search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
new approach to logging database access and upgraded adodb
[openemr.git] / library / adodb / session / old / adodb-cryptsession.php
blob992712be89fd8df240eaf43a0bde3178e85b7589
1 <?php
2 /*
3 V5.14 8 Sept 2011 (c) 2000-2011 John Lim (jlim#natsoft.com). All rights reserved.
4 Released under both BSD license and Lesser GPL library license.
5 Whenever there is any discrepancy between the two licenses,
6 the BSD license will take precedence.
7 Made table name configurable - by David Johnson djohnson@inpro.net
8 Encryption by Ari Kuorikoski <ari.kuorikoski@finebyte.com>
9
10 Set tabs to 4 for best viewing.
11
12 Latest version of ADODB is available at http://php.weblogs.com/adodb
13 ======================================================================
14
15 This file provides PHP4 session management using the ADODB database
16 wrapper library.
17
18 Example
19 =======
20
21 include('adodb.inc.php');
22 #---------------------------------#
23 include('adodb-cryptsession.php');
24 #---------------------------------#
25 session_start();
26 session_register('AVAR');
27 $_SESSION['AVAR'] += 1;
28 print "
29 -- \$_SESSION['AVAR']={$_SESSION['AVAR']}</p>";
30
31
32 Installation
33 ============
34 1. Create a new database in MySQL or Access "sessions" like
35 so:
36
37 create table sessions (
38 SESSKEY char(32) not null,
39 EXPIRY int(11) unsigned not null,
40 EXPIREREF varchar(64),
41 DATA CLOB,
42 primary key (sesskey)
43 );
44
45 2. Then define the following parameters. You can either modify
46 this file, or define them before this file is included:
47
48 $ADODB_SESSION_DRIVER='database driver, eg. mysql or ibase';
49 $ADODB_SESSION_CONNECT='server to connect to';
50 $ADODB_SESSION_USER ='user';
51 $ADODB_SESSION_PWD ='password';
52 $ADODB_SESSION_DB ='database';
53 $ADODB_SESSION_TBL = 'sessions'
54
55 3. Recommended is PHP 4.0.2 or later. There are documented
56 session bugs in earlier versions of PHP.
57
58 */
59
60
61 include_once('crypt.inc.php');
62
63 if (!defined('_ADODB_LAYER')) {
64 include (dirname(__FILE__).'/adodb.inc.php');
65 }
66
67 /* if database time and system time is difference is greater than this, then give warning */
68 define('ADODB_SESSION_SYNCH_SECS',60);
69
70 if (!defined('ADODB_SESSION')) {
71
72 define('ADODB_SESSION',1);
73
74 GLOBAL $ADODB_SESSION_CONNECT,
75 $ADODB_SESSION_DRIVER,
76 $ADODB_SESSION_USER,
77 $ADODB_SESSION_PWD,
78 $ADODB_SESSION_DB,
79 $ADODB_SESS_CONN,
80 $ADODB_SESS_LIFE,
81 $ADODB_SESS_DEBUG,
82 $ADODB_SESS_INSERT,
83 $ADODB_SESSION_EXPIRE_NOTIFY,
84 $ADODB_SESSION_TBL;
85
86 //$ADODB_SESS_DEBUG = true;
87
88 /* SET THE FOLLOWING PARAMETERS */
89 if (empty($ADODB_SESSION_DRIVER)) {
90 $ADODB_SESSION_DRIVER='mysql';
91 $ADODB_SESSION_CONNECT='localhost';
92 $ADODB_SESSION_USER ='root';
93 $ADODB_SESSION_PWD ='';
94 $ADODB_SESSION_DB ='xphplens_2';
95 }
96
97 if (empty($ADODB_SESSION_TBL)){
98 $ADODB_SESSION_TBL = 'sessions';
99 }
100
101 if (empty($ADODB_SESSION_EXPIRE_NOTIFY)) {
102 $ADODB_SESSION_EXPIRE_NOTIFY = false;
103 }
104
105 function ADODB_Session_Key()
106 {
107 $ADODB_CRYPT_KEY = 'CRYPTED ADODB SESSIONS ROCK!';
108
109 /* USE THIS FUNCTION TO CREATE THE ENCRYPTION KEY FOR CRYPTED SESSIONS */
110 /* Crypt the used key, $ADODB_CRYPT_KEY as key and session_ID as SALT */
111 return crypt($ADODB_CRYPT_KEY, session_ID());
112 }
113
114 $ADODB_SESS_LIFE = ini_get('session.gc_maxlifetime');
115 if ($ADODB_SESS_LIFE <= 1) {
116 // bug in PHP 4.0.3 pl 1 -- how about other versions?
117 //print "<h3>Session Error: PHP.INI setting <i>session.gc_maxlifetime</i>not set: $ADODB_SESS_LIFE</h3>";
118 $ADODB_SESS_LIFE=1440;
119 }
120
121 function adodb_sess_open($save_path, $session_name)
122 {
123 GLOBAL $ADODB_SESSION_CONNECT,
124 $ADODB_SESSION_DRIVER,
125 $ADODB_SESSION_USER,
126 $ADODB_SESSION_PWD,
127 $ADODB_SESSION_DB,
128 $ADODB_SESS_CONN,
129 $ADODB_SESS_DEBUG;
130
131 $ADODB_SESS_INSERT = false;
132
133 if (isset($ADODB_SESS_CONN)) return true;
134
135 $ADODB_SESS_CONN = ADONewConnection($ADODB_SESSION_DRIVER);
136 if (!empty($ADODB_SESS_DEBUG)) {
137 $ADODB_SESS_CONN->debug = true;
138 print" conn=$ADODB_SESSION_CONNECT user=$ADODB_SESSION_USER pwd=$ADODB_SESSION_PWD db=$ADODB_SESSION_DB ";
139 }
140 return $ADODB_SESS_CONN->PConnect($ADODB_SESSION_CONNECT,
141 $ADODB_SESSION_USER,$ADODB_SESSION_PWD,$ADODB_SESSION_DB);
142
143 }
144
145 function adodb_sess_close()
146 {
147 global $ADODB_SESS_CONN;
148
149 if ($ADODB_SESS_CONN) $ADODB_SESS_CONN->Close();
150 return true;
151 }
152
153 function adodb_sess_read($key)
154 {
155 $Crypt = new MD5Crypt;
156 global $ADODB_SESS_CONN,$ADODB_SESS_INSERT,$ADODB_SESSION_TBL;
157 $rs = $ADODB_SESS_CONN->Execute("SELECT data FROM $ADODB_SESSION_TBL WHERE sesskey = '$key' AND expiry >= " . time());
158 if ($rs) {
159 if ($rs->EOF) {
160 $ADODB_SESS_INSERT = true;
161 $v = '';
162 } else {
163 // Decrypt session data
164 $v = rawurldecode($Crypt->Decrypt(reset($rs->fields), ADODB_Session_Key()));
165 }
166 $rs->Close();
167 return $v;
168 }
169 else $ADODB_SESS_INSERT = true;
170
171 return '';
172 }
173
174 function adodb_sess_write($key, $val)
175 {
176 $Crypt = new MD5Crypt;
177 global $ADODB_SESS_INSERT,$ADODB_SESS_CONN, $ADODB_SESS_LIFE, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
178
179 $expiry = time() + $ADODB_SESS_LIFE;
180
181 // encrypt session data..
182 $val = $Crypt->Encrypt(rawurlencode($val), ADODB_Session_Key());
183
184 $arr = array('sesskey' => $key, 'expiry' => $expiry, 'data' => $val);
185 if ($ADODB_SESSION_EXPIRE_NOTIFY) {
186 $var = reset($ADODB_SESSION_EXPIRE_NOTIFY);
187 global $$var;
188 $arr['expireref'] = $$var;
189 }
190 $rs = $ADODB_SESS_CONN->Replace($ADODB_SESSION_TBL,
191 $arr,
192 'sesskey',$autoQuote = true);
193
194 if (!$rs) {
195 ADOConnection::outp( '
196 -- Session Replace: '.$ADODB_SESS_CONN->ErrorMsg().'</p>',false);
197 } else {
198 // bug in access driver (could be odbc?) means that info is not commited
199 // properly unless select statement executed in Win2000
200
201 if ($ADODB_SESS_CONN->databaseType == 'access') $rs = $ADODB_SESS_CONN->Execute("select sesskey from $ADODB_SESSION_TBL WHERE sesskey='$key'");
202 }
203 return isset($rs);
204 }
205
206 function adodb_sess_destroy($key)
207 {
208 global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY;
209
210 if ($ADODB_SESSION_EXPIRE_NOTIFY) {
211 reset($ADODB_SESSION_EXPIRE_NOTIFY);
212 $fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
213 $savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
214 $rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
215 $ADODB_SESS_CONN->SetFetchMode($savem);
216 if ($rs) {
217 $ADODB_SESS_CONN->BeginTrans();
218 while (!$rs->EOF) {
219 $ref = $rs->fields[0];
220 $key = $rs->fields[1];
221 $fn($ref,$key);
222 $del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
223 $rs->MoveNext();
224 }
225 $ADODB_SESS_CONN->CommitTrans();
226 }
227 } else {
228 $qry = "DELETE FROM $ADODB_SESSION_TBL WHERE sesskey = '$key'";
229 $rs = $ADODB_SESS_CONN->Execute($qry);
230 }
231 return $rs ? true : false;
232 }
233
234
235 function adodb_sess_gc($maxlifetime) {
236 global $ADODB_SESS_CONN, $ADODB_SESSION_TBL,$ADODB_SESSION_EXPIRE_NOTIFY,$ADODB_SESS_DEBUG;
237
238 if ($ADODB_SESSION_EXPIRE_NOTIFY) {
239 reset($ADODB_SESSION_EXPIRE_NOTIFY);
240 $fn = next($ADODB_SESSION_EXPIRE_NOTIFY);
241 $savem = $ADODB_SESS_CONN->SetFetchMode(ADODB_FETCH_NUM);
242 $t = time();
243 $rs = $ADODB_SESS_CONN->Execute("SELECT expireref,sesskey FROM $ADODB_SESSION_TBL WHERE expiry < $t");
244 $ADODB_SESS_CONN->SetFetchMode($savem);
245 if ($rs) {
246 $ADODB_SESS_CONN->BeginTrans();
247 while (!$rs->EOF) {
248 $ref = $rs->fields[0];
249 $key = $rs->fields[1];
250 $fn($ref,$key);
251 //$del = $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE sesskey='$key'");
252 $rs->MoveNext();
253 }
254 $rs->Close();
255
256 $ADODB_SESS_CONN->Execute("DELETE FROM $ADODB_SESSION_TBL WHERE expiry < $t");
257 $ADODB_SESS_CONN->CommitTrans();
258 }
259 } else {
260 $qry = "DELETE FROM $ADODB_SESSION_TBL WHERE expiry < " . time();
261 $ADODB_SESS_CONN->Execute($qry);
262 }
263
264 // suggested by Cameron, "GaM3R" <gamr@outworld.cx>
265 if (defined('ADODB_SESSION_OPTIMIZE'))
266 {
267 global $ADODB_SESSION_DRIVER;
268
269 switch( $ADODB_SESSION_DRIVER ) {
270 case 'mysql':
271 case 'mysqlt':
272 $opt_qry = 'OPTIMIZE TABLE '.$ADODB_SESSION_TBL;
273 break;
274 case 'postgresql':
275 case 'postgresql7':
276 $opt_qry = 'VACUUM '.$ADODB_SESSION_TBL;
277 break;
278 }
279 }
280
281 if ($ADODB_SESS_CONN->dataProvider === 'oci8') $sql = 'select TO_CHAR('.($ADODB_SESS_CONN->sysTimeStamp).', \'RRRR-MM-DD HH24:MI:SS\') from '. $ADODB_SESSION_TBL;
282 else $sql = 'select '.$ADODB_SESS_CONN->sysTimeStamp.' from '. $ADODB_SESSION_TBL;
283
284 $rs = $ADODB_SESS_CONN->SelectLimit($sql,1);
285 if ($rs && !$rs->EOF) {
286
287 $dbts = reset($rs->fields);
288 $rs->Close();
289 $dbt = $ADODB_SESS_CONN->UnixTimeStamp($dbts);
290 $t = time();
291 if (abs($dbt - $t) >= ADODB_SESSION_SYNCH_SECS) {
292 $msg =
293 __FILE__.": Server time for webserver {$_SERVER['HTTP_HOST']} not in synch with database: database=$dbt ($dbts), webserver=$t (diff=".(abs($dbt-$t)/3600)." hrs)";
294 error_log($msg);
295 if ($ADODB_SESS_DEBUG) ADOConnection::outp("
296 -- $msg</p>");
297 }
298 }
299
300 return true;
301 }
302
303 session_module_name('user');
304 session_set_save_handler(
305 "adodb_sess_open",
306 "adodb_sess_close",
307 "adodb_sess_read",
308 "adodb_sess_write",
309 "adodb_sess_destroy",
310 "adodb_sess_gc");
311 }
312
313 /* TEST SCRIPT -- UNCOMMENT */
314 /*
315 if (0) {
316
317 session_start();
318 session_register('AVAR');
319 $_SESSION['AVAR'] += 1;
320 print "
321 -- \$_SESSION['AVAR']={$_SESSION['AVAR']}</p>";
322 }
323 */
324 ?>
Mirror of official OpenEMR Sourceforge repository