class DrupalSessionHandler implements SessionHandlerInterface { public function open($savePath, $sessionName) { return _drupal_session_open($savePath, $sessionName); } public function close() { return _drupal_session_close(); } public function read($sessionId) { return _drupal_session_read($sessionId); } public function write($sessionId, $data) { return _drupal_session_write($sessionId, $data); } public function destroy($sessionId) { return _drupal_session_destroy($sessionId); } public function gc($maxLifetime) { return _drupal_session_garbage_collection($maxLifetime); } } function drupal_session_initialize() { global $user, $is_https; $handler = new DrupalSessionHandler(); session_set_save_handler($handler, true); if (!empty($_COOKIE[session_name()]) || ($is_https && variable_get('https', FALSE) && !empty($_COOKIE[substr(session_name(), 1)]))) { drupal_session_start(); if (!empty($user->uid) || !empty($_SESSION)) { drupal_page_is_cacheable(FALSE); } } else { $GLOBALS['lazy_session'] = TRUE; $user = drupal_anonymous_user(); session_id(drupal_random_key()); if ($is_https && variable_get('https', FALSE)) { $insecure_session_name = substr(session_name(), 1); $session_id = drupal_random_key(); $_COOKIE[$insecure_session_name] = $session_id; } } date_default_timezone_set(drupal_get_user_timezone()); } // Include the session handling functions from session.txt function _drupal_session_open() { return TRUE; } function _drupal_session_close() { return TRUE; } function _drupal_session_read($sid) { global $user, $is_https; drupal_register_shutdown_function('session_write_close'); $insecure_session_name = substr(session_name(), 1); if (empty($sid) && (!isset($_COOKIE[session_name()]) && !isset($_COOKIE[$insecure_session_name]))) { $user = drupal_anonymous_user(); return ''; } if ($is_https) { $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => drupal_session_id($sid)))->fetchObject(); if (!$user && isset($_COOKIE[$insecure_session_name])) { $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array(':sid' => drupal_session_id($_COOKIE[$insecure_session_name])))->fetchObject(); } } else { $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => drupal_session_id($sid)))->fetchObject(); } if ($user && $user->uid > 0 && $user->status == 1) { $user->data = unserialize((string) $user->data); $user->roles = array(); $user->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user'; $user->roles += db_query("SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchAllKeyed(0, 1); } elseif ($user) { $account = drupal_anonymous_user(); $account->session = $user->session; $account->timestamp = $user->timestamp; $user = $account; } else { $user = drupal_anonymous_user(); $user->session = ''; } $last_read = &drupal_static('drupal_session_last_read'); $last_read = array('sid' => $sid, 'value' => $user->session); return $user->session; } function _drupal_session_write($sid, $value) { global $user, $is_https; try { if (!drupal_save_session()) { return TRUE; } $last_read = &drupal_static('drupal_session_last_read'); $is_changed = !isset($last_read) || $last_read['sid'] != $sid || $last_read['value'] !== $value; if ($is_changed || !isset($user->timestamp) || REQUEST_TIME - $user->timestamp > variable_get('session_write_interval', 180)) { $fields = array('uid' => $user->uid, 'cache' => isset($user->cache) ? $user->cache : 0, 'hostname' => ip_address(), 'session' => $value, 'timestamp' => REQUEST_TIME); $key = array('sid' => drupal_session_id($sid), 'ssid' => ''); if ($is_https) { $key['ssid'] = drupal_session_id($sid); if (variable_get('https', FALSE)) { $insecure_session_name = substr(session_name(), 1); if (isset($_COOKIE[$insecure_session_name])) { $key['sid'] = drupal_session_id($_COOKIE[$insecure_session_name]); } } } elseif (variable_get('https', FALSE)) { unset($key['ssid']); } db_merge('sessions')->key($key)->fields($fields)->execute(); } if ($user->uid && REQUEST_TIME - $user->access > variable_get('session_write_interval', 180)) { db_update('users')->fields(array('access' => REQUEST_TIME))->condition('uid', $user->uid)->execute(); } return TRUE; } catch (Exception $exception) { require_once DRUPAL_ROOT . '/includes/errors.inc'; if (error_displayable()) { print '
' . _drupal_render_exception_safe($exception) . '