| 1 |
|
<?php |
| 2 |
|
// $Id: sessions_extra.inc,v 1.2 2008/05/05 13:38:20 wayland76 Exp $ |
| 3 |
|
|
| 4 |
|
/** |
| 5 |
|
* @file |
| 6 |
|
* This file contains extra functions that do things with sessions that are |
| 7 |
|
* not in core, but are required for the Shared Sign-on (singlesignon) module |
| 8 |
|
* |
| 9 |
|
* @link http://drupal.org/project/singlesignon |
| 10 |
|
* @author Primary Author: Daniel Convissor <danielc@analysisandsolutions.com> |
| 11 |
|
* @author Maintainer: Tim Nelson <wayland@wayland.id.au> |
| 12 |
|
* @version $Revision: 1.2 $ |
| 13 |
|
*/ |
| 14 |
|
|
| 15 |
|
/** |
| 16 |
|
* When a user is logging out, we assume that they want to completely log out |
| 17 |
|
* of all our sites; the only way to do this (until session tracks on a |
| 18 |
|
* per-domain basis or session merging works) is to delete all sessions |
| 19 |
|
* (except of course the current one, which is needed for Drupal's regular |
| 20 |
|
* logout process which takes place after this). |
| 21 |
|
*/ |
| 22 |
|
function _singlesignon_session_logout($uid) { |
| 23 |
|
db_query("DELETE FROM {sessions} WHERE uid = %d AND sid <> '%s'", $uid, session_id()); |
| 24 |
|
} |
| 25 |
|
|
| 26 |
|
/** |
| 27 |
|
* On the assumption that the user is already logged in to the master server, |
| 28 |
|
* update the slave session's user ID to be the user ID they have on the |
| 29 |
|
* master server |
| 30 |
|
*/ |
| 31 |
|
function _singlesignon_session_update_user() { |
| 32 |
|
// The line below doesn't work in Postgres: http://drupal.org/node/254752 -- the guy in that bug recommended the change |
| 33 |
|
// db_query("UPDATE {sessions} AS sess_slave LEFT JOIN {sessions} AS sess_master ON (sess_master.sid = '%s' AND sess_slave.sid = '%s') SET sess_slave.uid = sess_master.uid WHERE sess_slave.sid = '%s'", session_id(), $_GET['slave_session'], $_GET['slave_session']); |
| 34 |
|
$result = db_query("SELECT uid FROM {sessions} WHERE sid = '%s'", session_id()); |
| 35 |
|
if ($master_uid = db_result($result)) { |
| 36 |
|
db_query("UPDATE {sessions} SET uid = %d WHERE sid = '%s'", $master_uid, $_GET['slave_session']); |
| 37 |
|
} |
| 38 |
|
} |
| 39 |
|
|
| 40 |
|
/** |
| 41 |
|
* Update all sessions' user IDs to the current one. |
| 42 |
|
*/ |
| 43 |
|
function _singlesignon_session_update_all_uids($uid) { |
| 44 |
|
$in = substr(str_repeat("'%s',", count($_SESSION['singlesignon_slave_sessions'])), 0, -1); |
| 45 |
|
$sql = "UPDATE {sessions} SET uid = %d WHERE sid IN ($in)"; // I know the coder module complains about this, but it appears to be necessary in this case |
| 46 |
|
$args = array_merge(array($sql), array($uid), $_SESSION['singlesignon_slave_sessions']); |
| 47 |
|
call_user_func_array('db_query', $args); |
| 48 |
|
} |
| 49 |
|
|
| 50 |
|
/** |
| 51 |
|
* User is coming to the master site to say they just logged on to a slave. |
| 52 |
|
* Set master site's user ID to be their one from the slave. |
| 53 |
|
*/ |
| 54 |
|
function _singlesignon_session_login(&$user) { |
| 55 |
|
$result = db_query("SELECT uid FROM {sessions} WHERE sid = '%s'", $_GET['slave_session']); |
| 56 |
|
$row = db_fetch_array($result); |
| 57 |
|
$user->uid = $row['uid']; |
| 58 |
|
|
| 59 |
|
// Update all sessions' user IDs to the current one. |
| 60 |
|
_singlesignon_session_update_all_uids($user->uid); |
| 61 |
|
} |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch