- Patch #253702 by Damien Tournoud et al: further clean-up of the session handling code.

312b97e9 · Dries · 48727a34 · 312b97e9 · 312b97e9 · 312b97e9
Commit 312b97e9 authored Sep 15, 2008 by Dries
5 changed files
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -1031,7 +1031,7 @@ function _drupal_bootstrap($phase) {

    case DRUPAL_BOOTSTRAP_SESSION:
      require_once variable_get('session_inc', './includes/session.inc');
-      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', 'sess_destroy_sid', 'sess_gc');
+      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy_sid', '_sess_gc');
      session_start();
      break;


--- a/includes/session.inc
+++ b/includes/session.inc
@@ -32,7 +32,7 @@
 *
 * @return
 *   This function will always return TRUE.
-*/    
+ */    
 function _sess_open() {
  return TRUE;
 }
@@ -48,7 +48,7 @@ function _sess_open() {
 *
 * @return
 *   This function will always return TRUE.
-*/    
+ */    
 function _sess_close() {
  return TRUE;
 }
@@ -68,7 +68,7 @@ function _sess_close() {
 * @return
 *   Either an array of the session data, or an empty string, if no data 
 *   was found or the user is anonymous.
-*/
+ */
 function _sess_read($key) {
  global $user;

@@ -127,7 +127,7 @@ function _sess_read($key) {
 *   Serialized array of the session data.
 * @return
 *   This function will always return TRUE.
-*/
+ */
 function _sess_write($key, $value) {
  global $user;

@@ -136,7 +136,7 @@ function _sess_write($key, $value) {
  // the session table. This reduces memory and server load, and gives more useful
  // statistics. We can't eliminate anonymous session table rows without breaking
  // the "Who's Online" block.
-  if (!session_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
+  if (!drupal_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
    return TRUE;
  }

@@ -170,7 +170,7 @@ function _sess_write($key, $value) {
 /**
 * Called when an anonymous user becomes authenticated or vice-versa.
 */
-function sess_regenerate() {
+function drupal_session_regenerate() {
  $old_session_id = session_id();
  session_regenerate_id();
  db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
@@ -189,19 +189,20 @@ function sess_regenerate() {
 * @return  int
 *   The number of users with sessions.
 */
-function sess_count($timestamp = 0, $anonymous = true) {
+function drupal_session_count($timestamp = 0, $anonymous = true) {
  $query = $anonymous ? ' AND uid = 0' : ' AND uid > 0';
  return db_result(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d' . $query, $timestamp));
 }

 /**
- * Called by PHP session handling with the PHP session ID 
- * to end a user's session.
+ * Session handler assigned by session_set_save_handler().
+ * 
+ * Cleanup a specific session.
 *
 * @param  string $sid
 *   the session id
 */
-function sess_destroy_sid($sid) {
+function _sess_destroy_sid($sid) {
  db_query("DELETE FROM {sessions} WHERE sid = '%s'", $sid);
 }

@@ -211,11 +212,16 @@ function sess_destroy_sid($sid) {
 * @param  string $uid
 *   the user id
 */
-function sess_destroy_uid($uid) {
+function drupal_session_destroy_uid($uid) {
  db_query('DELETE FROM {sessions} WHERE uid = %d', $uid);
 }

-function sess_gc($lifetime) {
+/**
+ * Session handler assigned by session_set_save_handler().
+ * 
+ * Cleanup stalled sessions.
+ */
+function _sess_gc($lifetime) {
  // Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
  // value. For example, if you want user sessions to stay in your database
  // for three weeks before deleting them, you need to set gc_maxlifetime
@@ -240,7 +246,7 @@ function sess_gc($lifetime) {
 * @return
 *   FALSE if writing session data has been disabled. Otherwise, TRUE.
 */
-function session_save_session($status = NULL) {
+function drupal_save_session($status = NULL) {
  static $save_session = TRUE;
  if (isset($status)) {
    $save_session = $status;

--- a/modules/simpletest/tests/session.test
+++ b/modules/simpletest/tests/session.test
@@ -26,19 +26,19 @@ class SessionTestCase extends DrupalWebTestCase {
  }

  /**
-   * Tests for session_save_session().
+   * Tests for drupal_save_session().
   */
  function testSessionSaveSession() {
-    $this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
-    $this->assertFalse(session_save_session(FALSE), t('session_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
-    $this->assertFalse(session_save_session(), t('session_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
-    $this->assertTrue(session_save_session(TRUE), t('session_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
-    $this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
+    $this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
+    $this->assertFalse(drupal_save_session(FALSE), t('drupal_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
+    $this->assertFalse(drupal_save_session(), t('drupal_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
+    $this->assertTrue(drupal_save_session(TRUE), t('drupal_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
+    $this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
  }

  /**
   * Test data persistence via the session_test module callbacks. Also tests
-   * sess_count() since session data is already generated here.
+   * drupal_session_count() since session data is already generated here.
   */
  function testDataPersistence() {
    $user = $this->drupalCreateUser(array('access content'));
@@ -54,13 +54,13 @@ class SessionTestCase extends DrupalWebTestCase {
    $this->drupalGet('session-test/get');
    $this->assertText($value_1, t('Session correctly returned the stored data for an authenticated user.'), t('Session'));

-    // Attempt to write over val_1. If session_save_session(FALSE) is working.
+    // Attempt to write over val_1. If drupal_save_session(FALSE) is working.
    // properly, val_1 will still be set.
    $value_2 = $this->randomName();
    $this->drupalGet('session-test/no-set/' . $value_2);
    $this->assertText($value_2, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
    $this->drupalGet('session-test/get');
-    $this->assertText($value_1, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
+    $this->assertText($value_1, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));

    // Switch browser cookie to anonymous user, then back to user 1.
    $this->sessionReset();
@@ -85,7 +85,7 @@ class SessionTestCase extends DrupalWebTestCase {
    $this->drupalGet('session-test/no-set/' . $value_4);
    $this->assertText($value_4, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
    $this->drupalGet('session-test/get');
-    $this->assertText($value_3, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
+    $this->assertText($value_3, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));

    // Logout and get first user back in. Sessions shouldn't persist through
    // logout, so the data won't be on the page.
@@ -100,10 +100,10 @@ class SessionTestCase extends DrupalWebTestCase {
    $this->drupalLogin($user2);
    $this->session_count_authenticated = $this->session_count++;

-    // Perform sess_count tests here in order to use the session data already generated.
+    // Perform drupal_session_count tests here in order to use the session data already generated.
    // Test absolute count.
-    $anonymous = sess_count(0, TRUE);
-    $authenticated = sess_count(0, FALSE);
+    $anonymous = drupal_session_count(0, TRUE);
+    $authenticated = drupal_session_count(0, FALSE);
    $this->assertEqual($anonymous + $authenticated, $this->session_count, t('Correctly counted @count total sessions.', array('@count' => $this->session_count)), t('Session'));

    // Test anonymous count.
@@ -113,7 +113,7 @@ class SessionTestCase extends DrupalWebTestCase {
    $this->assertEqual($authenticated, $this->session_count_authenticated, t('Correctly counted @count authenticated sessions.', array('@count' => $authenticated)), t('Session'));

    // Should return 0 sessions from 1 second from now.
-    $this->assertEqual(sess_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));
+    $this->assertEqual(drupal_session_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));

  }


--- a/modules/simpletest/tests/session_test.module
+++ b/modules/simpletest/tests/session_test.module
@@ -49,7 +49,7 @@ function _session_test_set($value) {
 * anyway.
 */
 function _session_test_no_set($value) {
-  session_save_session(FALSE);
+  drupal_save_session(FALSE);
  _session_test_set($value);
  return t('session saving was disabled, and then %val was set', array('%val' => $value));
 }
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -277,14 +277,14 @@ function user_save($account, $edit = array(), $category = 'account') {

    // Delete a blocked user's sessions to kick them if they are online.
    if (isset($edit['status']) && $edit['status'] == 0) {
-      sess_destroy_uid($account->uid);
+      drupal_session_destroy_uid($account->uid);
    }

    // If the password changed, delete all open sessions and recreate
    // the current one.
    if (!empty($edit['pass'])) {
-      sess_destroy_uid($account->uid);
-      sess_regenerate();
+      drupal_session_destroy_uid($account->uid);
+      drupal_session_regenerate();
    }

    // Refresh user object.
@@ -792,7 +792,7 @@ function user_block($op = 'list', $delta = '', $edit = array()) {

          // Perform database queries to gather online user lists.  We use s.timestamp
          // rather than u.access because it is much faster.
-          $anonymous_count = sess_count($interval);
+          $anonymous_count = drupal_session_count($interval);
          $authenticated_users = db_query('SELECT DISTINCT u.uid, u.name, s.timestamp FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.timestamp >= %d AND s.uid > 0 ORDER BY s.timestamp DESC', $interval);
          $authenticated_count = 0;
          $max_users = variable_get('user_block_max_list_count', 10);
@@ -1344,7 +1344,7 @@ function user_authenticate_finalize(&$edit) {
  $user->login = $_SERVER['REQUEST_TIME'];
  db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);
  user_module_invoke('login', $edit, $user);
-  sess_regenerate();
+  drupal_session_regenerate();
 }

 /**
@@ -1555,7 +1555,7 @@ function _user_edit_submit($uid, &$edit) {
 */
 function user_delete($edit, $uid) {
  $account = user_load(array('uid' => $uid));
-  sess_destroy_uid($uid);
+  drupal_session_destroy_uid($uid);
  _user_mail_notify('status_deleted', $account);
  module_invoke_all('user', 'delete', $edit, $account);
  db_query('DELETE FROM {users} WHERE uid = %d', $uid);
@@ -2210,7 +2210,7 @@ function user_block_user_action(&$object, $context = array()) {
    $uid = $user->uid;
  }
  db_query("UPDATE {users} SET status = 0 WHERE uid = %d", $uid);
-  sess_destroy_uid($uid);
+  drupal_session_destroy_uid($uid);
  watchdog('action', 'Blocked user %name.', array('%name' => check_plain($user->name)));
 }