3

I love to try and see how open source software works so that I can try and learn new ways to create code and increase my knowledge with certain programming languages.

I have been digging through phpbb3 code to try and see how it manages sessions and user information through its various classes.

I haven't been able to trace where $user->data is being set throughout any of the classes. Can someone help breakdown how their session management class works in conjunction with their user class?

Most of the files that access the session and user classes start with this code:

// Start session management
$user->session_begin();
$auth->acl($user->data);

I have been able to trace where the session_begin function sits within the session class and I see that session class extends the user class, but I have not been able to track down where the $user->data is being set or returned.

Anyone have a good break down?

zeropsi
  • 682
  • 9
  • 24
  • "*I love to try and see how open source software works so that I can try and learn new ways to create code and increase my knowledge with certain programming languages.*" - always a good thing to see. Instead of these people who just blindly use libraries and frameworks without knowing what they do. Or people who just tell others 'use a framework' instead of encouraging them to actually learn code. So, Props +1! – IncredibleHat Aug 08 '18 at 17:07

1 Answers1

4

On every page the first thing to do is to include($phpbb_root_path . 'common.' . $phpEx); which means including a file /common.php if your php file extension is php.

This file includes /includes/compatibility_globals.php and runs register_compatibility_globals(); which creates a global user object: $user = $phpbb_container->get('user');. The class is located at \phpbb\user.

Because the user class extends \phpbb\session, the $user gets all the properties from the \phpbb\session. One of the properties is data and one of the methods is session_begin. Now you have everything you need to start a session: $user->session_begin();. And somewhere inside that method $user->data gets its first values:

// if session id is set
if (!empty($this->session_id))
{
  $sql = 'SELECT u.*, s.*
    FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
    WHERE s.session_id = '" . $db->sql_escape($this->session_id) . "'
      AND u.user_id = s.session_user_id";
  $result = $db->sql_query($sql);
  //data property
  $this->data = $db->sql_fetchrow($result);
  $db->sql_freeresult($result);
Croco
  • 326
  • 1
  • 12
  • Yes, in a language like PHP, _almost every_ module begins with `include(), require(),` or `require_once()`, and this is where you'll find all of the "preamble" activities, often further sub-divided into a nest of other such included files. – Mike Robinson Jan 25 '19 at 14:33