Mail Index

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ApacheGallery] Sessions (this time only the diff)

To: agusers@xxxxxxxxxxxxxxxx
Subject: [ApacheGallery] Sessions (this time only the diff)
From: Torsten Mueller <torsten@xxxxxxxxxxxx>
Date: Fri, 16 Sep 2005 01:52:45 +0200
Sender: agusers-admin@xxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.7.11) Gecko/20050728

Hello,

i did some work on Apache::Gallery and added sessionhandling.

Intention: I want the possibilty for visitors to collect
different pictures into a basket. (Later they can order a hardcopy
of the pictures or download the selected files as zip).
First step i thought was to create a unique sessionID to
difference between visitors.

There i added 2 new options:

GallerySessionDir
  Directory for session files
  The directory should be writable by the webserver. Every user gets
  a unique sessionid and a sessionfile will be created in this directory.
  The sessionid contains the time,a unique key and the browser/user agent
  of the visitor.
  The use of sessions makes sense, if you intend to let visitors
  choose different pictures into a basket.
  Example:
  PerlSetVar      GallerySessionDir  '/www/gallery/sessions/'

GallerySessionTimeout
  Lifetime of a session
  This setting affects the lifetime of a sessionfile.
  Set this to a number of seconds (not too short), i.e.
  86400 for one day.
  This setting is only effective, if you have set GallerySessionDir
  Old sessionfiles will deleted, if their lifetime is exceeded.
  Examples:
  Lifetime of 6 hours (6 * 3600):
  PerlSetVar      GallerySessionTimeout '21600'

Cons:
- You have a new directory containing session files.
- You have to adjust the template files

I coded "against"
http://svn.apachegallery.dk/snapshots/Apache-Gallery-r303.tar.gz

I attached the diff and a complete
snapshot of Apache::Gallery including my changes.
(This time only the diff, are binary mails stripped out ?)

An example installation at http://bilder.archesoft.de/

Comments and code reviews are like everytime welcome.

Greetings Torsten

diff -r Apache-Gallery-1.0RC2/Changes Apache-Gallery-1.0RC2-tm/Changes
5a6,9
> X.X Thu Sep 15 23:14:12 CEST 2005
> 
> 	- Added sessionhandling and creation of sessionfiles (Torsten Mueller)
> 
diff -r Apache-Gallery-1.0RC2/README Apache-Gallery-1.0RC2-tm/README
147a148,175
>     GallerySessionDir
> 	Directory for session files
> 	
> 	The directory should be writable by the webserver. Every user gets
> 	a unique sessionid and a sessionfile will be created in this directory.
> 	The sessionid contains the time,a unique key and the browser/user agent
> 	of the visitor.
> 	The use of sessions makes sense, if you intend to let visitors
> 	choose different pictures into a basket.
> 	
> 	Example:
> 	
> 	PerlSetVar      GallerySessionDir  '/www/gallery/sessions/'
> 	
>     GallerySessionTimeout
> 	Lifetime of a session
> 	
> 	This setting affects the lifetime of a sessionfile.
> 	Set this to a number of seconds (not too short), i.e.
> 	86400 for one day.
> 	This setting is only effective, if you have set GallerySessionDir
> 	Old sessionfiles will deleted, if their lifetime is exceeded.
> 	
> 	Examples:
> 	
> 	Lifetime of 6 hours (6 * 3600):
> 	PerlSetVar      GallerySessionTimeout '21600'
> 
284a313,315
>     Crypt::RandPasswd
>     MIME::Base64
>     Digest::MD5
diff -r Apache-Gallery-1.0RC2/UPGRADE Apache-Gallery-1.0RC2-tm/UPGRADE
12a13,16
> To use the sessionhandling update navpicture.tpl, directory.tpl
> file.tpl, refresh.tpl, scale.tpl, slideshowoff.tpl, interval.tpl,
> picture.tpl, showpicture.tpl
> 
diff -r Apache-Gallery-1.0RC2/lib/Apache/Gallery.pm Apache-Gallery-1.0RC2-tm/lib/Apache/Gallery.pm
51c51
< use CGI;
---
> use CGI qw/:all/;
54a55,57
> use Crypt::RandPasswd;
> use MIME::Base64;
> use Digest::MD5 qw(md5 md5_hex md5_base64);
92a96,98
> 	
> 	# Session management
> 	my($sid,$sidisnew) = &checksession($r,$cgi->param('sid'));
203a210,214
> 		
> 		if ($sidisnew eq "yes") {
> 		    $tpl_vars{META} = '<meta http-equiv="refresh" content="0; url=' . uri_escape($r->uri, $escape_rule) . 
> 		    "?sid=$sid\" />";
> 		}
210c221
< 		$tpl_vars{MENU} = generate_menu($r);
---
> 		$tpl_vars{MENU} = generate_menu($r,$sid);
212a224
> 		$tpl_vars{FORM_BEGIN} .= '<input type="hidden" name="sid" value="' . $sid . '">';
294c306
< 						$browse_links .= "<a href=\"?start=$from\">$from - ".$to."</a> ";
---
> 						$browse_links .= "<a href=\"?start=$from&sid=$sid\">$from - ".$to."</a> ";
336a349
> 										    SESSIONID => $sid,
364a378
> 										SESSIONID => $sid,
382a397
> 							 SESSIONID => $sid,
528c543
< 		$tpl_vars{MENU} = generate_menu($r);
---
> 		$tpl_vars{MENU} = generate_menu($r,$sid);
530a546,551
> 		$tpl_vars{SESSIONID} = $sid;
> 		
> 		if ($sidisnew eq "yes") {
> 		    $tpl_vars{META} = '<meta http-equiv="refresh" content="0; url=' . uri_escape($r->uri, $escape_rule) . 
> 		    "?sid=$sid\" />";
> 		}
572a594
> 					$nav_vars{SESSIONID} = $sid;
595a618
> 					$nav_vars{SESSIONID} = $sid;
686a710
> 				$sizes_vars{SESSIONID} = $sid;
701a726
> 			$sizes_vars{SESSIONID} = $sid;
717a743
> 			$slideshow_vars{SESSIONID} = $sid;
740a767
> 			$tpl_vars{SESSIONID} = $sid;
1270a1298
> 	my $sid = shift;
1300c1328
< 		return qq{ <a href="$root_path">$root_text</a> };
---
> 		return qq{ <a href="$root_path/?sid=$sid">$root_text</a> };
1325c1353
< 			$menu .= "<a href=\"".uri_escape($menuurl, $escape_rule)."\">$linktext</a> / ";
---
> 			$menu .= "<a href=\"".uri_escape($menuurl, $escape_rule)."?sid=$sid\">$linktext</a> / ";
1337c1365
< 			$menu .= "?select=1\">[select]</a> ";
---
> 			$menu .= "?select=1&sid=$sid\">[select]</a> ";
1475a1504,1593
> sub checksession {
> 	# check if we have a vaild sessionid, if not, generate a new sessionid
> 	my $r=shift;
> 	my $psid = shift;
> 	my $sidisnew = "no";
> 	
> 	if ($r->uri =~ m/\.cache\//i) {
> 	    # for the thumbnails we don't need sids
> 	    return;
> 	} elsif ($r->uri eq "/gallery.css") {
> 	    # for the css file we don't need sids
> 	    return;
> 	}
> 	
> 	my $gallerysessiondir=$r->dir_config('GallerySessionDir');
> 	if (!(defined($gallerysessiondir))) {
> 	    return "nosession";
> 	    #warn("GallerySessionDir is not setup -> Change apache configuration");
> 	}
> 	my $gallerysessiontimeout=$r->dir_config('GallerySessionTimeout');
> 	if (!(defined($gallerysessiontimeout))) {
> 	    warn "GallerySessionTimeout not defined in apache config file, defining as 86400";
> 	    $gallerysessiontimeout = 86400;
> 	}
> 	$gallerysessiontimeout = $gallerysessiontimeout + 1 - 1;
> 	if ($gallerysessiontimeout < 1) {
> 	    warn "GallerySessionTimeout too short, redefining to 86400";
> 	    $gallerysessiontimeout = 86400;
> 	}
> 	
> 	$psid =~ s/[^0-9a-zA-Z]//g;
> 	#warn "nutze/teste sid $psid";
> 	
> 	my $ua = md5_base64(user_agent());
> 	$ua =~ s/[^0-9a-zA-Y]//g;
> 	my @se = split(/Z/,$psid);
> 	my $time = time;
> 	
> 	if (length($psid) > 150 || length($psid) < 5) {
> 	    # sid to short or long
> 	    $psid = '';
> 	} elsif ($se[2] ne $ua) {
> 	    # browser incorrect
> 	    $psid = '';
> 	} elsif (($time - $se[0]) > $gallerysessiontimeout) {
> 	    # is the session timed out
> 	    $psid = '';
> 	}
> 
> 	# check the session file itself
> 	my $direrror = 0;
> 	if (!(-d $gallerysessiondir)) {
> 	    warn("GallerySessionDir is not a directory");
> 	    $direrror = 1;
> 	} elsif (!(-w $gallerysessiondir)) {
> 	    warn ("GallerySessionDir is not writable by effective uid -> Change permissions");
> 	    $direrror = 1;
> 	} else {
> 	    # GallerySessionDir seems o.k.
> 	    if (!(-e "$gallerysessiondir/$psid")) { $psid = ''; }
> 	}
> 
> 
> 	if ($psid eq '') {
> 	    # generate a new sid
>     	    my $key = encode_base64(Crypt::RandPasswd->chars(16, 16));
> 	    chomp($key);
> 	    $key =~ s/[^0-9a-zA-Y]//g;
> 	    $psid = time . "Z" . $key . "Z" . $ua;
> 	    if ($direrror == 0) {
> 		# create the sessionfile which can contain everything you want
> 		open(DAT,">$gallerysessiondir/$psid") || warn("Cannot Open SessionFile $gallerysessiondir/$psid");
> 		print DAT "Content of the sessionfile, i.e. checkbox values\n";
> 		print DAT $r->uri,"\n",time,"\n";
> 		close DAT;
> 		$sidisnew = "yes";
> 		# delete old sessionfiles
> 		opendir DIRHANDLE, $gallerysessiondir;
> 		my @allsess = readdir DIRHANDLE;
> 		foreach my $sidf (@allsess) {
> 		    my @t = split(/Z/,$sidf);
> 		    if ((time - $t[0]) > $gallerysessiontimeout && length($sidf) > 5) {
> 			unlink "$gallerysessiondir/$sidf";
> 		    }
> 		}
> 	    }
> 	}
> 	return ($psid,$sidisnew);
> }
> 
1650a1769,1798
> =item B<GallerySessionDir>
> 
> Directory for session files
> 
> The directory should be writable by the webserver. Every user gets
> a unique sessionid and a sessionfile will be created in this directory.
> The sessionid contains the time,a unique key and the browser/user agent
> of the visitor.
> The use of sessions makes sense, if you intend to let visitors
> choose different pictures into a basket.
> 
> Example:
> 
>         PerlSetVar      GallerySessionDir  '/www/gallery/sessions/'
> 
> =item B<GallerySessionTimeout>
> 
> Lifetime of a session
> 
> This setting affects the lifetime of a sessionfile.
> Set this to a number of seconds (not too short), i.e.
> 86400 for one day.
> This setting is only effective, if you have set GallerySessionDir
> Old sessionfiles will deleted, if their lifetime is exceeded.
> 
> Examples:
> 
> Lifetime of 6 hours (6 * 3600):
>         PerlSetVar      GallerySessionTimeout '21600'
> 
diff -r Apache-Gallery-1.0RC2/templates/default/directory.tpl Apache-Gallery-1.0RC2-tm/templates/default/directory.tpl
1c1
<     <div id="folder"><a href="{ $FILEURL }/"><img border="0" src="/icons/gallery/agfolder.png"><br>{ $FILE }</a></div>
---
>     <div id="folder"><a href="{ $FILEURL }/?sid={ $SESSIONID }"><img border="0" src="/icons/gallery/agfolder.png"><br>{ $FILE }</a></div>
diff -r Apache-Gallery-1.0RC2/templates/default/error.tpl Apache-Gallery-1.0RC2-tm/templates/default/error.tpl
6c6
<       <p><a clas="nav" href="javascript:history.go(-1)">Back</a>
---
>       <p><a class="nav" href="javascript:history.go(-1)">Back</a>
diff -r Apache-Gallery-1.0RC2/templates/default/file.tpl Apache-Gallery-1.0RC2-tm/templates/default/file.tpl
1c1
<     <div id="folder"><a href="{ $FILEURL }"><img border="0" alt="{ $ALT }" src="/icons/gallery/{ $FILETYPE }.png"><br>{ $FILE }</a></div>
---
>     <div id="folder"><a href="{ $FILEURL }?sid={ $SESSIONID }"><img border="0" alt="{ $ALT }" src="/icons/gallery/{ $FILETYPE }.png"><br>{ $FILE }</a></div>
diff -r Apache-Gallery-1.0RC2/templates/default/interval.tpl Apache-Gallery-1.0RC2-tm/templates/default/interval.tpl
1c1
< <a href="{ $IMAGEURI }?slideshow={ $SECONDS }&width={ $WIDTH }">{ $SECONDS }</a>
---
> <a href="{ $IMAGEURI }?slideshow={ $SECONDS }&width={ $WIDTH }&sid={ $SESSIONID }">{ $SECONDS }</a>
diff -r Apache-Gallery-1.0RC2/templates/default/navpicture.tpl Apache-Gallery-1.0RC2-tm/templates/default/navpicture.tpl
1c1
< <a href="{ $URL }?width={ $WIDTH }" class="nav" accesskey=" { $ACCESSKEY }" title="Accesskey { $ACCESSKEY }" ><img src="{ $PICTURE }"><br>{ $DIRECTION } - { $FILENAME }</a>
---
> <a href="{ $URL }?width={ $WIDTH }&sid={ $SESSIONID }" class="nav" accesskey=" { $ACCESSKEY }" title="Accesskey { $ACCESSKEY }" ><img src="{ $PICTURE }"><br>{ $DIRECTION } - { $FILENAME }</a>
diff -r Apache-Gallery-1.0RC2/templates/default/picture.tpl Apache-Gallery-1.0RC2-tm/templates/default/picture.tpl
1c1
<     <a href="{ $FILEURL }"><img alt="{ $FILE } - { $DATE }" src="{ $SRC }" width="{ $WIDTH }" height="{ $HEIGHT }"></a>
---
>     <a href="{ $FILEURL }?sid={ $SESSIONID }"><img alt="{ $FILE } - { $DATE }" src="{ $SRC }" width="{ $WIDTH }" height="{ $HEIGHT }"></a>
diff -r Apache-Gallery-1.0RC2/templates/default/refresh.tpl Apache-Gallery-1.0RC2-tm/templates/default/refresh.tpl
1c1
< <meta http-equiv="refresh" content="{ $INTERVAL }; url={ $URL }?slideshow={ $INTERVAL }&width={ $WIDTH }" />
---
> <meta http-equiv="refresh" content="{ $INTERVAL }; url={ $URL }?slideshow={ $INTERVAL }&width={ $WIDTH }&sid={ $SESSIONID }" />
diff -r Apache-Gallery-1.0RC2/templates/default/scale.tpl Apache-Gallery-1.0RC2-tm/templates/default/scale.tpl
1c1
< <a href="{ $IMAGEURI }?width={ $WIDTH }">{ $SIZE }</a>
---
> <a href="{ $IMAGEURI }?width={ $WIDTH }&sid={ $SESSIONID }">{ $SIZE }</a>
diff -r Apache-Gallery-1.0RC2/templates/default/slideshowoff.tpl Apache-Gallery-1.0RC2-tm/templates/default/slideshowoff.tpl
1c1
< <a href="{ $IMAGEURI }">Off</a>
---
> <a href="{ $IMAGEURI }?sid={ $SESSIONID }">Off</a>
diff -r Apache-Gallery-1.0RC2/templates/new/directory.tpl Apache-Gallery-1.0RC2-tm/templates/new/directory.tpl
1c1
< 	<div class="folder"><a href="{ $FILEURL }/"><img src="/icons/gallery/agfolder.png" alt="* { $FILE }"><br>{ $FILE }</a></div>
---
> 	<div class="folder"><a href="{ $FILEURL }/?sid={ $SESSIONID }"><img src="/icons/gallery/agfolder.png" alt="* { $FILE }"><br>{ $FILE }</a></div>
diff -r Apache-Gallery-1.0RC2/templates/new/file.tpl Apache-Gallery-1.0RC2-tm/templates/new/file.tpl
1c1
<     <div class="folder"><a href="{ $FILEURL }"><img border="0" alt="{ $ALT }" src="/icons/gallery/{ $FILETYPE }.png "><br>{ $FILE }</a></div>
---
>     <div class="folder"><a href="{ $FILEURL }?sid={ $SESSIONID }"><img border="0" alt="{ $ALT }" src="/icons/gallery/{ $FILETYPE }.png "><br>{ $FILE }</a></div>
diff -r Apache-Gallery-1.0RC2/templates/new/interval.tpl Apache-Gallery-1.0RC2-tm/templates/new/interval.tpl
1c1
< <a href="{ $IMAGEURI }?slideshow={ $SECONDS }&width={ $WIDTH }">{ $SECONDS }</a>
---
> <a href="{ $IMAGEURI }?slideshow={ $SECONDS }&width={ $WIDTH }&sid={ $SESSIONID }">{ $SECONDS }</a>
diff -r Apache-Gallery-1.0RC2/templates/new/navpicture.tpl Apache-Gallery-1.0RC2-tm/templates/new/navpicture.tpl
1c1
< <a href="{ $URL }?width={ $WIDTH }" accesskey="{ $ACCESSKEY }" title="Accesskey { $ACCESSKEY }">{ $DIRECTION }</a>
---
> <a href="{ $URL }?width={ $WIDTH }&sid={ $SESSIONID }" accesskey="{ $ACCESSKEY }" title="Accesskey { $ACCESSKEY }">{ $DIRECTION }</a>
diff -r Apache-Gallery-1.0RC2/templates/new/picture.tpl Apache-Gallery-1.0RC2-tm/templates/new/picture.tpl
1c1
<     <a href="{ $FILEURL }"><img alt="{ $FILE } - { $DATE }" src="{ $SRC }" width="{ $WIDTH }" height="{ $HEIGHT }"></a>{ $SELECT }
---
>     <a href="{ $FILEURL }?sid={ $SESSIONID }"><img alt="{ $FILE } - { $DATE }" src="{ $SRC }" width="{ $WIDTH }" height="{ $HEIGHT }"></a>{ $SELECT }
diff -r Apache-Gallery-1.0RC2/templates/new/refresh.tpl Apache-Gallery-1.0RC2-tm/templates/new/refresh.tpl
1c1
< <meta http-equiv="refresh" content="{ $INTERVAL }; url={ $URL }?slideshow={ $INTERVAL }&width={ $WIDTH }" />
---
> <meta http-equiv="refresh" content="{ $INTERVAL }; url={ $URL }?slideshow={ $INTERVAL }&width={ $WIDTH }&sid={ $SESSIONID }" />
diff -r Apache-Gallery-1.0RC2/templates/new/scale.tpl Apache-Gallery-1.0RC2-tm/templates/new/scale.tpl
1c1
< <a href="{ $IMAGEURI }?width={ $WIDTH }">{ $SIZE }</a>
---
> <a href="{ $IMAGEURI }?width={ $WIDTH }&sid={ $SESSIONID }">{ $SIZE }</a>
diff -r Apache-Gallery-1.0RC2/templates/new/showpicture.tpl Apache-Gallery-1.0RC2-tm/templates/new/showpicture.tpl
7c7
< { $BACK } - <a href="./" accesskey=u" rel="up" title="Accesskey U"><u>u</u>p</a> - { $NEXT }</div>
---
> { $BACK } - <a href="./?sid={ $SESSIONID }" accesskey=u" rel="up" title="Accesskey U"><u>u</u>p</a> - { $NEXT }</div>
diff -r Apache-Gallery-1.0RC2/templates/new/slideshowoff.tpl Apache-Gallery-1.0RC2-tm/templates/new/slideshowoff.tpl
1c1
< <a href="{ $IMAGEURI }">Off</a>
---
> <a href="{ $IMAGEURI }?sid={ $SESSIONID }">Off</a>

Prev by Date: Re: [ApacheGallery] .THM files.
Next by Date: Re: [ApacheGallery] .THM files.
Previous by thread: Re: [ApacheGallery] .THM files.
Next by thread: [ApacheGallery] apachegallery on windows
Index(es):
- Date
- Thread