function session_limit_init in Session Limit 6
Same name and namespace in other branches
- 5 session_limit.module \session_limit_init()
- 6.2 session_limit.module \session_limit_init()
- 7.2 session_limit.module \session_limit_init()
Implementation of hook_init().
Determine whether session has been verified. Redirect user if over session limit. Established Sessions do NOT need to verify every page load. The new session must deal w/ determining which connection is cut.
This intentionally doesn't use hook_user()'s login feature because that's only really useful if the login event always boots off at least one other active session. Doing it this way makes sure that the newest session can't browse to a different page after their login has validated.
File
- ./
session_limit.module, line 170 - Limits multiple sessions per user.
Code
function session_limit_init() {
global $user;
if ($user->uid > 1 && !isset($_SESSION['session_limit'])) {
// Exclude from the redirect.
if (arg(0) == 'session' && arg(1) == 'limit' || arg(0) == 'logout') {
return;
}
if (module_exists('masquerade') && variable_get('session_limit_masquerade_ignore', FALSE)) {
$result = db_query('SELECT COUNT(s.uid) FROM {sessions} AS s
LEFT JOIN {masquerade} AS m ON s.uid = m.uid_as AND s.sid = m.sid
WHERE s.uid = %d AND m.sid IS NULL', $user->uid);
}
else {
$result = db_query('SELECT COUNT(*) FROM {sessions} WHERE uid = %d', $user->uid);
}
$max_sessions = session_limit_user_max_sessions();
if (!empty($max_sessions) && db_result($result) > $max_sessions) {
session_limit_invoke_session_limit(session_id(), 'collision');
}
else {
// mark session as verified to bypass this in future.
$_SESSION['session_limit'] = TRUE;
}
}
}