Hi,
our gallery is used for anonymous browsing only - users can view, upload and comment
without having to register. The only user we need is the admin user.
Unfortunately, 1.4.x now uses DB sessions for all users (different from 1.3.x). This would have
been great if the session were used to cache all kinds of config data in order to save multiple
DB calls. However, this is not the case and the session stuff adds even more DB requests.
So to save DB resources, we made some modifications to disable sessions for non-Admins.
So far, it seems to work well - but those who know better about the internals of CPG are
invited to comment. Maybe we are breaking some functionality unknowingly?
This is what we did: in init.inc.php we check the IP of the user. If it is from an array
of pre-defined admin IPs, we include the regular bridge-file of CPG. So we, the owners, can use CPG
in the original state with sessions and stuff. If the request comes from a non-Admin IP, we include
a special bridge file where the session stuff is left out. It always returns "0" on the login function
and has all DB Requests replaced by "0" results in order to mimic the original coppermine.inc's behaviour.
This will save us lots of DB queries. Works great, the anonymous users can still write comments and ecards
and upload into the galleries we allow. So will these changes break something we are not aware of?
changes:
init.inc.php (around line 234 )
$nc_admin_ips = array("1.2.3.4", "127.0.0.1");
if ( in_array($_SERVER["REMOTE_ADDR"], $nc_admin_ips) )
{
require_once 'bridge/' . UDB_INTEGRATION . '.inc.php';
}
else
{
require_once 'bridge/' . UDB_INTEGRATION . '_nosession.inc.php';
}
and the diffs:
diff -b -B coppermine_nosession.inc.php coppermine.inc.php
106,109d105
<
< ################ NO LOGIN ALLOWED !!! ##########################################
< return false;
<
166c162
< ################cpg_db_query($sql, $this->link_id);
---
> cpg_db_query($sql, $this->link_id);
216c212
< ################cpg_db_query($sql, $this->link_id);
---
> cpg_db_query($sql, $this->link_id);
220,221c216,217
< ################cpg_db_query($sql, $this->link_id);
< /*
---
> cpg_db_query($sql, $this->link_id);
>
227c223
< ####################$result = cpg_db_query($sql);
---
> $result = cpg_db_query($sql);
257c253
< ########################$this->create_session();
---
> $this->create_session();
263c259
< ####################$this->create_session();
---
> $this->create_session();
265,266d260
< */
< return ($id) ? array($id, $pass) : false;
268c262
< return false;
---
> return ($id) ? array($id, $pass) : false;
277c271
< ################cpg_db_query($sql);
---
> cpg_db_query($sql);
292c286
< ################cpg_db_query($sql, $this->link_id);
---
> cpg_db_query($sql, $this->link_id);
308,309d301
< ################################
< /*
315d306
< */
330,331c321
< ########################$count = mysql_fetch_assoc($result);
< $count = 0;
---
> $count = mysql_fetch_assoc($result);
336,337c326
< ########################$count = array_merge(mysql_fetch_assoc($result), $count);
< $count = array_merge(0, $count);
---
> $count = array_merge(mysql_fetch_assoc($result), $coun
t);
Regards,
Ulrich