Index: includes/session.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/session.inc,v retrieving revision 1.27 diff -u -F^f -r1.27 session.inc --- includes/session.inc 11 Apr 2006 11:33:14 -0000 1.27 +++ includes/session.inc 6 Sep 2006 10:18:56 -0000 @@ -74,8 +74,43 @@ function sess_write($key, $value) { return TRUE; } -function sess_destroy($key) { - db_query("DELETE FROM {sessions} WHERE sid = '%s'", $key); +/** + * Called when an anonymous user becomes authenticated or vice-versa. + */ +function sess_regenerate() { + $old_session_id = session_id(); + session_regenerate_id(); + db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id); +} + +/** + * Counts how many users have sessions. Can count either anonymous sessions, authenticated sessions, or both. + * + * @param int $timestamp + * A Unix timestamp representing a point of time in the past. + * The default is 0, which counts all existing sessions. + * @param int $anonymous + * TRUE counts only anonymous users. + * FALSE counts only authenticated users. + * Any other value will return the count of both authenticated and anonymous users. + * @return int + * The number of users with sessions. + */ +function sess_count($timestamp = 0, $anonymous = true) { + $query = $anonymous ? ' AND uid = 0' : ' AND uid > 0'; + return db_result(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d'. $query, $timestamp)); +} + +/** + * Called by PHP session handling with the PHP session ID to end a user's session. + * Can also be called directly, either with the PHP session ID or another identifier + * such as uid to end a specific user's session. + * + * @param string $uid + * the user id + */ +function sess_destroy($uid) { + db_query('DELETE FROM {sessions} WHERE uid = %d', $uid); } function sess_gc($lifetime) { Index: modules/user.module =================================================================== RCS file: /cvs/drupal/drupal/modules/Attic/user.module,v retrieving revision 1.612.2.17 diff -u -F^f -r1.612.2.17 user.module --- modules/user.module 3 Aug 2006 13:53:15 -0000 1.612.2.17 +++ modules/user.module 6 Sep 2006 10:18:57 -0000 @@ -148,7 +148,7 @@ function user_save($account, $array = ar // Delete a blocked user's sessions to kick them if they are online. if (isset($array['status']) && $array['status'] == 0) { - db_query('DELETE FROM {sessions} WHERE uid = %d', $account->uid); + sess_destroy($account->uid); } // Refresh user object @@ -603,27 +603,28 @@ function user_block($op = 'list', $delta case 3: if (user_access('access content')) { // Count users with activity in the past defined period. - $time_period = variable_get('user_block_seconds_online', 900); + $time_period = time() - variable_get('user_block_seconds_online', 900); // Perform database queries to gather online user lists. - $guests = db_fetch_object(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d AND uid = 0', time() - $time_period)); - $users = db_query('SELECT uid, name, access FROM {users} WHERE access >= %d AND uid != 0 ORDER BY access DESC', time() - $time_period); - $total_users = db_num_rows($users); + $anonymous_count = sess_count($time_period); + $authenticated_count = sess_count($time_period, false); + $authenticated_users = db_query('SELECT uid, name, access FROM {users} WHERE access >= %d AND uid != 0 ORDER BY access DESC', time() - $time_period); + // Format the output with proper grammar. - if ($total_users == 1 && $guests->count == 1) { - $output = t('There is currently %members and %visitors online.', array('%members' => format_plural($total_users, '1 user', '%count users'), '%visitors' => format_plural($guests->count, '1 guest', '%count guests'))); + if ($anonymous_count == 1 && $authenticated_count == 1) { + $output = t('There is currently %members and %visitors online.', array('%members' => format_plural($authenticated_count, '1 user', '%count users'), '%visitors' => format_plural($anonymous_count, '1 guest', '%count guests'))); } else { - $output = t('There are currently %members and %visitors online.', array('%members' => format_plural($total_users, '1 user', '%count users'), '%visitors' => format_plural($guests->count, '1 guest', '%count guests'))); + $output = t('There are currently %members and %visitors online.', array('%members' => format_plural($authenticated_count, '1 user', '%count users'), '%visitors' => format_plural($anonymous_count, '1 guest', '%count guests'))); } // Display a list of currently online users. $max_users = variable_get('user_block_max_list_count', 10); - if ($total_users && $max_users) { + if ($authenticated_count && $max_users) { $items = array(); - while ($max_users-- && $account = db_fetch_object($users)) { + while ($max_users-- && $account = db_fetch_object($authenticated_users)) { $items[] = $account; } @@ -961,10 +962,7 @@ function user_login_submit($form_id, $fo user_module_invoke('login', $form_values, $user); - $old_session_id = session_id(); - session_regenerate_id(); - db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id); - + sess_regenerate(); } } @@ -1024,7 +1022,7 @@ function user_logout() { watchdog('user', t('Session closed for %name.', array('%name' => theme('placeholder', $user->name)))); // Destroy the current session: - session_destroy(); + sess_destroy($user->uid); module_invoke_all('user', 'logout', NULL, $user); // We have to use $GLOBALS to unset a global variable: @@ -1408,8 +1406,8 @@ function user_edit($category = 'account' if (arg(2) == 'delete') { if ($edit['confirm']) { + sess_destroy($account->uid); db_query('DELETE FROM {users} WHERE uid = %d', $account->uid); - db_query('DELETE FROM {sessions} WHERE uid = %d', $account->uid); db_query('DELETE FROM {users_roles} WHERE uid = %d', $account->uid); db_query('DELETE FROM {authmap} WHERE uid = %d', $account->uid); watchdog('user', t('Deleted user: %name %email.', array('%name' => theme('placeholder', $account->name), '%email' => theme('placeholder', '<'. $account->mail .'>'))), WATCHDOG_NOTICE); Index: modules/throttle.module =================================================================== RCS file: /cvs/drupal/drupal/modules/Attic/throttle.module,v retrieving revision 1.59 diff -u -F^f -r1.59 throttle.module --- modules/throttle.module 21 Feb 2006 18:46:54 -0000 1.59 +++ modules/throttle.module 6 Sep 2006 10:18:57 -0000 @@ -45,13 +45,13 @@ function throttle_exit() { $throttle = module_invoke('throttle', 'status'); if ($max_guests = variable_get('throttle_anonymous', 0)) { - $guests = db_result(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d AND uid = 0', time() - $time_period)); + $guests = sess_count(time() - $time_period, TRUE); } else { $guests = 0; } if ($max_users = variable_get('throttle_user', 0)) { - $users = db_result(db_query('SELECT COUNT(DISTINCT(uid)) AS count FROM {sessions} WHERE timestamp >= %d AND uid != 0', time() - $time_period)); + $users = sess_count(time() - $time_period, FALSE); } else { $users = 0;