5) { tracking::$disabled = true; return true; } $q = "INSERT INTO web_tracking(cookie,created,last_used,ip_addr," . "browser,stored_data) VALUES ('" . tracking::$id . "',unix_timestamp(now()),unix_timestamp(now()),'".$_SERVER['REMOTE_ADDR']."','" . addslashes($_SERVER['HTTP_USER_AGENT']) . "'," . "'a:0:{}')"; return dbQuery($q); } /** This function updates a tracking entry's last access timestamp. */ private static function updateAccess() { $q = "UPDATE web_tracking SET last_used=unix_timestamp(now()) WHERE cookie='" . tracking::$id . "'"; return dbQuery($q); } /** This function reads tracking data from the web_tracking table and stores it * in the tracking::$data variable. */ private static function readData() { $trackId = tracking::$id; $q = "SELECT stored_data,id FROM web_tracking WHERE cookie = '$trackId' FOR UPDATE"; $qr = dbQuery($q); if (!$qr || dbCount($qr) != 1) { l::notice("Tracking data not found for cookie '$trackId'"); return false; } $tmp = dbFetchArray($qr); $trackData = unserialize($tmp[0]); $trackDBId = $tmp[1]; if (!is_array($trackData)) { // Make sure we delete the tracking data that caused the problem l::notice("Invalid tracking data for '$trackId'"); l::debug("DB id= $trackDBId, data type= '" . gettype($trackData) . "'"); l::info("Moving entry out of the way"); //dbQuery("DELETE FROM web_tracking WHERE id=$trackDBId"); dbQuery("UPDATE web_tracking SET cookie='DISABLED $trackDBId' WHERE id=$trackDBId"); dbEnd(); } else { tracking::$dbId = $trackDBId; tracking::$data = $trackData; tracking::$dataMD5 = md5($tmp[0]); } return is_array($trackData); } /** This function initializes the tracking system */ static function init() { tracking::$cName = config::getParam('trackname'); list($trackId,$trackNew) = tracking::readId(); if (handler::$h->noTracking ?? false && (is_null($trackId) || $trackNew)) { tracking::$disabled = true; return; } if (is_null($trackId)) { l::fatal(2); } tracking::$id = $trackId; tracking::$new = $trackNew; if ($trackNew && !tracking::createData()) { l::fatal(3); } elseif (!$trackNew && !tracking::updateAccess()) { l::fatal(4); } if (tracking::$disabled) { return; } if (tracking::readData()) { setcookie( tracking::$cName, $trackId, [ 'expires' => time() + 31536000, 'path' => dirname($_SERVER['SCRIPT_NAME']), 'samesite' => 'strict', ] ); } else { $trackDBId = tracking::$dbId; l::fatal(5, "Tracking data: ID='$trackId',DB ID=$trackDBId" . ($trackNew ? ",new" : "")); } } /** This function updates the web_tracking table using the serialized contents * of tracking::$data */ static function store() { if (is_null(tracking::$dbId)) { if (tracking::$disabled) { return 1; } l::warn("storeTrackingData: database identifier is null"); return 1; } $serialized = serialize(tracking::$data); if (self::$dataMD5 != md5($serialized)) { $txt = pg_escape_string(serialize(tracking::$data)); $q = "UPDATE web_tracking SET last_used=unix_timestamp(now()),stored_data='$txt' WHERE id='" . tracking::$dbId . "'"; } else { $q = "UPDATE web_tracking SET last_used=unix_timestamp(now()) WHERE id='" . tracking::$dbId . "'"; } return dbQuery($q); } } ?>