| [ Index ] |
PHP Cross Reference of phpBB 3.0 Beta 3 |
[Source view] [Print]
(no description)
| Copyright: | (c) 2005 phpBB Group |
| License: | http://opensource.org/licenses/gpl-license.php GNU Public License |
| Version: | $Id: session.php,v 1.242 2006/11/12 15:35:43 acydburn Exp $ |
| File Size: | 1529 lines (49 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
session:: (10 methods):
extract_current_page()
session_begin()
session_create()
session_kill()
session_gc()
set_cookie()
check_ban()
check_dnsbl()
set_login_key()
reset_login_keys()
user:: (9 methods):
setup()
add_lang()
set_lang()
format_date()
get_iso_lang_id()
get_profile_fields()
img()
optionget()
optionset()
| extract_current_page($root_path) X-Ref |
| Extract current session page param: string $root_path current root path (phpbb_root_path) |
| session_begin($update_session_page = true) X-Ref |
| Start session management This is where all session activity begins. We gather various pieces of information from the client and server. We test to see if a session already exists. If it does, fine and dandy. If it doesn't we'll go on to create a new one ... pretty logical heh? We also examine the system load (if we're running on a system which makes such information readily available) and halt if it's above an admin definable limit. param: bool $update_session_page if true the session page gets updated. |
| session_create($user_id = false, $set_admin = false, $persist_login = false, $viewonline = true) X-Ref |
| Create a new session If upon trying to start a session we discover there is nothing existing we jump here. Additionally this method is called directly during login to regenerate the session for the specific user. In this method we carry out a number of tasks; garbage collection, (search)bot checking, banned user comparison. Basically though this method will result in a new session for a specific user. |
| session_kill() X-Ref |
| Kills a session This method does what it says on the tin. It will delete a pre-existing session. It resets cookie information (destroying any autologin key within that cookie data) and update the users information from the relevant session data. It will then grab guest user information. |
| session_gc() X-Ref |
| Session garbage collection This looks a lot more complex than it really is. Effectively we are deleting any sessions older than an admin definable limit. Due to the way in which we maintain session data we have to ensure we update user data before those sessions are destroyed. In addition this method removes autologin key information that is older than an admin defined limit. |
| set_cookie($name, $cookiedata, $cookietime) X-Ref |
| Sets a cookie Sets a cookie of the given name with the specified data for the given length of time. |
| check_ban($user_id = false, $user_ip = false, $user_email = false, $return = false) X-Ref |
| Check for banned user Checks whether the supplied user is banned by id, ip or email. If no parameters are passed to the method pre-existing session data is used. If $return is false this routine does not return on finding a banned user, it outputs a relevant message and stops execution. |
| check_dnsbl($ip = false) X-Ref |
| Check if ip is blacklisted This should be called only where absolutly necessary Only IPv4 (rbldns does not support AAAA records/IPv6 lookups) author: satmd (from the php manual) return: false if ip is not blacklisted, else an array([checked server], [lookup]) |
| set_login_key($user_id = false, $key = false, $user_ip = false) X-Ref |
| Set/Update a persistent login key This method creates or updates a persistent session key. When a user makes use of persistent (formerly auto-) logins a key is generated and stored in the DB. When they revisit with the same key it's automatically updated in both the DB and cookie. Multiple keys may exist for each user representing different browsers or locations. As with _any_ non-secure-socket no passphrase login this remains vulnerable to exploit. |
| reset_login_keys($user_id = false) X-Ref |
| Reset all login keys for the specified user This method removes all current login keys for a specified (or the current) user. It will be called on password change to render old keys unusable |
| setup($lang_set = false, $style = false) X-Ref |
| Setup basic user-specific items (style, language, ...) |
| add_lang($lang_set, $use_db = false, $use_help = false) X-Ref |
| Add Language Items - use_db and use_help are assigned where needed (only use them to force inclusion) param: mixed $lang_set specifies the language entries to include param: bool $use_db internal variable for recursion, do not use param: bool $use_help internal variable for recursion, do not use |
| set_lang(&$lang, &$help, $lang_file, $use_db = false, $use_help = false) X-Ref |
| Set language entry (called by add_lang) |
| format_date($gmepoch, $format = false, $forcedate = false) X-Ref |
| Format user date |
| get_iso_lang_id() X-Ref |
| Get language id currently used by the user |
| get_profile_fields($user_id) X-Ref |
| Get users profile fields |
| img($img, $alt = '', $width = false, $suffix = '', $type = 'full_tag') X-Ref |
| Specify/Get image |
| optionget($key, $data = false) X-Ref |
| Get option bit field from user options |
| optionset($key, $value, $data = false) X-Ref |
| Set option bit field for user options |
| Generated: Wed Nov 22 00:35:05 2006 | Cross-referenced by PHPXref 0.6 |