Keep track of php session ids of logged in users

Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>

Keep track of php session ids of logged in users
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
8108c052 · Richard Mansfield · 2ba0b65d · 8108c052 · 8108c052 · 8108c052
Commit 8108c052 authored Jun 03, 2010 by Richard Mansfield
5 changed files
--- a/htdocs/auth/lib.php
+++ b/htdocs/auth/lib.php
@@ -1517,6 +1517,8 @@ function auth_remove_old_session_files() {
    // here. In particular, -mtime +1 means files older than about two days 
    // will be removed
    exec('find ' . escapeshellarg(get_config('dataroot') . 'sessions') . ' -type f -mtime +1 | xargs -n 1000 -r rm');
+    // Throw away records of old login sessions. Should check whether any are still alive.
+    delete_records_select('usr_session', 'ctime < ?', array(db_format_timestamp(time() - 86400 * 30)));
 }

 /**

--- a/htdocs/auth/user.php
+++ b/htdocs/auth/user.php
@@ -996,6 +996,7 @@ class LiveUser extends User {

        // Unset session variables related to authentication
        $this->SESSION->set('authinstance', null);
+        delete_records('usr_session', 'session', $this->get('sessionid'));

        reset($this->defaults);
        foreach (array_keys($this->defaults) as $key) {
@@ -1064,6 +1065,7 @@ class LiveUser extends User {
        $this->reset_institutions();
        $this->reset_grouproles();
        $this->load_views();
+        $this->store_sessionid();

        $this->commit();

@@ -1184,5 +1186,16 @@ class LiveUser extends User {
            $THEME = new Theme($this->theme);
        }
    }
+
+    private function store_sessionid() {
+        $sessionid = $this->get('sessionid');
+        delete_records('usr_session', 'session', $sessionid);
+        insert_record('usr_session', (object) array(
+            'usr' => $this->get('id'),
+            'session' => $sessionid,
+            'ctime' => db_format_timestamp(time()),
+        ));
+    }
+
 }
 ?>
--- a/htdocs/lib/db/install.xml
+++ b/htdocs/lib/db/install.xml
@@ -147,6 +147,19 @@
                <KEY NAME="institution" TYPE="foreign" FIELDS="institution" REFTABLE="institution" REFFIELDS="name"/>
            </KEYS>
        </TABLE>
+        <TABLE NAME="usr_session">
+            <FIELDS>
+                <FIELD NAME="usr" TYPE="int" LENGTH="10" NOTNULL="true" />
+                <FIELD NAME="session" TYPE="char" LENGTH="255" NOTNULL="true" />
+                <FIELD NAME="ctime" TYPE="datetime" NOTNULL="true"/>
+            </FIELDS>
+            <KEYS>
+                <KEY NAME="primary" TYPE="primary" FIELDS="session" />
+            </KEYS>
+            <INDEXES>
+                <INDEX NAME="usrix" UNIQUE="false" FIELDS="usr"/>
+            </INDEXES>
+        </TABLE>
        <TABLE NAME="auth_remote_user">
            <FIELDS>
                <FIELD NAME="authinstance" TYPE="int" LENGTH="10" NOTNULL="true" />

--- a/htdocs/lib/db/upgrade.php
+++ b/htdocs/lib/db/upgrade.php
@@ -1749,5 +1749,16 @@ function xmldb_core_upgrade($oldversion=0) {
        set_config('showonlineuserssideblock', (int) (is_null($showusers) || $showusers));
    }

+    if ($oldversion < 2010060300) {
+        // Add table to associate users with php session ids
+        $table = new XMLDBTable('usr_session');
+        $table->addFieldInfo('usr', XMLDB_TYPE_INTEGER, 10, false, XMLDB_NOTNULL);
+        $table->addFieldInfo('session', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL);
+        $table->addFieldInfo('ctime', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
+        $table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('session'));
+        $table->addIndexInfo('usrix', XMLDB_INDEX_NOTUNIQUE, array('usr'));
+        create_table($table);
+    }
+
    return $status;
 }
--- a/htdocs/lib/version.php
+++ b/htdocs/lib/version.php
@@ -28,7 +28,7 @@
 defined('INTERNAL') || die();

 $config = new StdClass;
-$config->version = 2010052000;
+$config->version = 2010060300;
 $config->release = '1.3.0dev';
 $config->minupgradefrom = 2008040200;
 $config->minupgraderelease = '1.0.0 (release tag 1.0.0_RELEASE)';