I have the following fragment of code that i can not get working as expected. Essentially, its for persistant sessions. A cookie is put on a users pc with some other info and it keeps you logged in. Sessions are killed off if the user doesn't login for a long time.
This appears to work fine on my test server, and used to work on my old server, but after a server move, it appears to no longer work. I can't fathom why.
on_session_write had a problem where it thought the db object no longer existed, so i recreated an object in that function. However, the data is now not read from the database, so even though i successfully login, when i click through to another page on my site it logs me back out again.
Below is my session code in a functions.php page
// ---------------
// The following functions handle sessions
// ---------------
function on_session_start($save_path, $session_name) {
on_session_gc();
}
function on_session_end() {
// Nothing needs to be done in this function
// since we used persistent connection.
}
function on_session_read($key) {
global $db,$cookie_expire;
$current_time = time();
$expiry_time = $current_time+$cookie_expire;
if ($_SESSION['username'] == 'Anonymous') $expiry_time = time() + 60;
// SQL
$sql = "SELECT session_data
FROM sessions
WHERE session_id ='$key'";
// Query
if ( !($result = $db->sql_query($sql)) )
{
db_die();
}
if ( $db->sql_numrows($result))
{
$row = $db->sql_fetchrow($result);
return $row['session_data'];
} else {
return $result;
}
}
function on_session_write($key, $val) {
global $db;
global $cookie_expire,$user_ip,$lang;
$val = addslashes($val);
$current_time = time();
$expiry_time = $current_time+$cookie_expire;
// SQL
$insert_stmt = "insert into sessions values('$key', ";
$insert_stmt .= "'$val','$ip','" . $expiry_time . "')";
$update_stmt = "update sessions set session_data ='$val', ";
$update_stmt .= "session_expiration = '" . $expiry_time . "', ";
$update_stmt .= "ip = '" . $user_ip . "'";
$update_stmt .= "where session_id ='$key'";
// ------------------
// First we try to insert, if that doesn't succeed, it means
// session is already in the table and we try to update
// ------------------
require_once($lang['scriptpath'] . '/config.php');
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
$db->db_connect_id;
// Query
if ( !($result = $db->sql_query($insert_stmt)) )
{
// Query
$db->sql_query($update_stmt);
}
}
function on_session_destroy($key) {
global $db,$cookie_expire;
$db->sql_query("DELETE FROM sessions WHERE session_id = '$key'");
}
function on_session_gc($max_lifetime = 0)
{
global $db,$cookie_expire;
$time = time(); // Current time
$guest = ($cookie_expire + $time - 3600); // Fix so guests are removed after an hour, not cookie expire time
$db->sql_query("DELETE FROM sessions WHERE session_expiration < '" . $time ."' OR (session_data LIKE 'username|s:9:\"Anonymous\"%' AND session_expiration < '". $guest ."')");
}
// This sets up the session
function sessionstart()
{
global $lang,$cookie_expire,$disabled;
session_set_save_handler("on_session_start", "on_session_end",
"on_session_read", "on_session_write",
"on_session_destroy", "on_session_gc");
// Cookie Handling
if(isset($_COOKIE['SIDdeaddonkeycom'])){
// Resume Session
session_id($_COOKIE['SIDdeaddonkeycom']);
}
session_start();
// Cookie Handling
if(!isset($_COOKIE['SIDdeaddonkeycom'])){
// Save SessionID to a cookie
setcookie('SIDdeaddonkeycom', session_id(), time()+$cookie_expire);;
}
session_register("username");
session_register("password");
session_register("user_id");
session_register("logged_in");
session_register("mod");
session_register("admin");
session_register("style");
auth();
//bancheck();
}
In my header creation, if the agent is not a bot sessionstart is called to startup the session.
I don't understand why this isn't working anymore, anyone?
Thank you