I love to try and see how open source software works so that I can try and learn new ways to create code and increase my knowledge with certain programming languages.
I have been digging through phpbb3 code to try and see how it manages sessions and user information through its various classes.
I haven't been able to trace where $user->data is being set throughout any of the classes. Can someone help breakdown how their session management class works in conjunction with their user class?
Most of the files that access the session and user classes start with this code:
// Start session management
$user->session_begin();
$auth->acl($user->data);
I have been able to trace where the session_begin function sits within the session class and I see that session class extends the user class, but I have not been able to track down where the $user->data is being set or returned.
Anyone have a good break down?
On every page the first thing to do is to include($phpbb_root_path . 'common.' . $phpEx); which means including a file /common.php if your php file extension is php.
This file includes /includes/compatibility_globals.php and runs register_compatibility_globals(); which creates a global user object:
$user = $phpbb_container->get('user');. The class is located at \phpbb\user.
Because the user class extends \phpbb\session, the $user gets all the properties from the \phpbb\session. One of the properties is data and one of the methods is session_begin. Now you have everything you need to start a session: $user->session_begin();. And somewhere inside that method $user->data gets its first values:
// if session id is set
if (!empty($this->session_id))
{
$sql = 'SELECT u.*, s.*
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
WHERE s.session_id = '" . $db->sql_escape($this->session_id) . "'
AND u.user_id = s.session_user_id";
$result = $db->sql_query($sql);
//data property
$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);