left to debug.


  6. #6
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Location
    KSA
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry ..

    Now Working

    Thank you


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •