From e2afc886d5e7fe1d55a467c9bc46fe40c1a2bbf6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 01:35:34 +0200 Subject: Session cookie driver changes - Changed docs CREATE TABLE ci_sessions example to have the PRIMARY KEY of session_id, ip_address and user_agent combined. - Changed DB updates to add WHERE clauses for the ip_address and/or user_agent strings if sess_match_ip and/or sess_match_useragent are set to TRUE. --- .../libraries/Session/drivers/Session_cookie.php | 36 +++++++++++++++++++--- user_guide_src/source/libraries/sessions.rst | 2 +- 2 files changed, 32 insertions(+), 6 deletions(-) diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 2f1bf3531..8f527ace7 100755 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -540,11 +540,25 @@ class CI_Session_cookie extends CI_Session_driver { // Check for database if ($this->sess_use_database === TRUE) { + $this->CI->db->where('session_id', $old_sessid); + + if ($this->sess_match_ip === TRUE) + { + $this->CI->db->where('ip_address', $this->CI->input->ip_address()); + } + + if ($this->sess_match_useragent === TRUE) + { + $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); + } + // Update the session ID and last_activity field in the DB - $this->CI->db->update($this->sess_table_name, array( - 'last_activity' => $this->now, - 'session_id' => $this->userdata['session_id'] - ), array('session_id' => $old_sessid)); + $this->CI->db->update($this->sess_table_name, + array( + 'last_activity' => $this->now, + 'session_id' => $this->userdata['session_id'] + ) + ); } // Write the cookie @@ -590,7 +604,19 @@ class CI_Session_cookie extends CI_Session_driver { // Run the update query // Any time we change the session id, it gets updated immediately, // so our where clause below is always safe - $this->CI->db->update($this->sess_table_name, $set, array('session_id' => $this->userdata['session_id'])); + $this->CI->db->where('session_id', $this->userdata['session_id']); + + if ($this->sess_match_ip === TRUE) + { + $this->CI->db->where('ip_address', $this->CI->input->ip_address()); + } + + if ($this->sess_match_useragent === TRUE) + { + $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); + } + + $this->CI->db->update($this->sess_table_name, $set); // Clear dirty flag to prevent double updates $this->data_dirty = FALSE; diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index dd9e8cbb4..ee7fb0b1c 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -388,7 +388,7 @@ session class:: user_agent varchar(120) NOT NULL, last_activity int(10) unsigned DEFAULT 0 NOT NULL, user_data text NOT NULL, - PRIMARY KEY (session_id), + PRIMARY KEY (session_id, ip_address, user_agent), KEY `last_activity_idx` (`last_activity`) ); -- cgit v1.2.3-24-g4f1b