Update of /cvsroot/mantisbt/mantisbt/core/adodb/session
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24639/adodb/session
Added Files:
adodb-compress-bzip2.php adodb-compress-gzip.php
adodb-cryptsession.php adodb-encrypt-mcrypt.php
adodb-encrypt-md5.php adodb-encrypt-secret.php adodb-sess.txt
adodb-session-clob.php adodb-session.php
adodb-sessions.mysql.sql adodb-sessions.oracle.clob.sql
adodb-sessions.oracle.sql crypt.inc.php
Log Message:
ADODB upgrade
--- NEW FILE: adodb-session.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
/*
You may want to rename the 'data' field to 'session_data' as
'data' appears to be a reserved word for one or more of the following:
ANSI SQL
IBM DB2
MS SQL Server
Postgres
SAP
If you do, then execute:
ADODB_Session::dataFieldName('session_data');
*/
if (!defined('_ADODB_LAYER')) {
require_once realpath(dirname(__FILE__) . '/../adodb.inc.php');
}
if (defined('ADODB_SESSION')) return 1;
define('ADODB_SESSION', dirname(__FILE__));
/*!
\static
*/
class ADODB_Session {
/////////////////////
// getter/setter methods
/////////////////////
/*!
*/
function driver($driver = null) {
static $_driver = 'mysql';
static $set = false;
if (!is_null($driver)) {
$_driver = trim($driver);
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_DRIVER'])) {
return $GLOBALS['ADODB_SESSION_DRIVER'];
}
}
return $_driver;
}
/*!
*/
function host($host = null) {
static $_host = 'localhost';
static $set = false;
if (!is_null($host)) {
$_host = trim($host);
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_CONNECT'])) {
return $GLOBALS['ADODB_SESSION_CONNECT'];
}
}
return $_host;
}
/*!
*/
function user($user = null) {
static $_user = 'root';
static $set = false;
if (!is_null($user)) {
$_user = trim($user);
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_USER'])) {
return $GLOBALS['ADODB_SESSION_USER'];
}
}
return $_user;
}
/*!
*/
function password($password = null) {
static $_password = '';
static $set = false;
if (!is_null($password)) {
$_password = $password;
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_PWD'])) {
return $GLOBALS['ADODB_SESSION_PWD'];
}
}
return $_password;
}
/*!
*/
function database($database = null) {
static $_database = 'xphplens_2';
static $set = false;
if (!is_null($database)) {
$_database = trim($database);
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_DB'])) {
return $GLOBALS['ADODB_SESSION_DB'];
}
}
return $_database;
}
/*!
*/
function persist($persist = null)
{
static $_persist = true;
if (!is_null($persist)) {
$_persist = trim($persist);
}
return $_persist;
}
/*!
*/
function lifetime($lifetime = null) {
static $_lifetime;
static $set = false;
if (!is_null($lifetime)) {
$_lifetime = (int) $lifetime;
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESS_LIFE'])) {
return $GLOBALS['ADODB_SESS_LIFE'];
}
}
if (!$_lifetime) {
$_lifetime = ini_get('session.gc_maxlifetime');
if ($_lifetime <= 1) {
// bug in PHP 4.0.3 pl 1 -- how about other
versions?
//print "<h3>Session Error: PHP.INI setting
<i>session.gc_maxlifetime</i>not set: $lifetime</h3>";
$_lifetime = 1440;
}
}
return $_lifetime;
}
/*!
*/
function debug($debug = null) {
static $_debug = false;
static $set = false;
if (!is_null($debug)) {
$_debug = (bool) $debug;
$conn = ADODB_Session::_conn();
if ($conn) {
$conn->debug = $_debug;
}
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESS_DEBUG'])) {
return $GLOBALS['ADODB_SESS_DEBUG'];
}
}
return $_debug;
}
/*!
*/
function expireNotify($expire_notify = null) {
static $_expire_notify;
static $set = false;
if (!is_null($expire_notify)) {
$_expire_notify = $expire_notify;
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_EXPIRE_NOTIFY'])) {
return $GLOBALS['ADODB_SESSION_EXPIRE_NOTIFY'];
}
}
return $_expire_notify;
}
/*!
*/
function table($table = null) {
static $_table = 'sessions';
static $set = false;
if (!is_null($table)) {
$_table = trim($table);
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_TBL'])) {
return $GLOBALS['ADODB_SESSION_TBL'];
}
}
return $_table;
}
/*!
*/
function optimize($optimize = null) {
static $_optimize = false;
static $set = false;
if (!is_null($optimize)) {
$_optimize = (bool) $optimize;
$set = true;
} elseif (!$set) {
// backwards compatibility
if (defined('ADODB_SESSION_OPTIMIZE')) {
return true;
}
}
return $_optimize;
}
/*!
*/
function syncSeconds($sync_seconds = null) {
static $_sync_seconds = 60;
static $set = false;
if (!is_null($sync_seconds)) {
$_sync_seconds = (int) $sync_seconds;
$set = true;
} elseif (!$set) {
// backwards compatibility
if (defined('ADODB_SESSION_SYNCH_SECS')) {
return ADODB_SESSION_SYNCH_SECS;
}
}
return $_sync_seconds;
}
/*!
*/
function clob($clob = null) {
static $_clob = false;
static $set = false;
if (!is_null($clob)) {
$_clob = strtolower(trim($clob));
$set = true;
} elseif (!$set) {
// backwards compatibility
if (isset($GLOBALS['ADODB_SESSION_USE_LOBS'])) {
return $GLOBALS['ADODB_SESSION_USE_LOBS'];
}
}
return $_clob;
}
/*!
*/
function dataFieldName($data_field_name = null) {
static $_data_field_name = 'data';
if (!is_null($data_field_name)) {
$_data_field_name = trim($data_field_name);
}
return $_data_field_name;
}
/*!
*/
function filter($filter = null) {
static $_filter = array();
if (!is_null($filter)) {
if (!is_array($filter)) {
$filter = array($filter);
}
$_filter = $filter;
}
return $_filter;
}
/*!
*/
function encryptionKey($encryption_key = null) {
static $_encryption_key = 'CRYPTED ADODB SESSIONS ROCK!';
if (!is_null($encryption_key)) {
$_encryption_key = $encryption_key;
}
return $_encryption_key;
}
/////////////////////
// private methods
/////////////////////
/*!
*/
function &_conn($conn=null) {
return $GLOBALS['ADODB_SESS_CONN'];
}
/*!
*/
function _crc($crc = null) {
static $_crc = false;
if (!is_null($crc)) {
$_crc = $crc;
}
return $_crc;
}
/*!
*/
function _init() {
session_module_name('user');
session_set_save_handler(
array('ADODB_Session', 'open'),
array('ADODB_Session', 'close'),
array('ADODB_Session', 'read'),
array('ADODB_Session', 'write'),
array('ADODB_Session', 'destroy'),
array('ADODB_Session', 'gc')
);
}
/*!
*/
function _sessionKey() {
// use this function to create the encryption key for crypted
sessions
// crypt the used key, ADODB_Session::encryptionKey() as key
and session_id() as salt
return crypt(ADODB_Session::encryptionKey(), session_id());
}
/*!
*/
function _dumprs($rs) {
$conn =& ADODB_Session::_conn();
$debug = ADODB_Session::debug();
if (!$conn) {
return;
}
if (!$debug) {
return;
}
if (!$rs) {
echo "<br />\$rs is null or false<br />\n";
return;
}
//echo "<br />\nAffected_Rows=",$conn->Affected_Rows(),"<br
/>\n";
if (!is_object($rs)) {
return;
}
require_once ADODB_SESSION.'/../tohtml.inc.php';
rs2html($rs);
}
/////////////////////
// public methods
/////////////////////
/*!
Create the connection to the database.
If $conn already exists, reuse that connection
*/
function open($save_path, $session_name, $persist = null) {
$conn =& ADODB_Session::_conn();
if ($conn) {
return true;
}
$database = ADODB_Session::database();
$debug = ADODB_Session::debug();
$driver = ADODB_Session::driver();
$host = ADODB_Session::host();
$password = ADODB_Session::password();
$user = ADODB_Session::user();
if (!is_null($persist)) {
ADODB_Session::persist($persist);
} else {
$persist = ADODB_Session::persist();
}
# these can all be defaulted to in php.ini
# assert('$database');
# assert('$driver');
# assert('$host');
// cannot use =& below - do not know why...
$conn =& ADONewConnection($driver);
if ($debug) {
$conn->debug = true;
// ADOConnection::outp( " driver=$driver user=$user
pwd=$password db=$database ");
}
if ($persist) {
switch($persist) {
default:
case 'P': $ok = $conn->PConnect($host, $user,
$password, $database); break;
case 'C': $ok = $conn->Connect($host, $user, $password,
$database); break;
case 'N': $ok = $conn->NConnect($host, $user,
$password, $database); break;
}
} else {
$ok = $conn->Connect($host, $user, $password,
$database);
}
if ($ok) $GLOBALS['ADODB_SESS_CONN'] =& $conn;
else
ADOConnection::outp('<p>Session: connection
failed</p>', false);
return $ok;
}
/*!
Close the connection
*/
function close() {
$conn =& ADODB_Session::_conn();
if ($conn) {
$conn->Close();
}
return true;
}
/*
Slurp in the session variables and return the serialized string
*/
function read($key) {
$conn =& ADODB_Session::_conn();
$data = ADODB_Session::dataFieldName();
$filter = ADODB_Session::filter();
$table = ADODB_Session::table();
if (!$conn) {
return '';
}
assert('$table');
$qkey = $conn->quote($key);
$binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' :
'';
$sql = "SELECT $data FROM $table WHERE $binary sesskey = $qkey
AND expiry >= " . time();
$rs =& $conn->Execute($sql);
//ADODB_Session::_dumprs($rs);
if ($rs) {
if ($rs->EOF) {
$v = '';
} else {
$v = reset($rs->fields);
$filter = array_reverse($filter);
foreach ($filter as $f) {
if (is_object($f)) {
$v = $f->read($v,
ADODB_Session::_sessionKey());
}
}
$v = rawurldecode($v);
}
$rs->Close();
ADODB_Session::_crc(strlen($v) . crc32($v));
return $v;
}
return '';
}
/*!
Write the serialized data to a database.
If the data has not been modified since the last read(), we do
not write.
*/
function write($key, $val) {
$clob = ADODB_Session::clob();
$conn =& ADODB_Session::_conn();
$crc = ADODB_Session::_crc();
$data = ADODB_Session::dataFieldName();
$debug = ADODB_Session::debug();
$driver = ADODB_Session::driver();
$expire_notify = ADODB_Session::expireNotify();
$filter = ADODB_Session::filter();
$lifetime = ADODB_Session::lifetime();
$table = ADODB_Session::table();
if (!$conn) {
return false;
}
assert('$table');
$expiry = time() + $lifetime;
$qkey = $conn->quote($key);
$binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' :
'';
// crc32 optimization since adodb 2.1
// now we only update expiry date, thx to sebastian thom in
adodb 2.32
if ($crc !== false && $crc == (strlen($val) . crc32($val))) {
if ($debug) {
echo '<p>Session: Only updating date - crc32
not changed</p>';
}
$sql = "UPDATE $table SET expiry = $expiry WHERE
$binary sesskey = $qkey AND expiry >= " . time();
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
if ($rs) {
$rs->Close();
}
return true;
}
$val = rawurlencode($val);
foreach ($filter as $f) {
if (is_object($f)) {
$val = $f->write($val,
ADODB_Session::_sessionKey());
}
}
$arr = array('sesskey' => $key, 'expiry' => $expiry, $data =>
$val, 'expireref' => '');
if ($expire_notify) {
$var = reset($expire_notify);
global $$var;
if (isset($$var)) {
$arr['expireref'] = $$var;
}
}
if (!$clob) { // no lobs, simply use replace()
$arr[$data] = $conn->qstr($val);
$rs = $conn->Replace($table, $arr, 'sesskey',
$autoQuote = true);
ADODB_Session::_dumprs($rs);
} else {
// what value shall we insert/update for lob row?
switch ($driver) {
// empty_clob or empty_lob for oracle dbs
case 'oracle':
case 'oci8':
case 'oci8po':
case 'oci805':
$lob_value = sprintf('empty_%s()',
strtolower($clob));
break;
// null for all other
default:
$lob_value = 'null';
break;
}
// do we insert or update? => as for sesskey
$rs =& $conn->Execute("SELECT COUNT(*) AS cnt FROM
$table WHERE $binary sesskey = $qkey");
ADODB_Session::_dumprs($rs);
if ($rs && reset($rs->fields) > 0) {
$sql = "UPDATE $table SET expiry = $expiry,
$data = $lob_value WHERE sesskey = $qkey";
} else {
$sql = "INSERT INTO $table (expiry, $data,
sesskey) VALUES ($expiry, $lob_value, $qkey)";
}
if ($rs) {
$rs->Close();
}
$err = '';
$rs1 =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs1);
if (!$rs1) {
$err = $conn->ErrorMsg()."\n";
}
$rs2 =& $conn->UpdateBlob($table, $data, $val, "
sesskey=$qkey", strtoupper($clob));
ADODB_Session::_dumprs($rs2);
if (!$rs2) {
$err .= $conn->ErrorMsg()."\n";
}
$rs = ($rs && $rs2) ? true : false;
if ($rs1) {
$rs1->Close();
}
if (is_object($rs2)) {
$rs2->Close();
}
}
if (!$rs) {
ADOConnection::outp('<p>Session Replace: ' .
$conn->ErrorMsg() . '</p>', false);
return false;
} else {
// bug in access driver (could be odbc?) means that
info is not committed
// properly unless select statement executed in Win2000
if ($conn->databaseType == 'access') {
$sql = "SELECT sesskey FROM $table WHERE
$binary sesskey = $qkey";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
if ($rs) {
$rs->Close();
}
}
}
return $rs ? true : false;
}
/*!
*/
function destroy($key) {
$conn =& ADODB_Session::_conn();
$table = ADODB_Session::table();
$expire_notify = ADODB_Session::expireNotify();
if (!$conn) {
return false;
}
assert('$table');
$qkey = $conn->quote($key);
$binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' :
'';
if ($expire_notify) {
reset($expire_notify);
$fn = next($expire_notify);
$savem = $conn->SetFetchMode(ADODB_FETCH_NUM);
$sql = "SELECT expireref, sesskey FROM $table WHERE
$binary sesskey = $qkey";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
$conn->SetFetchMode($savem);
if (!$rs) {
return false;
}
if (!$rs->EOF) {
$ref = $rs->fields[0];
$key = $rs->fields[1];
//assert('$ref');
//assert('$key');
$fn($ref, $key);
}
$rs->Close();
}
$sql = "DELETE FROM $table WHERE $binary sesskey = $qkey";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
if ($rs) {
$rs->Close();
}
return $rs ? true : false;
}
/*!
*/
function gc($maxlifetime) {
$conn =& ADODB_Session::_conn();
$debug = ADODB_Session::debug();
$expire_notify = ADODB_Session::expireNotify();
$optimize = ADODB_Session::optimize();
$sync_seconds = ADODB_Session::syncSeconds();
$table = ADODB_Session::table();
if (!$conn) {
return false;
}
assert('$table');
$time = time();
$binary = $conn->dataProvider === 'mysql' ? '/*! BINARY */' :
'';
if ($expire_notify) {
reset($expire_notify);
$fn = next($expire_notify);
$savem = $conn->SetFetchMode(ADODB_FETCH_NUM);
$sql = "SELECT expireref, sesskey FROM $table WHERE
expiry < $time";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
$conn->SetFetchMode($savem);
if ($rs) {
$conn->BeginTrans();
$keys = array();
while (!$rs->EOF) {
$ref = $rs->fields[0];
$key = $rs->fields[1];
$fn($ref, $key);
$del = $conn->Execute("DELETE FROM
$table WHERE sesskey='$key'");
$rs->MoveNext();
}
$rs->Close();
$conn->CommitTrans();
}
} else {
$sql = "DELETE FROM $table WHERE expiry < $time";
$rs =& $conn->Execute($sql);
ADODB_Session::_dumprs($rs);
if ($rs) {
$rs->Close();
}
if ($debug) {
ADOConnection::outp("<p><b>Garbage
Collection</b>: $sql</p>");
}
}
// suggested by Cameron, "GaM3R"
<gamr-0R8jI162z55fq8cQ1yknNg@xxxxxxxxxxxxxxxx>
if ($optimize) {
$driver = ADODB_Session::driver();
if (preg_match('/mysql/i', $driver)) {
$sql = "OPTIMIZE TABLE $table";
}
if (preg_match('/postgres/i', $driver)) {
$sql = "VACUUM $table";
}
if (!empty($sql)) {
$conn->Execute($sql);
}
}
if ($sync_seconds) {
$sql = 'SELECT ';
if ($conn->dataProvider === 'oci8') {
$sql .= "TO_CHAR({$conn->sysTimeStamp},
'RRRR-MM-DD HH24:MI:SS')";
} else {
$sql .= $conn->sysTimeStamp;
}
$sql .= " FROM $table";
$rs =& $conn->SelectLimit($sql, 1);
if ($rs && !$rs->EOF) {
$dbts = reset($rs->fields);
$rs->Close();
$dbt = $conn->UnixTimeStamp($dbts);
$t = time();
if (abs($dbt - $t) >= $sync_seconds) {
global $HTTP_SERVER_VARS;
$msg = __FILE__ .
": Server time for webserver
{$HTTP_SERVER_VARS['HTTP_HOST']} not in synch with database: " .
" database=$dbt ($dbts),
webserver=$t (diff=". (abs($dbt - $t) / 3600) . ' hours)';
error_log($msg);
if ($debug) {
ADOConnection::outp("<p>$msg</p>");
}
}
}
}
return true;
}
}
ADODB_Session::_init();
// for backwards compatability only
function adodb_sess_open($save_path, $session_name, $persist = true) {
return ADODB_Session::open($save_path, $session_name, $persist);
}
// for backwards compatability only
function adodb_sess_gc($t)
{
return ADODB_Session::gc($t);
}
?>
--- NEW FILE: adodb-encrypt-md5.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
// security - hide paths
if (!defined('ADODB_SESSION')) die();
include_once ADODB_SESSION . '/crypt.inc.php';
/**
*/
class ADODB_Encrypt_MD5 {
/**
*/
function write($data, $key) {
$md5crypt =& new MD5Crypt();
return $md5crypt->encrypt($data, $key);
}
/**
*/
function read($data, $key) {
$md5crypt =& new MD5Crypt();
return $md5crypt->decrypt($data, $key);
}
}
return 1;
?>
--- NEW FILE: adodb-sessions.oracle.clob.sql ---
-- $CVSHeader$
DROP TABLE adodb_sessions;
CREATE TABLE sessions (
sesskey CHAR(32) DEFAULT '' NOT NULL,
expiry INT DEFAULT 0 NOT NULL,
expireref VARCHAR(64) DEFAULT '',
data CLOB DEFAULT '',
PRIMARY KEY (sesskey)
);
CREATE INDEX ix_expiry ON sessions (expiry);
QUIT;
--- NEW FILE: adodb-compress-gzip.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
if (!function_exists('gzcompress')) {
trigger_error('gzip functions are not available', E_USER_ERROR);
return 0;
}
/*
*/
class ADODB_Compress_Gzip {
/**
*/
var $_level = null;
/**
*/
var $_min_length = 1;
/**
*/
function getLevel() {
return $this->_level;
}
/**
*/
function setLevel($level) {
assert('$level >= 0');
assert('$level <= 9');
$this->_level = (int) $level;
}
/**
*/
function getMinLength() {
return $this->_min_length;
}
/**
*/
function setMinLength($min_length) {
assert('$min_length >= 0');
$this->_min_length = (int) $min_length;
}
/**
*/
function ADODB_Compress_Gzip($level = null, $min_length = null) {
if (!is_null($level)) {
$this->setLevel($level);
}
if (!is_null($min_length)) {
$this->setMinLength($min_length);
}
}
/**
*/
function write($data, $key) {
if (strlen($data) < $this->_min_length) {
return $data;
}
if (!is_null($this->_level)) {
return gzcompress($data, $this->_level);
} else {
return gzcompress($data);
}
}
/**
*/
function read($data, $key) {
return $data ? gzuncompress($data) : $data;
}
}
return 1;
?>
--- NEW FILE: crypt.inc.php ---
<?php
// Session Encryption by Ari Kuorikoski
<ari.kuorikoski-EzZ9KENmu8tWk0Htik3J/w@xxxxxxxxxxxxxxxx>
class MD5Crypt{
function keyED($txt,$encrypt_key)
{
$encrypt_key = md5($encrypt_key);
$ctr=0;
$tmp = "";
for ($i=0;$i<strlen($txt);$i++){
if ($ctr==strlen($encrypt_key))
$ctr=0;
$tmp.= substr($txt,$i,1) ^
substr($encrypt_key,$ctr,1);
$ctr++;
}
return $tmp;
}
function Encrypt($txt,$key)
{
srand((double)microtime()*1000000);
$encrypt_key = md5(rand(0,32000));
$ctr=0;
$tmp = "";
for ($i=0;$i<strlen($txt);$i++)
{
if ($ctr==strlen($encrypt_key)) $ctr=0;
$tmp.= substr($encrypt_key,$ctr,1) .
(substr($txt,$i,1) ^
substr($encrypt_key,$ctr,1));
$ctr++;
}
return base64_encode($this->keyED($tmp,$key));
}
function Decrypt($txt,$key)
{
$txt = $this->keyED(base64_decode($txt),$key);
$tmp = "";
for ($i=0;$i<strlen($txt);$i++){
$md5 = substr($txt,$i,1);
$i++;
$tmp.= (substr($txt,$i,1) ^
$md5);
}
return $tmp;
}
function RandPass()
{
$randomPassword = "";
srand((double)microtime()*1000000);
for($i=0;$i<8;$i++)
{
$randnumber = rand(48,120);
while (($randnumber >= 58 &&
$randnumber <= 64) || ($randnumber >= 91 && $randnumber <= 96))
{
$randnumber =
rand(48,120);
}
$randomPassword .=
chr($randnumber);
}
return $randomPassword;
}
}
?>
--- NEW FILE: adodb-session-clob.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
/*
This file is provided for backwards compatibility purposes
*/
require_once dirname(__FILE__) . '/adodb-session.php';
ADODB_Session::clob('CLOB');
?>
--- NEW FILE: adodb-sessions.mysql.sql ---
-- $CVSHeader$
CREATE DATABASE /*! IF NOT EXISTS */ adodb_sessions;
USE adodb_sessions;
DROP TABLE /*! IF EXISTS */ sessions;
CREATE TABLE /*! IF NOT EXISTS */ sessions (
sesskey CHAR(32) /*! BINARY */ NOT NULL DEFAULT '',
expiry INT(11) /*! UNSIGNED */ NOT NULL DEFAULT 0,
expireref VARCHAR(64) DEFAULT '',
data LONGTEXT DEFAULT '',
PRIMARY KEY (sesskey),
INDEX expiry (expiry)
);
--- NEW FILE: adodb-cryptsession.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
/*
This file is provided for backwards compatibility purposes
*/
require_once dirname(__FILE__) . '/adodb-session.php';
require_once ADODB_SESSION . '/adodb-encrypt-md5.php';
ADODB_Session::filter(new ADODB_Encrypt_MD5());
?>
--- NEW FILE: adodb-sessions.oracle.sql ---
-- $CVSHeader$
DROP TABLE adodb_sessions;
CREATE TABLE sessions (
sesskey CHAR(32) DEFAULT '' NOT NULL,
expiry INT DEFAULT 0 NOT NULL,
expireref VARCHAR(64) DEFAULT '',
data VARCHAR(4000) DEFAULT '',
PRIMARY KEY (sesskey),
INDEX expiry (expiry)
);
CREATE INDEX ix_expiry ON sessions (expiry);
QUIT;
--- NEW FILE: adodb-sess.txt ---
John,
I have been an extremely satisfied ADODB user for several years now.
To give you something back for all your hard work, I've spent the last 3
days rewriting the adodb-session.php code.
----------
What's New
----------
Here's a list of the new code's benefits:
* Combines the functionality of the three files:
adodb-session.php
adodb-session-clob.php
adodb-cryptsession.php
each with very similar functionality, into a single file adodb-session.php.
This will ease maintenance and support issues.
* Supports multiple encryption and compression schemes.
Currently, we support:
MD5Crypt (crypt.inc.php)
MCrypt
Secure (Horde's emulation of MCrypt, if MCrypt module is not available.)
GZip
BZip2
These can be stacked, so if you want to compress and then encrypt your
session data, it's easy.
Also, the built-in MCrypt functions will be *much* faster, and more secure,
than the MD5Crypt code.
* adodb-session.php contains a single class ADODB_Session that encapsulates
all functionality.
This eliminates the use of global vars and defines (though they are
supported for backwards compatibility).
* All user defined parameters are now static functions in the ADODB_Session
class.
New parameters include:
* encryptionKey(): Define the encryption key used to encrypt the session.
Originally, it was a hard coded string.
* persist(): Define if the database will be opened in persistent mode.
Originally, the user had to call adodb_sess_open().
* dataFieldName(): Define the field name used to store the session data, as
'DATA' appears to be a reserved word in the following cases:
ANSI SQL
IBM DB2
MS SQL Server
Postgres
SAP
* filter(): Used to support multiple, simulataneous encryption/compression
schemes.
* Debug support is improved thru _rsdump() function, which is called after
every database call.
------------
What's Fixed
------------
The new code includes several bug fixes and enhancements:
* sesskey is compared in BINARY mode for MySQL, to avoid problems with
session keys that differ only by case.
Of course, the user should define the sesskey field as BINARY, to
correctly fix this problem, otherwise performance will suffer.
* In ADODB_Session::gc(), if $expire_notify is true, the multiple DELETES in
the original code have been optimized to a single DELETE.
* In ADODB_Session::destroy(), since "SELECT expireref, sesskey FROM $table
WHERE sesskey = $qkey" will only return a single value, we don't loop on the
result, we simply process the row, if any.
* We close $rs after every use.
---------------
What's the Same
---------------
I know backwards compatibility is *very* important to you. Therefore, the
new code is 100% backwards compatible.
If you like my code, but don't "trust" it's backwards compatible, maybe we
offer it as beta code, in a new directory for a release or two?
------------
What's To Do
------------
I've vascillated over whether to use a single function to get/set
parameters:
$user = ADODB_Session::user(); // get
ADODB_Session::user($user); // set
or to use separate functions (which is the PEAR/Java way):
$user = ADODB_Session::getUser();
ADODB_Session::setUser($user);
I've chosen the former as it's makes for a simpler API, and reduces the
amount of code, but I'd be happy to change it to the latter.
Also, do you think the class should be a singleton class, versus a static
class?
Let me know if you find this code useful, and will be including it in the
next release of ADODB.
If so, I will modify the current documentation to detail the new
functionality. To that end, what file(s) contain the documentation? Please
send them to me if they are not publically available.
Also, if there is *anything* in the code that you like to see changed, let
me know.
Thanks,
Ross
--- NEW FILE: adodb-encrypt-mcrypt.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
if (!function_exists('mcrypt_encrypt')) {
trigger_error('Mcrypt functions are not available', E_USER_ERROR);
return 0;
}
/**
*/
class ADODB_Encrypt_MCrypt {
/**
*/
var $_cipher;
/**
*/
var $_mode;
/**
*/
var $_source;
/**
*/
function getCipher() {
return $this->_cipher;
}
/**
*/
function setCipher($cipher) {
$this->_cipher = $cipher;
}
/**
*/
function getMode() {
return $this->_mode;
}
/**
*/
function setMode($mode) {
$this->_mode = $mode;
}
/**
*/
function getSource() {
return $this->_source;
}
/**
*/
function setSource($source) {
$this->_source = $source;
}
/**
*/
function ADODB_Encrypt_MCrypt($cipher = null, $mode = null, $source =
null) {
if (!$cipher) {
$cipher = MCRYPT_RIJNDAEL_256;
}
if (!$mode) {
$mode = MCRYPT_MODE_ECB;
}
if (!$source) {
$source = MCRYPT_RAND;
}
$this->_cipher = $cipher;
$this->_mode = $mode;
$this->_source = $source;
}
/**
*/
function write($data, $key) {
$iv_size = mcrypt_get_iv_size($this->_cipher, $this->_mode);
$iv = mcrypt_create_iv($iv_size, $this->_source);
return mcrypt_encrypt($this->_cipher, $key, $data,
$this->_mode, $iv);
}
/**
*/
function read($data, $key) {
$iv_size = mcrypt_get_iv_size($this->_cipher, $this->_mode);
$iv = mcrypt_create_iv($iv_size, $this->_source);
$rv = mcrypt_decrypt($this->_cipher, $key, $data, $this->_mode,
$iv);
return rtrim($rv, "\0");
}
}
return 1;
?>
--- NEW FILE: adodb-encrypt-secret.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
@define('HORDE_BASE', dirname(dirname(dirname(__FILE__))) . '/horde');
if (!is_dir(HORDE_BASE)) {
trigger_error(sprintf('Directory not found: \'%s\'', HORDE_BASE),
E_USER_ERROR);
return 0;
}
include_once HORDE_BASE . '/lib/Horde.php';
include_once HORDE_BASE . '/lib/Secret.php';
/**
NOTE: On Windows 2000 SP4 with PHP 4.3.1, MCrypt 2.4.x, and Apache 1.3.28,
the session didn't work properly.
This may be resolved with 4.3.3.
*/
class ADODB_Encrypt_Secret {
/**
*/
function write($data, $key) {
return Secret::write($key, $data);
}
/**
*/
function read($data, $key) {
return Secret::read($key, $data);
}
}
return 1;
?>
--- NEW FILE: adodb-compress-bzip2.php ---
<?php
/*
V4.01 23 Oct 2003 (c) 2000-2004 John Lim
(jlim-l15XFKl8ZeYZ+IcD6AW/HA@xxxxxxxxxxxxxxxx). All rights reserved.
Contributed by Ross Smith
(adodb-8k6CzKFoKBXQT0dZR+AlfA@xxxxxxxxxxxxxxxx).
Released under both BSD license and Lesser GPL library license.
Whenever there is any discrepancy between the two licenses,
the BSD license will take precedence.
Set tabs to 4 for best viewing.
*/
if (!function_exists('bzcompress')) {
trigger_error('bzip2 functions are not available', E_USER_ERROR);
return 0;
}
/*
*/
class ADODB_Compress_Bzip2 {
/**
*/
var $_block_size = null;
/**
*/
var $_work_level = null;
/**
*/
var $_min_length = 1;
/**
*/
function getBlockSize() {
return $this->_block_size;
}
/**
*/
function setBlockSize($block_size) {
assert('$block_size >= 1');
assert('$block_size <= 9');
$this->_block_size = (int) $block_size;
}
/**
*/
function getWorkLevel() {
return $this->_work_level;
}
/**
*/
function setWorkLevel($work_level) {
assert('$work_level >= 0');
assert('$work_level <= 250');
$this->_work_level = (int) $work_level;
}
/**
*/
function getMinLength() {
return $this->_min_length;
}
/**
*/
function setMinLength($min_length) {
assert('$min_length >= 0');
$this->_min_length = (int) $min_length;
}
/**
*/
function ADODB_Compress_Bzip2($block_size = null, $work_level = null,
$min_length = null) {
if (!is_null($block_size)) {
$this->setBlockSize($block_size);
}
if (!is_null($work_level)) {
$this->setWorkLevel($work_level);
}
if (!is_null($min_length)) {
$this->setMinLength($min_length);
}
}
/**
*/
function write($data, $key) {
if (strlen($data) < $this->_min_length) {
return $data;
}
if (!is_null($this->_block_size)) {
if (!is_null($this->_work_level)) {
return bzcompress($data, $this->_block_size,
$this->_work_level);
} else {
return bzcompress($data, $this->_block_size);
}
}
return bzcompress($data);
}
/**
*/
function read($data, $key) {
return $data ? bzdecompress($data) : $data;
}
}
return 1;
?>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
|
