[eluser]starbbs[/eluser]
Code:
function __sessionVarNames($name){
if (is_string($name)){
if (strpos($name, ".")){
$names = explode(".", $name);
}else{
$names = array($name);
}
$expression = "\$_SESSION";
foreach($names as $item){
$expression .= is_numeric($item) ? "[$item]" : "['$item']";
}
return $expression;
}
$this->__setError(3, "$name is not a string");
return false;
}
function checkSessionVar($name){
$expression = "return isset(" . $this->__sessionVarNames($name) . ");";
return eval($expression);
}
function returnSessionVars(){
if (!empty($_SESSION)){
$result = eval("return \$_SESSION;");
return $result;
}
$this->__setError(2, "No Session vars set");
return false;
}
function destroyInvalid(){
$sessionpath = session_save_path();
$cookiename = $this->CI->config->item('sess_cookie_name');
if (empty($sessionpath)){
$sessionpath = "/tmp";
}
if (isset($_COOKIE[session_name()])){
setcookie($cookiename, '', time() - 42000, $this->path);
}
$file = $sessionpath . '/' . "sess_" . session_id();
@session_destroy();
@unlink ($file);
$this->__construct();
$this->renew();
}
function getError($errorNumber){
if (!is_array($this->error) || !array_key_exists($errorNumber, $this->error)){
return false;
}else{
return $this->error[$errorNumber];
}
}
function getLastError(){
if ($this->lastError){
return $this->getError($this->lastError);
}else{
return false;
}
}
function __setError($errorNumber, $errorMessage){
if ($this->error === false){
$this->error = array();
}
$this->error[$errorNumber] = $errorMessage;
$this->lastError = $errorNumber;
}
function __checkValid(){
if ($this->readSessionVar("Config")){
if ($this->userAgent == $this->readSessionVar("Config.userAgent") && $this->time <= $this->readSessionVar("Config.time")){
$this->writeSessionVar("Config.time", $this->sessionTime);
$this->valid = true;
}else{
$this->valid = false;
$this->__setError(1, "Session Highjacking Attempted !!!");
$this->destroyInvalid();
}
}else{
srand ((double)microtime() * 1000000);
$this->writeSessionVar('Config.rand', rand());
$this->writeSessionVar("Config.time", $this->sessionTime);
$this->writeSessionVar("Config.userAgent", $this->userAgent);
$this->writeSessionVar("Config.ip_address", $this->ip_address);
$this->writeSessionVar("schoolnaam", 'test naampje');
$this->valid = true;
$this->userdata = array('session_id' => md5(uniqid(session_id(), true)),
'ip_address' => $this->CI->input->ip_address(),
'user_agent' => substr($this->CI->input->user_agent(), 0, 50),
'last_activity' => $this->now);
$this->CI->db->query($this->CI->db->insert_string('ci_sessions', $this->userdata));
$this->userdata['last_visit'] = 0;
$this->__setError(1, "Session is valid");
}
}
function __open(){
return true;
}
function __close(){
return true;
}
/**
* Get the number of online users
*
* @return integer number of users currently online
*/
function get_all_users_online(){
// counts the rows from the database
$result = mysql_fetch_assoc(mysql_query("SELECT COUNT(session_id) as count FROM ci_sessions"));
// return the number of found rows
return $result["count"];
}
/**
* Custom gc() function (garbage collector)
*
* @access private
*/
function __gc(){
srand(time());
if ((rand() % 100) < get_cfg_var('session.gc_probability')){
$expire = $this->now - $this->sessionlength;
$this->CI->db->where("last_activity < {$expire}");
$this->CI->db->delete($this->session_table);
log_message('debug', 'Session garbage collection performed.');
}
$expiry_time = time() - $this->sessionTime;
log_message('debug', "SESSION DB -> The garbage collector was launched $expiry_time");
$CI = & get_instance();
// it deletes expired sessions from database
$CI->db->query("DELETE FROM ci_sessions WHERE expires <= $expiry_time");
}
function __read ($id){
$allData = array();
$hasData = false;
$result = false;
log_message('debug', "Trying to read $id from SESSION DB");
$this->CI->db->select('val');
$this->CI->db->from($this->tablename);
$this->CI->db->where('id', $id);
$result = $this->CI->db->get($this->tablename);
$frecords = $result->num_rows();
if($frecords > 1){
$hasData = ($frecords > 1) ? true : false;
$allData[] = $result->result_array();
log_message('debug', "Succesfully found $frecords in the SESSION db for $id");
}
if ($hasData){
log_message('debug', "It seems that 'hasData' var was set to true because it found records in the session db");
return $allData[$id];
}else{
log_message('debug', "No data has been found in de SESSION db for $id");
return '';
}
}
// continue next page
