Changeset 712 for trunk/Modules/User/User.php

Timestamp:

Jan 5, 2014, 4:28:51 PM (11 years ago)

Author:

chronos

Message:

• Modified: Logged user state remade to use memory table to avoid offten writes to storage. Memory table lose their content if mysql server is restarted. So UserTrace still keep user information but table is only updated on login or logout. Login timeout is managed by UserOnline table.
• Added: Ability to login permanently. Session will not timeout after short time. List of online users will be not affected as it use own timeout check.

File:

• trunk/Modules/User/User.php (modified) (9 diffs)

trunk/Modules/User/User.php

@@ -12 +12 @@
                 parent::__construct($System);
                 $this->Name = 'User';
-                $this->Version = '1.0';
+                $this->Version = '1.1';
                 $this->Creator = 'Chronos';
                 $this->License = 'GNU/GPL';
@@ -26 +26 @@
                 $this->System->RegisterPage('registrace.php', 'PageUserRegistration');
                 $this->System->RegisterPage('user.php', 'PageUserProfile');
+                $this->System->RegisterPage('login', 'PageUserLogin');
                 $this->System->RegisterMenuItem(array(
         'Title' => T('Translators'),
@@ -41 +42 @@
         {
                 $Output = T('Online translators').':<br />';
-                $DbResult = $this->System->Database->query('SELECT `Name`, `GM`, `User`.`ID` AS `ID` FROM `User` '.
-                                'LEFT JOIN `UserTrace` ON `UserTrace`.`User` = `User`.`Id` '.
-                                'WHERE (`LastLogin` >= NOW() - 300) AND ((`LastLogout` < `LastLogin`) OR (ISNULL(`LastLogout`)))');
+                $DbResult = $this->System->Database->query('SELECT `User`.`Name`, `User`.`ID` FROM `UserOnline` '.
+                                'LEFT JOIN `User` ON `User`.`ID` = `UserOnline`.`User` '.
+                                'WHERE (`ActivityTime` >= NOW() - 300) ');
                 while($DbUser = $DbResult->fetch_assoc())
                 {
@@ -51 +52 @@
                 return($Output);
         }       
+}
+
+class PageUserLogin extends Page
+{
+        function Show()
+        {
+                $Output = '<form action="'.$this->System->Link('/?action=login').'" method="post">'.
+                        '<fieldset><legend>'.T('Login').'</legend>                      
+                        <table>
+                        <tr>
+                        <td>'.T('Name').':</td><td><input type="text" name="LoginUser" size="13" /></td>
+                        </tr>
+                        <tr>
+                        <td>'.T('Password').':</td><td><input type="password" name="LoginPass" size="13" /></td>
+                        </tr>
+                        <tr>
+                        <td>'.T('Stay logged').':</td><td><input type="checkbox" name="StayLogged" /></td>
+                        </tr>
+                        <tr>
+                        <th><input type="submit" value="'.T('Do login').'" /></th>
+                        </tr>
+                        </table>
+                        </fieldset></form>';
+                        return($Output);
+        }
 }
 
@@ -68 +94 @@
   var $Language;
   var $System;
+  var $Database;
+  var $OnlineStateTimeout;
   
   function __construct($System)
   {
     $this->System = &$System;
-    if(isset($_SESSION)) $this->Restore();    
-      else $this->SetAnonymous();
+    $this->Database = &$System->Database;
+    $this->OnlineStateTimeout = 600; // in seconds
+    if(isset($_SESSION)) $this->Check();    
   }
   
   function __destroy()
   {
-    if(isset($_SESSION)) $this->Store();
-  }
-  
-  function Login($Name, $Password)
-  {
-    $DbResult = $this->System->Database->query('SELECT `ID` FROM `User` WHERE '.
+  }
+  
+  function Login($Name, $Password, $StayLogged = false)
+  {
+        $SID = session_id();
+    $DbResult = $this->Database->query('SELECT `ID` FROM `User` WHERE '.
       'LOWER(`Name`) = LOWER("'.$Name.'") AND `Pass` = '.$this->CryptPasswordSQL('"'.$Password.'"', '`Salt`'));
     if($DbResult->num_rows > 0)
     {
       $User = $DbResult->fetch_assoc();
-      $this->Id = $User['ID'];      
-      $this->Load();
-      $this->System->ModuleManager->Modules['Log']->WriteLog('Login: '.$Name, LOG_TYPE_USER);
-      $this->UpdateState();
-    } else $this->Role = LICENCE_ANONYMOUS;
+      $this->Id = $User['ID']; 
+      $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array('User' => $User['ID'], 'StayLogged' => $StayLogged));     
+      $this->Database->query('UPDATE `UserTrace` SET '.
+        '`LastLogin` = NOW(), '.
+        '`LastIP` = "'.$_SERVER['REMOTE_ADDR'].'", '.
+        '`UserAgent` = "'.$this->System->Database->real_escape_string($_SERVER['HTTP_USER_AGENT']).'" '.
+        ' WHERE `User` = '.$this->Id);
+      $this->System->ModuleManager->Modules['Log']->WriteLog('Login', LOG_TYPE_USER);
+      $this->Check();
+    };
   }
   
   function Logout()
   {
+        $SID = session_id();
     if($this->Role != LICENCE_ANONYMOUS)
-      $this->System->Database->query('UPDATE `UserTrace` SET '.
+    {
+      $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array('User' => null));
+      $this->Database->query('UPDATE `UserTrace` SET '.
         '`LastLogout` = NOW() WHERE `User` = '.$this->Id);
-    $this->SetAnonymous();
+      $this->System->ModuleManager->Modules['Log']->WriteLog('Logout: '.$this->Name, LOG_TYPE_USER);
+      $this->Check();
+    }
   }
   
   function Load()
   {
-    $DbResult = $this->System->Database->query('SELECT * FROM `User` WHERE `ID` = '.$this->Id);
+    $DbResult = $this->Database->query('SELECT * FROM `User` WHERE `ID` = '.$this->Id);
     if($DbResult->num_rows > 0)
     {
@@ -122 +161 @@
   }
   
-  function Restore()
-  {
-    if(array_key_exists('UserId', $_SESSION))
-    {
-      $this->Id = $_SESSION['UserId'];
-      if($this->Id != 0)
-      {
-        $this->Load();
-        $this->UpdateState();
-      } else $this->SetAnonymous();
-    } else $this->SetAnonymous();
-  }
-  
-  function Store()
-  {
-    $_SESSION['UserId'] = $this->Id;
-  }
-  
   function SetAnonymous()
   {
@@ -159 +180 @@
   function CheckToken($Licence, $Token)
   {
-    $DbResult = $this->System->Database->select('APIToken', 'User', '`Token`="'.$Token.'"');
+    $DbResult = $this->Database->select('APIToken', 'User', '`Token`="'.$Token.'"');
     if($DbResult->num_rows > 0)
     {
       $DbRow = $DbResult->fetch_assoc();
-      $DbResult2 = $this->System->Database->select('User', 'GM', '`ID`="'.$DbRow['User'].'"');
+      $DbResult2 = $this->Database->select('User', 'GM', '`ID`="'.$DbRow['User'].'"');
       $DbRow2 = $DbResult2->fetch_assoc();
       return($DbRow2['GM'] >= $Licence);
@@ -179 +200 @@
   } 
   
-  function UpdateState()
-  {
-    if(array_key_exists('REMOTE_ADDR', $_SERVER) and ($this->Role != LICENCE_ANONYMOUS)) 
-      $this->System->Database->query('UPDATE `UserTrace` SET '.
-        '`LastIP` = "'.$_SERVER['REMOTE_ADDR'].'", '.
-        '`LastLogin` = NOW(), '.
-        '`UserAgent` = "'.$this->System->Database->real_escape_string($_SERVER['HTTP_USER_AGENT']).'" '.
-        'WHERE `User` = '.$this->Id);
+  function Check()
+  {
+    $SID = session_id();
+    // Lookup user record
+    $Query = $this->Database->select('UserOnline', '*', 'SessionId="'.$SID.'"');
+    if($Query->num_rows > 0)
+    {
+      // Refresh time of last access
+      $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array('ActivityTime' => 'NOW()'));
+    } else $this->Database->insert('UserOnline', array('SessionId' => $SID, 
+      'User' => null, 'LoginTime' => 'NOW()', 'ActivityTime' => 'NOW()', 
+      'IpAddress' => GetRemoteAddress(), 'HostName' => gethostbyaddr(GetRemoteAddress()), 
+      'ScriptName' => $_SERVER['PHP_SELF']));
+      
+    // Check login
+    $Query = $this->Database->select('UserOnline', '*', '`SessionId`="'.$SID.'"');
+    $Row = $Query->fetch_assoc();
+    if($Row['User'] != '') 
+    {
+        $this->Id = $Row['User'];
+      $this->Load();
+    } else 
+    {
+      $this->SetAnonymous();
+    }
+    
+    // Remove nonactive users
+    $DbResult = $this->Database->select('UserOnline', '`Id`, `User`', '(`ActivityTime` < DATE_SUB(NOW(), INTERVAL '.$this->OnlineStateTimeout.' SECOND)) AND (`StayLogged` = 0)');
+    while($DbRow = $DbResult->fetch_array())
+    {
+      $this->Database->delete('UserOnline', 'Id='.$DbRow['Id']);
+    }
   }
   
@@ -192 +237 @@
   {
     $Salt = $this->GetPasswordSalt();
-    $this->System->Database->query('INSERT INTO `User` '.
+    $this->Database->query('INSERT INTO `User` '.
       '(`Name` , `Pass` , `Salt`, `Email` , `Language` , `Team` , `NeedUpdate`, `RegistrationTime`, `PreferredVersion` ) '.
       'VALUES ("'.$UserName.'", '.$this->CryptPasswordSQL('"'.$Password.'"', '"'.$Salt.'"').
       ', "'.$Salt.'", "'.$Email.'", '.$Language.', '.$Team.', 1, NOW(), '.$PreferredVersion.')');
-    $UserId = $this->System->Database->insert_id;
-    $this->System->Database->query('INSERT INTO `UserTrace` (`User`, `LastIP`, `UserAgent`) '.
+    $UserId = $this->Database->insert_id;
+    $this->Database->query('INSERT INTO `UserTrace` (`User`, `LastIP`, `UserAgent`) '.
         'VALUES ('.$UserId.', "'.$_SERVER['REMOTE_ADDR'].'", '.
-        '"'.$this->System->Database->real_escape_string($_SERVER['HTTP_USER_AGENT']).'")');
+        '"'.$this->Database->real_escape_string($_SERVER['HTTP_USER_AGENT']).'")');
   }
 }