290 lines
9.5 KiB
Perl
290 lines
9.5 KiB
Perl
|
# ==================================================================
|
||
|
# Gossamer Threads Module Library - http://gossamer-threads.com/
|
||
|
#
|
||
|
# GT::Session::SQL
|
||
|
# Author: Alex Krohn
|
||
|
# CVS Info : 087,071,086,086,085
|
||
|
# $Id: SQL.pm,v 1.36 2006/07/25 04:27:50 brewt Exp $
|
||
|
#
|
||
|
# Copyright (c) 2004 Gossamer Threads Inc. All Rights Reserved.
|
||
|
# ==================================================================
|
||
|
#
|
||
|
# Description:
|
||
|
# A module for implementing session management in SQL.
|
||
|
# Note that it requires a table with the following columns:
|
||
|
# session_id - must be CHAR(32) BINARY
|
||
|
# session_user_id
|
||
|
# session_date - must be INT
|
||
|
# session_data
|
||
|
|
||
|
package GT::Session::SQL;
|
||
|
# ===============================================================
|
||
|
# Pragmas
|
||
|
use strict;
|
||
|
use vars qw(@ISA $VERSION $DEBUG $ATTRIBS $ERRORS $error $DIRECTORY);
|
||
|
|
||
|
# Internal nodules
|
||
|
use GT::Base ();
|
||
|
|
||
|
# Global variable init
|
||
|
@ISA = qw/GT::Base/;
|
||
|
$VERSION = sprintf "%d.%03d", q$Revision: 1.36 $ =~ /(\d+)\.(\d+)/;
|
||
|
$DEBUG = 0;
|
||
|
|
||
|
$ATTRIBS = {
|
||
|
info => {
|
||
|
session_date => undef,
|
||
|
session_data => undef,
|
||
|
session_id => undef,
|
||
|
session_user_id => undef
|
||
|
},
|
||
|
tb => undef,
|
||
|
_debug => $DEBUG,
|
||
|
expires => 4
|
||
|
};
|
||
|
|
||
|
$ERRORS = {
|
||
|
BADDATA => "Invalid data in session: '%s'. Reason: '%s'",
|
||
|
CLASSFUNC => "This is a class function only.",
|
||
|
INVALIDSESSION => "Invalid session id: '%s'.",
|
||
|
BADARGS => "Invalid arguments: %s"
|
||
|
};
|
||
|
|
||
|
sub new {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Initilizes a session. Expects to find a session id to lookup, some
|
||
|
# data to save, or nothing. If no session is defined, then one will
|
||
|
# be generated. If an invalid session is specified, nothing is returned.
|
||
|
#
|
||
|
my $this = shift;
|
||
|
my $class = ref $this || $this;
|
||
|
my $self = bless {}, $class;
|
||
|
|
||
|
# Set defaults.
|
||
|
foreach (keys %$ATTRIBS) {
|
||
|
$self->{$_} = ref $ATTRIBS->{$_} eq 'HASH'
|
||
|
? {%{$ATTRIBS->{$_}}}
|
||
|
: $ATTRIBS->{$_};
|
||
|
}
|
||
|
|
||
|
# We got passed in a single session id.
|
||
|
if (@_ == 2) {
|
||
|
$self->{tb} = $_[1];
|
||
|
$self->load($_[0]) or return $self->error('INVALIDSESSION', 'WARN', $_[0]);
|
||
|
$self->{save} = 0;
|
||
|
return $self;
|
||
|
}
|
||
|
|
||
|
# We got passed some options, possibly a session id.
|
||
|
my $suggested;
|
||
|
if (@_ == 1 and ref $_[0] eq 'HASH') {
|
||
|
my $opts = $_[0];
|
||
|
foreach (keys %{$opts}) {
|
||
|
if (exists $self->{$_}) { $self->{$_} = $opts->{$_} }
|
||
|
elsif (exists $self->{info}->{$_}) { $self->{info}->{$_} = $opts->{$_} }
|
||
|
elsif ($_ eq 'suggested_sid') { $suggested = $opts->{$_}; }
|
||
|
}
|
||
|
}
|
||
|
|
||
|
exists($self->{tb}) or return $self->error("BADARGS", "FATAL", "Must pass in a table object");
|
||
|
|
||
|
# If we have an id, load it or return.
|
||
|
if ($self->{info}->{session_id}) {
|
||
|
$self->load($self->{info}->{session_id}) or return $self->error('INVALIDSESSION', 'WARN', $self->{info}->{session_id});
|
||
|
$self->{save} = 0;
|
||
|
}
|
||
|
else {
|
||
|
my $sid;
|
||
|
$sid = defined $suggested ? $suggested : generate_session_id();
|
||
|
while ($self->{tb}->count({ session_id => $sid }) > 0) {
|
||
|
$sid = generate_session_id();
|
||
|
}
|
||
|
$self->{info}->{session_id} = $sid;
|
||
|
$self->{save} = 1;
|
||
|
}
|
||
|
|
||
|
return $self;
|
||
|
}
|
||
|
|
||
|
DESTROY {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Makes sure we save the session.
|
||
|
#
|
||
|
local $SIG{__WARN__};
|
||
|
my $self = shift;
|
||
|
$self->save() if $self->{save};
|
||
|
$self->debug("Object destroyed.") if $self->{_debug} and $self->{_debug} > 1;
|
||
|
}
|
||
|
|
||
|
sub data {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Set/retrieve the data, make sure to set save to 1.
|
||
|
#
|
||
|
my $self = shift;
|
||
|
if (@_ >= 1) {
|
||
|
$self->{info}->{session_data} = shift;
|
||
|
$self->{save} = 1;
|
||
|
}
|
||
|
return $self->{info}->{session_data};
|
||
|
}
|
||
|
|
||
|
sub load {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Loads a session id and data. Also updates the date if the
|
||
|
# session is valid
|
||
|
#
|
||
|
my ($self, $sid) = @_;
|
||
|
if (defined($sid) and $sid =~ /^\w{1,32}$/) {
|
||
|
my $sth = $self->{tb}->select({ session_id => $sid }) or return $self->error($GT::SQL::error);
|
||
|
my $ret = $sth->fetchrow_hashref;
|
||
|
if (!$sth->rows or !$ret) {
|
||
|
$self->debug("Attempted to load invalid or expired session: '$sid'.") if $self->{_debug};
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
# For backwards compatibility - session_expires isn't a required column
|
||
|
# The only two instances where the date doesn't need to be checked is if
|
||
|
# expires is 0, or the session_expires column exists and it is 0
|
||
|
my $check_date = 1;
|
||
|
if (not $self->{expires} or (exists $ret->{session_expires} and not $ret->{session_expires})) {
|
||
|
$check_date = 0;
|
||
|
}
|
||
|
if ($check_date and $ret->{session_date} < time - $self->{expires} * 60 * 60) {
|
||
|
$self->debug("Attempted to load expired session: '$sid'.") if $self->{_debug};
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
my $cp = {};
|
||
|
for (keys %{$self->{info}}) {
|
||
|
if ($_ eq 'session_data') {
|
||
|
if (defined $self->{info}->{session_data}) {
|
||
|
require GT::Dumper;
|
||
|
$cp->{session_data} = GT::Dumper->dump(
|
||
|
var => '',
|
||
|
compress => 1,
|
||
|
data => $self->{info}->{session_data},
|
||
|
);
|
||
|
}
|
||
|
}
|
||
|
else {
|
||
|
$cp->{$_} = $self->{info}->{$_};
|
||
|
}
|
||
|
}
|
||
|
if (exists $ret->{session_data}) {
|
||
|
my $ev = delete $ret->{session_data};
|
||
|
local ($@, $SIG{__DIE__});
|
||
|
$self->{info}->{session_data} = eval $ev;
|
||
|
$@ and return $self->error('BADDATA', 'FATAL', $sid, "$@");
|
||
|
}
|
||
|
for (keys %$ret) {
|
||
|
$self->{info}->{$_} = $ret->{$_};
|
||
|
$cp->{$_} = $ret->{$_} unless defined $cp->{$_};
|
||
|
}
|
||
|
$cp->{session_date} = time;
|
||
|
my $s = delete $cp->{session_id};
|
||
|
$self->{tb}->update($cp, { session_id => $s }) or return $self->error($GT::SQL::error);
|
||
|
}
|
||
|
else {
|
||
|
$self->debug("Attempted to load invalid, or blank session '" . (defined($sid) ? $sid : '[undefined]') . ".") if $self->{_debug};
|
||
|
return;
|
||
|
}
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
sub save {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Save a session id and data.
|
||
|
#
|
||
|
my $self = shift;
|
||
|
my $sid = $self->{info}->{session_id};
|
||
|
|
||
|
if ($sid =~ /^\w{1,32}$/ and (defined $self->{info}->{session_user_id} or defined $self->{info}->{session_data})) {
|
||
|
require GT::Dumper;
|
||
|
my $data = GT::Dumper->dump(
|
||
|
var => '',
|
||
|
data => $self->{info}->{session_data},
|
||
|
compress => 1 # Eliminates whitespace and changes => to , to shrink the dump
|
||
|
);
|
||
|
my $info = {%{$self->{info}}}; # Copy $self->{info}
|
||
|
$info->{session_data} = $data;
|
||
|
$info->{session_date} = time;
|
||
|
if ($self->{tb}->count({ session_id => $sid })) {
|
||
|
delete $info->{session_id};
|
||
|
# need to do an update instead of an insert because it already exists
|
||
|
$self->{tb}->update($info, { session_id => $sid }) or return $self->error($GT::SQL::error);
|
||
|
$self->debug("Changes to session '$sid' saved.") if $self->{_debug};
|
||
|
}
|
||
|
# It doesn't exist, so insert
|
||
|
else {
|
||
|
# For backwards compatibility - session_expires isn't a required column
|
||
|
if (exists $self->{tb}->cols->{session_expires}) {
|
||
|
$info->{session_expires} = $self->{expires} ? 1 : 0;
|
||
|
}
|
||
|
$self->{tb}->insert($info) or return $self->error($GT::SQL::error);
|
||
|
$self->debug("Session '$sid' created and saved.") if $self->{_debug};
|
||
|
}
|
||
|
$self->{save} = 0;
|
||
|
}
|
||
|
else {
|
||
|
$self->debug("Attempted to save invalid session '$sid'") if $self->{_debug};
|
||
|
}
|
||
|
}
|
||
|
|
||
|
sub delete {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Delete a session.
|
||
|
#
|
||
|
my $self = shift;
|
||
|
my $sid = $self->{info}->{session_id};
|
||
|
|
||
|
if ($sid =~ /^\w{1,32}$/) {
|
||
|
$self->{tb}->delete({ session_id => $sid }) or return $self->error($GT::SQL::error);
|
||
|
|
||
|
$self->{info}->{session_id} = undef;
|
||
|
$self->{info}->{session_data} = undef;
|
||
|
$self->{save} = 0;
|
||
|
$self->debug("Session '$sid' deleted.") if $self->{_debug};
|
||
|
}
|
||
|
else {
|
||
|
$self->debug("Attempted to delete an invalid session '$sid'") if $self->{_debug};
|
||
|
return;
|
||
|
}
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
sub cleanup {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Method to cleanup sessions.
|
||
|
#
|
||
|
# Takes an optional arguments - the session timeout (in seconds).
|
||
|
# If omitted, $self->{expires} will be used for the timeout.
|
||
|
#
|
||
|
my $self = shift;
|
||
|
|
||
|
my $seconds;
|
||
|
$seconds = @_ ? shift : $self->{expires} * 60 * 60;
|
||
|
|
||
|
unless ($seconds) {
|
||
|
$self->debug("cleanup not deleting anything, seconds set to 0.") if $self->{_debug};
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
my $cond = GT::SQL::Condition->new(session_date => '<' => time - $seconds);
|
||
|
# For backwards compatibility - session_expires isn't a required column
|
||
|
if (exists $self->{tb}->cols->{session_expires}) {
|
||
|
$cond->add(session_expires => '=' => 1);
|
||
|
}
|
||
|
|
||
|
$self->{tb}->delete($cond) or return $self->error($GT::SQL::error);
|
||
|
}
|
||
|
|
||
|
sub generate_session_id {
|
||
|
# ---------------------------------------------------------------
|
||
|
# Generates a session id.
|
||
|
#
|
||
|
require GT::MD5;
|
||
|
GT::MD5::md5_hex(rand(16000) . (time() ^ ($$ + ($$ << 15))) . $$);
|
||
|
}
|
||
|
|
||
|
1;
|