- Patch #253702 by Damien Tournoud et al: further clean-up of the session handling code.

5 files changed, 42 insertions, 36 deletions

diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc
index 299f9059f..850ea2b0c 100644
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@@ -1031,7 +1031,7 @@ function _drupal_bootstrap($phase) {
 
     case DRUPAL_BOOTSTRAP_SESSION:
       require_once variable_get('session_inc', './includes/session.inc');
-      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', 'sess_destroy_sid', 'sess_gc');
+      session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy_sid', '_sess_gc');
       session_start();
       break;
 
diff --git a/includes/session.inc b/includes/session.inc
index 02ab07880..705fc18b0 100644
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -32,7 +32,7 @@
  *
  * @return
  *   This function will always return TRUE.
-*/    
+ */    
 function _sess_open() {
   return TRUE;
 }
@@ -48,7 +48,7 @@ function _sess_open() {
  *
  * @return
  *   This function will always return TRUE.
-*/    
+ */    
 function _sess_close() {
   return TRUE;
 }
@@ -68,7 +68,7 @@ function _sess_close() {
  * @return
  *   Either an array of the session data, or an empty string, if no data 
  *   was found or the user is anonymous.
-*/
+ */
 function _sess_read($key) {
   global $user;
 
@@ -127,7 +127,7 @@ function _sess_read($key) {
  *   Serialized array of the session data.
  * @return
  *   This function will always return TRUE.
-*/
+ */
 function _sess_write($key, $value) {
   global $user;
 
@@ -136,7 +136,7 @@ function _sess_write($key, $value) {
   // the session table. This reduces memory and server load, and gives more useful
   // statistics. We can't eliminate anonymous session table rows without breaking
   // the "Who's Online" block.
-  if (!session_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
+  if (!drupal_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) {
     return TRUE;
   }
 
@@ -170,7 +170,7 @@ function _sess_write($key, $value) {
 /**
  * Called when an anonymous user becomes authenticated or vice-versa.
  */
-function sess_regenerate() {
+function drupal_session_regenerate() {
   $old_session_id = session_id();
   session_regenerate_id();
   db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
@@ -189,19 +189,20 @@ function sess_regenerate() {
  * @return  int
  *   The number of users with sessions.
  */
-function sess_count($timestamp = 0, $anonymous = true) {
+function drupal_session_count($timestamp = 0, $anonymous = true) {
   $query = $anonymous ? ' AND uid = 0' : ' AND uid > 0';
   return db_result(db_query('SELECT COUNT(sid) AS count FROM {sessions} WHERE timestamp >= %d' . $query, $timestamp));
 }
 
 /**
- * Called by PHP session handling with the PHP session ID 
- * to end a user's session.
+ * Session handler assigned by session_set_save_handler().
+ * 
+ * Cleanup a specific session.
  *
  * @param  string $sid
  *   the session id
  */
-function sess_destroy_sid($sid) {
+function _sess_destroy_sid($sid) {
   db_query("DELETE FROM {sessions} WHERE sid = '%s'", $sid);
 }
 
@@ -211,11 +212,16 @@ function sess_destroy_sid($sid) {
  * @param  string $uid
  *   the user id
  */
-function sess_destroy_uid($uid) {
+function drupal_session_destroy_uid($uid) {
   db_query('DELETE FROM {sessions} WHERE uid = %d', $uid);
 }
 
-function sess_gc($lifetime) {
+/**
+ * Session handler assigned by session_set_save_handler().
+ * 
+ * Cleanup stalled sessions.
+ */
+function _sess_gc($lifetime) {
   // Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
   // value. For example, if you want user sessions to stay in your database
   // for three weeks before deleting them, you need to set gc_maxlifetime
@@ -240,7 +246,7 @@ function sess_gc($lifetime) {
  * @return
  *   FALSE if writing session data has been disabled. Otherwise, TRUE.
  */
-function session_save_session($status = NULL) {
+function drupal_save_session($status = NULL) {
   static $save_session = TRUE;
   if (isset($status)) {
     $save_session = $status;
diff --git a/modules/simpletest/tests/session.test b/modules/simpletest/tests/session.test
index 2e564e0bf..5e2533988 100644
--- a/modules/simpletest/tests/session.test
+++ b/modules/simpletest/tests/session.test
@@ -26,19 +26,19 @@ class SessionTestCase extends DrupalWebTestCase {
   }
 
   /**
-   * Tests for session_save_session().
+   * Tests for drupal_save_session().
    */
   function testSessionSaveSession() {
-    $this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
-    $this->assertFalse(session_save_session(FALSE), t('session_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
-    $this->assertFalse(session_save_session(), t('session_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
-    $this->assertTrue(session_save_session(TRUE), t('session_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
-    $this->assertTrue(session_save_session(), t('session_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
+    $this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when initially called with no arguments.'), t('Session'));
+    $this->assertFalse(drupal_save_session(FALSE), t('drupal_save_session() correctly returns FALSE when called with FALSE.'), t('Session'));
+    $this->assertFalse(drupal_save_session(), t('drupal_save_session() correctly returns FALSE when saving has been disabled.'), t('Session'));
+    $this->assertTrue(drupal_save_session(TRUE), t('drupal_save_session() correctly returns TRUE when called with TRUE.'), t('Session'));
+    $this->assertTrue(drupal_save_session(), t('drupal_save_session() correctly returns TRUE when saving has been enabled.'), t('Session'));
   }
 
   /**
    * Test data persistence via the session_test module callbacks. Also tests
-   * sess_count() since session data is already generated here.
+   * drupal_session_count() since session data is already generated here.
    */
   function testDataPersistence() {
     $user = $this->drupalCreateUser(array('access content'));
@@ -54,13 +54,13 @@ class SessionTestCase extends DrupalWebTestCase {
     $this->drupalGet('session-test/get');
     $this->assertText($value_1, t('Session correctly returned the stored data for an authenticated user.'), t('Session'));
 
-    // Attempt to write over val_1. If session_save_session(FALSE) is working.
+    // Attempt to write over val_1. If drupal_save_session(FALSE) is working.
     // properly, val_1 will still be set.
     $value_2 = $this->randomName();
     $this->drupalGet('session-test/no-set/' . $value_2);
     $this->assertText($value_2, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
     $this->drupalGet('session-test/get');
-    $this->assertText($value_1, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
+    $this->assertText($value_1, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));
 
     // Switch browser cookie to anonymous user, then back to user 1.
     $this->sessionReset();
@@ -85,7 +85,7 @@ class SessionTestCase extends DrupalWebTestCase {
     $this->drupalGet('session-test/no-set/' . $value_4);
     $this->assertText($value_4, t('The session value was correctly passed to session-test/no-set.'), t('Session'));
     $this->drupalGet('session-test/get');
-    $this->assertText($value_3, t('Session data is not saved for session_save_session(FALSE).'), t('Session'));
+    $this->assertText($value_3, t('Session data is not saved for drupal_save_session(FALSE).'), t('Session'));
 
     // Logout and get first user back in. Sessions shouldn't persist through
     // logout, so the data won't be on the page.
@@ -100,10 +100,10 @@ class SessionTestCase extends DrupalWebTestCase {
     $this->drupalLogin($user2);
     $this->session_count_authenticated = $this->session_count++;
 
-    // Perform sess_count tests here in order to use the session data already generated.
+    // Perform drupal_session_count tests here in order to use the session data already generated.
     // Test absolute count.
-    $anonymous = sess_count(0, TRUE);
-    $authenticated = sess_count(0, FALSE);
+    $anonymous = drupal_session_count(0, TRUE);
+    $authenticated = drupal_session_count(0, FALSE);
     $this->assertEqual($anonymous + $authenticated, $this->session_count, t('Correctly counted @count total sessions.', array('@count' => $this->session_count)), t('Session'));
 
     // Test anonymous count.
@@ -113,7 +113,7 @@ class SessionTestCase extends DrupalWebTestCase {
     $this->assertEqual($authenticated, $this->session_count_authenticated, t('Correctly counted @count authenticated sessions.', array('@count' => $authenticated)), t('Session'));
 
     // Should return 0 sessions from 1 second from now.
-    $this->assertEqual(sess_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));
+    $this->assertEqual(drupal_session_count(time() + 1), 0, t('Correctly returned 0 sessions newer than the current time.'), t('Session'));
 
   }
 
diff --git a/modules/simpletest/tests/session_test.module b/modules/simpletest/tests/session_test.module
index a2f32422b..42c47a08c 100644
--- a/modules/simpletest/tests/session_test.module
+++ b/modules/simpletest/tests/session_test.module
@@ -49,7 +49,7 @@ function _session_test_set($value) {
  * anyway.
  */
 function _session_test_no_set($value) {
-  session_save_session(FALSE);
+  drupal_save_session(FALSE);
   _session_test_set($value);
   return t('session saving was disabled, and then %val was set', array('%val' => $value));
 }
diff --git a/modules/user/user.module b/modules/user/user.module
index 50cd6695d..905dcc3bd 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -277,14 +277,14 @@ function user_save($account, $edit = array(), $category = 'account') {
 
     // Delete a blocked user's sessions to kick them if they are online.
     if (isset($edit['status']) && $edit['status'] == 0) {
-      sess_destroy_uid($account->uid);
+      drupal_session_destroy_uid($account->uid);
     }
 
     // If the password changed, delete all open sessions and recreate
     // the current one.
     if (!empty($edit['pass'])) {
-      sess_destroy_uid($account->uid);
-      sess_regenerate();
+      drupal_session_destroy_uid($account->uid);
+      drupal_session_regenerate();
     }
 
     // Refresh user object.
@@ -792,7 +792,7 @@ function user_block($op = 'list', $delta = '', $edit = array()) {
 
           // Perform database queries to gather online user lists.  We use s.timestamp
           // rather than u.access because it is much faster.
-          $anonymous_count = sess_count($interval);
+          $anonymous_count = drupal_session_count($interval);
           $authenticated_users = db_query('SELECT DISTINCT u.uid, u.name, s.timestamp FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.timestamp >= %d AND s.uid > 0 ORDER BY s.timestamp DESC', $interval);
           $authenticated_count = 0;
           $max_users = variable_get('user_block_max_list_count', 10);
@@ -1344,7 +1344,7 @@ function user_authenticate_finalize(&$edit) {
   $user->login = $_SERVER['REQUEST_TIME'];
   db_query("UPDATE {users} SET login = %d WHERE uid = %d", $user->login, $user->uid);
   user_module_invoke('login', $edit, $user);
-  sess_regenerate();
+  drupal_session_regenerate();
 }
 
 /**
@@ -1555,7 +1555,7 @@ function _user_edit_submit($uid, &$edit) {
  */
 function user_delete($edit, $uid) {
   $account = user_load(array('uid' => $uid));
-  sess_destroy_uid($uid);
+  drupal_session_destroy_uid($uid);
   _user_mail_notify('status_deleted', $account);
   module_invoke_all('user', 'delete', $edit, $account);
   db_query('DELETE FROM {users} WHERE uid = %d', $uid);
@@ -2210,7 +2210,7 @@ function user_block_user_action(&$object, $context = array()) {
     $uid = $user->uid;
   }
   db_query("UPDATE {users} SET status = 0 WHERE uid = %d", $uid);
-  sess_destroy_uid($uid);
+  drupal_session_destroy_uid($uid);
   watchdog('action', 'Blocked user %name.', array('%name' => check_plain($user->name)));
 }