forked from Wavyzz/dolibarr
List db sessions (#33410)
* list sessions in db * list sessions in db * list sessions in db * list sessions in db * list sessions in db * list sessions in db * list sessions in db * fix * fix * fix * fix * fix * fix * fix * clean sessions * clean sessions * fix
This commit is contained in:
Frédéric FRANCE
@@ -2,7 +2,7 @@
|
||||
/* Copyright (C) 2004-2012 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
|
||||
* Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
|
||||
* Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
|
||||
* Copyright (C) 2024-2025 Frédéric France <frederic.france@free.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@@ -174,7 +174,7 @@ if ($savehandler == 'files') {
|
||||
// Date modification
|
||||
print '<td class="nowrap left">'.dol_print_date($sessionentry['modification'], '%Y-%m-%d %H:%M:%S').'</td>';
|
||||
|
||||
// Age
|
||||
// Age in seconds
|
||||
print '<td>'.$sessionentry['age'].'</td>';
|
||||
|
||||
// Raw
|
||||
@@ -185,7 +185,57 @@ if ($savehandler == 'files') {
|
||||
print "</tr>\n";
|
||||
$i++;
|
||||
}
|
||||
if (count($listofsessions) == 0) {
|
||||
print '<tr class="oddeven"><td colspan="7">'.$langs->trans("NoSessionFound", $savepath, $openbasedir).'</td></tr>';
|
||||
}
|
||||
print "</table>";
|
||||
} elseif ($savehandler == 'user') {
|
||||
print '<table class="liste centpercent">';
|
||||
print '<tr class="liste_titre">';
|
||||
print_liste_field_titre("Login", $_SERVER["PHP_SELF"], "login", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("SessionId", $_SERVER["PHP_SELF"], "id", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("DateCreation", $_SERVER["PHP_SELF"], "datec", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("DateModification", $_SERVER["PHP_SELF"], "datem", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("Age", $_SERVER["PHP_SELF"], "age", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("IPAddress", $_SERVER["PHP_SELF"], "raw", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre("UserAgent", $_SERVER["PHP_SELF"], "raw", "", "", 'align="left"', $sortfield, $sortorder);
|
||||
print_liste_field_titre('');
|
||||
print "</tr>\n";
|
||||
|
||||
$i = 0;
|
||||
foreach ($listofsessions as $key => $sessionentry) {
|
||||
print '<tr class="oddeven">';
|
||||
|
||||
// Login
|
||||
print '<td>'.$sessionentry['login'].'</td>';
|
||||
|
||||
// ID
|
||||
print '<td class="nowrap left">';
|
||||
if ("$key" == session_id()) {
|
||||
print $form->textwithpicto($key, $langs->trans("YourSession"));
|
||||
} else {
|
||||
print $key;
|
||||
}
|
||||
print '</td>';
|
||||
|
||||
// Date creation
|
||||
print '<td class="nowrap left">'.dol_print_date($sessionentry['creation'], '%Y-%m-%d %H:%M:%S').'</td>';
|
||||
|
||||
// Date modification
|
||||
print '<td class="nowrap left">'.dol_print_date($sessionentry['modification'], '%Y-%m-%d %H:%M:%S').'</td>';
|
||||
|
||||
// Age in seconds
|
||||
print '<td>'.$sessionentry['age'].'</td>';
|
||||
|
||||
// Remote IP
|
||||
print '<td>'.$sessionentry['remote_ip'].'</td>';
|
||||
|
||||
// User Agent
|
||||
print '<td class="nowrap left">'.$sessionentry['user_agent'].'</td>';
|
||||
print '<td> </td>';
|
||||
print "</tr>\n";
|
||||
$i++;
|
||||
}
|
||||
if (count($listofsessions) == 0) {
|
||||
print '<tr class="oddeven"><td colspan="7">'.$langs->trans("NoSessionFound", $savepath, $openbasedir).'</td></tr>';
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
* Copyright (C) 2015 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
|
||||
* Copyright (C) 2023 Eric Seigne <eric.seigne@cap-rel.fr>
|
||||
* Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
|
||||
* Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
|
||||
* Copyright (C) 2024-2025 Frédéric France <frederic.france@free.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@@ -1056,13 +1056,18 @@ function defaultvalues_prepare_head()
|
||||
/**
|
||||
* Return list of session
|
||||
*
|
||||
* @return array<string,array{login:string,age:int,creation:int,modification:int,raw:string}> Array list of sessions
|
||||
* @return array<string,array{login:string,age:int,creation:null|int|false,modification:int|false,raw:string,remote_ip:?string,user_agent:?string}> Array list of sessions
|
||||
*/
|
||||
function listOfSessions()
|
||||
{
|
||||
global $conf;
|
||||
global $conf, $php_session_save_handler;
|
||||
|
||||
$arrayofSessions = array();
|
||||
// Set the handler of session
|
||||
if (!empty($php_session_save_handler) && $php_session_save_handler == 'db') {
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/phpsessionin'.$php_session_save_handler.'.lib.php';
|
||||
return dolListSessions();
|
||||
}
|
||||
// session.save_path can be returned empty so we set a default location and work from there
|
||||
$sessPath = '/tmp';
|
||||
$iniPath = ini_get("session.save_path");
|
||||
@@ -1090,13 +1095,16 @@ function listOfSessions()
|
||||
$tmp = explode('_', $file);
|
||||
$idsess = $tmp[1];
|
||||
$regs = array();
|
||||
$arrayofSessions[$idsess]["login"] = '';
|
||||
$loginfound = preg_match('/dol_login\|s:[0-9]+:"([A-Za-z0-9]+)"/i', $sessValues, $regs);
|
||||
if ($loginfound) {
|
||||
$arrayofSessions[$idsess]["login"] = $regs[1];
|
||||
$arrayofSessions[$idsess]["login"] = (string) $regs[1];
|
||||
}
|
||||
$arrayofSessions[$idsess]["age"] = time() - filectime($fullpath);
|
||||
$arrayofSessions[$idsess]["creation"] = filectime($fullpath);
|
||||
$arrayofSessions[$idsess]["modification"] = filemtime($fullpath);
|
||||
$arrayofSessions[$idsess]["user_agent"] = null;
|
||||
$arrayofSessions[$idsess]["remote_ip"] = null;
|
||||
$arrayofSessions[$idsess]["raw"] = $sessValues;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -131,10 +131,18 @@ function dolSessionWrite($sess_id, $val)
|
||||
$time_stamp = dol_now();
|
||||
|
||||
if (empty($sessionidfound)) {
|
||||
if ((int) ini_get('session.gc_probability') == 0) {
|
||||
// dolSessionGC will be never called
|
||||
$max_lifetime = max(getDolGlobalInt('MAIN_SESSION_TIMEOUT'), (int) ini_get('session.gc_maxlifetime'));
|
||||
$delete_query = "DELETE FROM ".MAIN_DB_PREFIX."session";
|
||||
$delete_query .= " WHERE last_accessed < '".$dbsession->idate($time_stamp - $max_lifetime)."'";
|
||||
$dbsession->query($delete_query);
|
||||
}
|
||||
|
||||
// No session found, insert a new one
|
||||
$insert_query = "INSERT INTO ".MAIN_DB_PREFIX."session";
|
||||
$insert_query .= "(session_id, session_variable, last_accessed, fk_user, remote_ip, user_agent)";
|
||||
$insert_query .= " VALUES ('".$dbsession->escape($sess_id)."', '".$dbsession->escape($val)."', '".$dbsession->idate($time_stamp)."', 0, '".$dbsession->escape(getUserRemoteIP())."', '".$dbsession->escape(substr($_SERVER['HTTP_USER_AGENT'], 0, 255))."')";
|
||||
$insert_query .= "(session_id, session_variable, date_creation, last_accessed, fk_user, remote_ip, user_agent)";
|
||||
$insert_query .= " VALUES ('".$dbsession->escape($sess_id)."', '".$dbsession->escape($val)."', '".$dbsession->idate($time_stamp)."', '".$dbsession->idate($time_stamp)."', 0, '".$dbsession->escape(getUserRemoteIP())."', '".$dbsession->escape(substr($_SERVER['HTTP_USER_AGENT'], 0, 255))."')";
|
||||
|
||||
$result = $dbsession->query($insert_query);
|
||||
if (!$result) {
|
||||
@@ -247,3 +255,34 @@ function dolSessionGC($max_lifetime)
|
||||
|
||||
// Call to register user call back functions.
|
||||
session_set_save_handler("dolSessionOpen", "dolSessionClose", "dolSessionRead", "dolSessionWrite", "dolSessionDestroy", "dolSessionGC"); // @phpstan-ignore-line
|
||||
|
||||
/**
|
||||
* List sessions in db
|
||||
*
|
||||
* @return array<mixed,array{login:string,age:int,creation:int|false,modification:int,raw:string,remote_ip:string,user_agent:string}>
|
||||
*/
|
||||
function dolListSessions()
|
||||
{
|
||||
global $dbsession;
|
||||
|
||||
$arrayofsessions = [];
|
||||
$sql = "SELECT s.session_id, s.session_variable, s.fk_user, s.date_creation, s.last_accessed, s.remote_ip, s.user_agent";
|
||||
$sql .= ", u.login";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."session as s";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=s.fk_user";
|
||||
$sql .= " LIMIT 500";
|
||||
$resql = $dbsession->query($sql);
|
||||
while ($resql && $obj = $dbsession->fetch_object($resql)) {
|
||||
$arrayofsessions[$obj->session_id] = [
|
||||
"login" => (string) $obj->login,
|
||||
"age" => dol_now() - (int) $dbsession->jdate($obj->date_creation),
|
||||
"creation" => $dbsession->idate($obj->date_creation),
|
||||
"modification" => $dbsession->idate($obj->last_accessed),
|
||||
"remote_ip" => $obj->remote_ip,
|
||||
"user_agent" => $obj->user_agent,
|
||||
"raw" => "",
|
||||
];
|
||||
}
|
||||
|
||||
return $arrayofsessions;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user