From 2e14d18a13a9910a4f2f622879f99a9120f59530 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Oct 2020 14:49:44 -0400 Subject: [PATCH 1/8] add Sessions table --- db/zm_create.sql.in | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index a0ab83c80..40e5840db 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -1024,6 +1024,13 @@ INSERT INTO MontageLayouts (`Name`,`Positions`) VALUES ('3 Wide', '{ "default":{ INSERT INTO MontageLayouts (`Name`,`Positions`) VALUES ('4 Wide', '{ "default":{"float":"left", "width":"24.5%","left":"0px","right":"0px","top":"0px","bottom":"0px"} }' ); INSERT INTO MontageLayouts (`Name`,`Positions`) VALUES ('5 Wide', '{ "default":{"float":"left", "width":"19%","left":"0px","right":"0px","top":"0px","bottom":"0px"} }' ); +CREATE TABLE Sessions ( + id char(32) not null, + access INT(10) UNSIGNED DEFAULT NULL, + data text, + PRIMARY KEY(id) +) ENGINE=InnoDB; + -- We generally don't alter triggers, we drop and re-create them, so let's keep them in a separate file that we can just source in update scripts. source @PKGDATADIR@/db/triggers.sql -- From 3e668b43cf13c7b1f3d9d6e71a0532fbd9bc031e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Oct 2020 14:49:59 -0400 Subject: [PATCH 2/8] add Sessions table --- db/zm_update-1.35.9.sql | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 db/zm_update-1.35.9.sql diff --git a/db/zm_update-1.35.9.sql b/db/zm_update-1.35.9.sql new file mode 100644 index 000000000..b5f807225 --- /dev/null +++ b/db/zm_update-1.35.9.sql @@ -0,0 +1,21 @@ +-- +-- This adds Sessions Table +-- + +SET @s = (SELECT IF( + (SELECT COUNT(*) + FROM INFORMATION_SCHEMA.TABLES + WHERE table_name = 'Sessions' + AND table_schema = DATABASE() + ) > 0, + "SELECT 'Sessions table exists'", + "CREATE TABLE Sessions ( + id char(32) not null, + access INT(10) UNSIGNED DEFAULT NULL, + data text, + PRIMARY KEY(id) +) ENGINE=InnoDB;" + )); + +PREPARE stmt FROM @s; +EXECUTE stmt; From 5d20dde85c37e02a5eb363b8dbf55ed3f0ceba51 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Oct 2020 14:50:22 -0400 Subject: [PATCH 3/8] Implement a Session class that takes over session functions and stores in the database --- web/includes/session.php | 67 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/web/includes/session.php b/web/includes/session.php index 47f85d877..5c4b9afce 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -87,4 +87,71 @@ function zm_session_clear() { session_write_close(); session_start(); } // function zm_session_clear() + + +class Session { + private $db; + public function __construct() { + global $dbConn; + $this->db = $dbConn; + + // Set handler to overide SESSION + session_set_save_handler( + array($this, '_open'), + array($this, '_close'), + array($this, '_read'), + array($this, '_write'), + array($this, '_destroy'), + array($this, '_gc') + ); + + // Start the session + //zm_session_start(); + } + public function _open() { + return $this->db ? true : false; + } + public function _close(){ + // The example code closed the db connection.. I don't think we care to. + return true; + } + public function _read($id){ + ZM\Logger::Debug("read session" . ($this->db ? true : false)); + $sth = $this->db->prepare('SELECT data FROM Sessions WHERE id = :id'); + $sth->bindParam(':id', $id, PDO::PARAM_STR, 32); + + if ( $sth->execute() and ( $row = $sth->fetch(PDO::FETCH_ASSOC) ) ) { + ZM\Logger::Debug("row: " . print_r($row,true)); + return $row['data']; + } + // Return an empty string + return ''; + } + public function _write($id, $data){ + // Create time stamp + $access = time(); + + $sth = $this->db->prepare('REPLACE INTO Sessions VALUES (:id, :access, :data)'); + + $sth->bindParam(':id', $id, PDO::PARAM_STR, 32); + $sth->bindParam(':access', $access, PDO::PARAM_INT); + $sth->bindParam(':data', $data); + + return $sth->execute() ? true : false; + } + public function _destroy($id) { + $sth = $this->db->prepare('DELETE FROM Sessions WHERE Id = :id'); + $sth->bindParam(':id', $id, PDO::PARAM_STR, 32); + return $sth->execute() ? true : false; + } + public function _gc($max) { + // Calculate what is to be deemed old + $old = time() - $max; + $sth = $this->db->prepare('DELETE * FROM Sessions WHERE access < :old'); + $sth->bindParam(':old', $old, PDO::PARAM_INT); + return $sth->execute() ? true : false; + } +} # end class Session + +$session = new Session; ?> From 23f2c1468fadad7f7f7ecfbae478e948a37ebbe9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Oct 2020 15:21:58 -0400 Subject: [PATCH 4/8] rough in a table of the logged in users --- web/ajax/modals/logout.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/web/ajax/modals/logout.php b/web/ajax/modals/logout.php index 565e80cc2..418a5fa31 100644 --- a/web/ajax/modals/logout.php +++ b/web/ajax/modals/logout.php @@ -30,6 +30,28 @@ global $CLANG;