discourse-legacysite-perl/site/slowtwitch.com/cgi-bin/articles/GT/Session/SQL.pm

290 lines
9.5 KiB
Perl
Raw Normal View History

2024-06-17 11:49:12 +00:00
# ==================================================================
# Gossamer Threads Module Library - http://gossamer-threads.com/
#
# GT::Session::SQL
# Author: Alex Krohn
# CVS Info : 087,071,086,086,085
# $Id: SQL.pm,v 1.36 2006/07/25 04:27:50 brewt Exp $
#
# Copyright (c) 2004 Gossamer Threads Inc. All Rights Reserved.
# ==================================================================
#
# Description:
# A module for implementing session management in SQL.
# Note that it requires a table with the following columns:
# session_id - must be CHAR(32) BINARY
# session_user_id
# session_date - must be INT
# session_data
package GT::Session::SQL;
# ===============================================================
# Pragmas
use strict;
use vars qw(@ISA $VERSION $DEBUG $ATTRIBS $ERRORS $error $DIRECTORY);
# Internal nodules
use GT::Base ();
# Global variable init
@ISA = qw/GT::Base/;
$VERSION = sprintf "%d.%03d", q$Revision: 1.36 $ =~ /(\d+)\.(\d+)/;
$DEBUG = 0;
$ATTRIBS = {
info => {
session_date => undef,
session_data => undef,
session_id => undef,
session_user_id => undef
},
tb => undef,
_debug => $DEBUG,
expires => 4
};
$ERRORS = {
BADDATA => "Invalid data in session: '%s'. Reason: '%s'",
CLASSFUNC => "This is a class function only.",
INVALIDSESSION => "Invalid session id: '%s'.",
BADARGS => "Invalid arguments: %s"
};
sub new {
# ---------------------------------------------------------------
# Initilizes a session. Expects to find a session id to lookup, some
# data to save, or nothing. If no session is defined, then one will
# be generated. If an invalid session is specified, nothing is returned.
#
my $this = shift;
my $class = ref $this || $this;
my $self = bless {}, $class;
# Set defaults.
foreach (keys %$ATTRIBS) {
$self->{$_} = ref $ATTRIBS->{$_} eq 'HASH'
? {%{$ATTRIBS->{$_}}}
: $ATTRIBS->{$_};
}
# We got passed in a single session id.
if (@_ == 2) {
$self->{tb} = $_[1];
$self->load($_[0]) or return $self->error('INVALIDSESSION', 'WARN', $_[0]);
$self->{save} = 0;
return $self;
}
# We got passed some options, possibly a session id.
my $suggested;
if (@_ == 1 and ref $_[0] eq 'HASH') {
my $opts = $_[0];
foreach (keys %{$opts}) {
if (exists $self->{$_}) { $self->{$_} = $opts->{$_} }
elsif (exists $self->{info}->{$_}) { $self->{info}->{$_} = $opts->{$_} }
elsif ($_ eq 'suggested_sid') { $suggested = $opts->{$_}; }
}
}
exists($self->{tb}) or return $self->error("BADARGS", "FATAL", "Must pass in a table object");
# If we have an id, load it or return.
if ($self->{info}->{session_id}) {
$self->load($self->{info}->{session_id}) or return $self->error('INVALIDSESSION', 'WARN', $self->{info}->{session_id});
$self->{save} = 0;
}
else {
my $sid;
$sid = defined $suggested ? $suggested : generate_session_id();
while ($self->{tb}->count({ session_id => $sid }) > 0) {
$sid = generate_session_id();
}
$self->{info}->{session_id} = $sid;
$self->{save} = 1;
}
return $self;
}
DESTROY {
# ---------------------------------------------------------------
# Makes sure we save the session.
#
local $SIG{__WARN__};
my $self = shift;
$self->save() if $self->{save};
$self->debug("Object destroyed.") if $self->{_debug} and $self->{_debug} > 1;
}
sub data {
# ---------------------------------------------------------------
# Set/retrieve the data, make sure to set save to 1.
#
my $self = shift;
if (@_ >= 1) {
$self->{info}->{session_data} = shift;
$self->{save} = 1;
}
return $self->{info}->{session_data};
}
sub load {
# ---------------------------------------------------------------
# Loads a session id and data. Also updates the date if the
# session is valid
#
my ($self, $sid) = @_;
if (defined($sid) and $sid =~ /^\w{1,32}$/) {
my $sth = $self->{tb}->select({ session_id => $sid }) or return $self->error($GT::SQL::error);
my $ret = $sth->fetchrow_hashref;
if (!$sth->rows or !$ret) {
$self->debug("Attempted to load invalid or expired session: '$sid'.") if $self->{_debug};
return;
}
# For backwards compatibility - session_expires isn't a required column
# The only two instances where the date doesn't need to be checked is if
# expires is 0, or the session_expires column exists and it is 0
my $check_date = 1;
if (not $self->{expires} or (exists $ret->{session_expires} and not $ret->{session_expires})) {
$check_date = 0;
}
if ($check_date and $ret->{session_date} < time - $self->{expires} * 60 * 60) {
$self->debug("Attempted to load expired session: '$sid'.") if $self->{_debug};
return;
}
my $cp = {};
for (keys %{$self->{info}}) {
if ($_ eq 'session_data') {
if (defined $self->{info}->{session_data}) {
require GT::Dumper;
$cp->{session_data} = GT::Dumper->dump(
var => '',
compress => 1,
data => $self->{info}->{session_data},
);
}
}
else {
$cp->{$_} = $self->{info}->{$_};
}
}
if (exists $ret->{session_data}) {
my $ev = delete $ret->{session_data};
local ($@, $SIG{__DIE__});
$self->{info}->{session_data} = eval $ev;
$@ and return $self->error('BADDATA', 'FATAL', $sid, "$@");
}
for (keys %$ret) {
$self->{info}->{$_} = $ret->{$_};
$cp->{$_} = $ret->{$_} unless defined $cp->{$_};
}
$cp->{session_date} = time;
my $s = delete $cp->{session_id};
$self->{tb}->update($cp, { session_id => $s }) or return $self->error($GT::SQL::error);
}
else {
$self->debug("Attempted to load invalid, or blank session '" . (defined($sid) ? $sid : '[undefined]') . ".") if $self->{_debug};
return;
}
return 1;
}
sub save {
# ---------------------------------------------------------------
# Save a session id and data.
#
my $self = shift;
my $sid = $self->{info}->{session_id};
if ($sid =~ /^\w{1,32}$/ and (defined $self->{info}->{session_user_id} or defined $self->{info}->{session_data})) {
require GT::Dumper;
my $data = GT::Dumper->dump(
var => '',
data => $self->{info}->{session_data},
compress => 1 # Eliminates whitespace and changes => to , to shrink the dump
);
my $info = {%{$self->{info}}}; # Copy $self->{info}
$info->{session_data} = $data;
$info->{session_date} = time;
if ($self->{tb}->count({ session_id => $sid })) {
delete $info->{session_id};
# need to do an update instead of an insert because it already exists
$self->{tb}->update($info, { session_id => $sid }) or return $self->error($GT::SQL::error);
$self->debug("Changes to session '$sid' saved.") if $self->{_debug};
}
# It doesn't exist, so insert
else {
# For backwards compatibility - session_expires isn't a required column
if (exists $self->{tb}->cols->{session_expires}) {
$info->{session_expires} = $self->{expires} ? 1 : 0;
}
$self->{tb}->insert($info) or return $self->error($GT::SQL::error);
$self->debug("Session '$sid' created and saved.") if $self->{_debug};
}
$self->{save} = 0;
}
else {
$self->debug("Attempted to save invalid session '$sid'") if $self->{_debug};
}
}
sub delete {
# ---------------------------------------------------------------
# Delete a session.
#
my $self = shift;
my $sid = $self->{info}->{session_id};
if ($sid =~ /^\w{1,32}$/) {
$self->{tb}->delete({ session_id => $sid }) or return $self->error($GT::SQL::error);
$self->{info}->{session_id} = undef;
$self->{info}->{session_data} = undef;
$self->{save} = 0;
$self->debug("Session '$sid' deleted.") if $self->{_debug};
}
else {
$self->debug("Attempted to delete an invalid session '$sid'") if $self->{_debug};
return;
}
return 1;
}
sub cleanup {
# ---------------------------------------------------------------
# Method to cleanup sessions.
#
# Takes an optional arguments - the session timeout (in seconds).
# If omitted, $self->{expires} will be used for the timeout.
#
my $self = shift;
my $seconds;
$seconds = @_ ? shift : $self->{expires} * 60 * 60;
unless ($seconds) {
$self->debug("cleanup not deleting anything, seconds set to 0.") if $self->{_debug};
return;
}
my $cond = GT::SQL::Condition->new(session_date => '<' => time - $seconds);
# For backwards compatibility - session_expires isn't a required column
if (exists $self->{tb}->cols->{session_expires}) {
$cond->add(session_expires => '=' => 1);
}
$self->{tb}->delete($cond) or return $self->error($GT::SQL::error);
}
sub generate_session_id {
# ---------------------------------------------------------------
# Generates a session id.
#
require GT::MD5;
GT::MD5::md5_hex(rand(16000) . (time() ^ ($$ + ($$ << 15))) . $$);
}
1;