function sess_regenerate() { $old_session_id = session_id(); // We code around http://bugs.php.net/bug.php?id=32802 by destroying // the session cookie by setting expiration in the past (a negative // value). This issue only arises in PHP versions before 4.4.0, // regardless of the Drupal configuration. // TODO: remove this when we require at least PHP 4.4.0 if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, '/'); } session_regenerate_id(); db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id); }
user_load获取用户的信息.不一定非得读cookie,你可以直接利用drupal的函数. 或者获取sid来读取session./modules/user/user.module /** * Perform standard Drupal login operations for a user object. * * The user object must already be authenticated. This function verifies * that the user account is not blocked/denied and then performs the login, * updates the login timestamp in the database, invokes hook_user('login'), * and regenerates the session. * * @param $account * An authenticated user object to be set as the currently logged * in user. * @param $edit * The array of form values submitted by the user, if any. * This array is passed to hook_user op login. * @return boolean * TRUE if the login succeeds, FALSE otherwise. */function user_external_login($account, $edit = array()) { $form = drupal_get_form('user_login'); $state['values'] = $edit; if (empty($state['values']['name'])) { $state['values']['name'] = $account->name; } // Check if user is blocked or denied by access rules. user_login_name_validate($form, $state, (array)$account); if (form_get_errors()) { // Invalid login. return FALSE; } // Valid login. global $user; $user = $account; user_authenticate_finalize($state['values']); return TRUE; }
function sess_regenerate() {
$old_session_id = session_id(); // We code around http://bugs.php.net/bug.php?id=32802 by destroying
// the session cookie by setting expiration in the past (a negative
// value). This issue only arises in PHP versions before 4.4.0,
// regardless of the Drupal configuration.
// TODO: remove this when we require at least PHP 4.4.0
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
} session_regenerate_id(); db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
}
或者获取sid来读取session./modules/user/user.module
/**
* Perform standard Drupal login operations for a user object.
*
* The user object must already be authenticated. This function verifies
* that the user account is not blocked/denied and then performs the login,
* updates the login timestamp in the database, invokes hook_user('login'),
* and regenerates the session.
*
* @param $account
* An authenticated user object to be set as the currently logged
* in user.
* @param $edit
* The array of form values submitted by the user, if any.
* This array is passed to hook_user op login.
* @return boolean
* TRUE if the login succeeds, FALSE otherwise.
*/function user_external_login($account, $edit = array()) {
$form = drupal_get_form('user_login'); $state['values'] = $edit;
if (empty($state['values']['name'])) {
$state['values']['name'] = $account->name;
} // Check if user is blocked or denied by access rules.
user_login_name_validate($form, $state, (array)$account);
if (form_get_errors()) {
// Invalid login.
return FALSE;
} // Valid login.
global $user;
$user = $account;
user_authenticate_finalize($state['values']);
return TRUE;
}