You are here

Home » API reference » Session Limit 7.2 » session_limit.module

function session_limit_invoke_session_limit in Session Limit 7.2

Same name and namespace in other branches
  1. 6.2 session_limit.module \session_limit_invoke_session_limit()
  2. 6 session_limit.module \session_limit_invoke_session_limit()

Limit a users access to the sites based on the current session.

Parameters

string $session: The session id string which identifies the current session.

string $op: The action which caused the session limitation event. This is either 'collision' or 'disconnect'.

Return value

array The results of all hook_session_limit functions. Note that in a collision event, a Drupal goto is executed so this function does not return.

2 calls to session_limit_invoke_session_limit()
session_limit_init in ./session_limit.module
Implements hook_init().
session_limit_page_submit in ./session_limit.module
Handler for submissions from session_limit_page().

File

./session_limit.module, line 604
Limits multiple sessions per user.

Code

function session_limit_invoke_session_limit($session, $op) {
  $return = array();

  // Execute the hook_session_limit().
  foreach (module_implements('session_limit') as $name) {
    $function = $name . '_session_limit';
    $result = $function($session, $op);
    if (isset($result) && is_array($result)) {
      $return = array_merge($return, $result);
    }
    elseif (isset($result)) {
      $return[] = $result;
    }
  }

  // In the event of a collision, redirect to session handler.
  if ($op == 'collision') {
    if (variable_get('session_limit_behaviour', SESSION_LIMIT_DO_NOTHING) == SESSION_LIMIT_DROP) {
      global $user;

      // Get the number of sessions that should be removed.
      $limit = db_query("SELECT COUNT(DISTINCT(sid)) - :max_sessions FROM {sessions} WHERE uid = :uid", array(
        ':max_sessions' => session_limit_user_max_sessions($user),
        ':uid' => $user->uid,
      ))
        ->fetchField();
      if ($limit > 0) {

        // Secure session ids are seperate rows in the database, but we don't want to kick
        // the user off there http session and not there https session or vice versa. This
        // is why this query is DISTINCT.
        $result = db_select('sessions', 's')
          ->distinct()
          ->fields('s', array(
          'sid',
        ))
          ->condition('s.uid', $user->uid)
          ->orderBy('timestamp', 'ASC')
          ->range(0, $limit)
          ->execute();
        foreach ($result as $session) {
          session_limit_invoke_session_limit($session->sid, 'disconnect');
        }
      }
    }
    else {

      // Otherwise re-direct to the session handler page so the user can
      // choose which action they would like to take.
      drupal_goto('session/limit');
    }
  }
  return $return;
}