[BETA] Guest Sessions MOD

[Arty]

This mod removes session id from url for guests. This allowes bots (like googlebot) to spider forum correctly without adding session id to urls. And guests won't have more than one session from same ip.

Mod version: 0.04

Code: Select all

################################################################# 
## MOD Title: Guest Sessions MOD
## MOD Version: 0.04
## MOD Author: CyberAlien <no@public_email> (Vjacheslav Trushkin) http://www.phpbbstyles.com
## MOD Description: 
##		This mod removes session id for guests from url and this way
##		guests who don't have cookies like different robots will use
##		correct urls. It can be used to allow googlebot and other
##		search engines to spider your forum correctly.
##
## Installation Level:	Easy
## Installation Time:	1-2 Minutes
## Files To Edit (1): includes/sessions.php
############################################################## 
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the 
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code 
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered 
## in our MOD-Database, located at: http://www.phpbb.com/mods/ 
############################################################## 
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
############################################################## 

# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/sessions.php

#
#-----[ FIND ]---------------------------------------------
# around line 157
	$sql = "UPDATE " . SESSIONS_TABLE . "
		SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
		WHERE session_id = '" . $session_id . "' 
			AND session_ip = '$user_ip'";

# 
#-----[ REPLACE WITH ]---------------------------------------
# 
	$sql_ip = $user_id == ANONYMOUS ? " AND session_ip = '$user_ip'" : '';
	$sql = "UPDATE " . SESSIONS_TABLE . "
		SET session_ip = '$user_ip', session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
		WHERE session_id = '" . $session_id . "' $sql_ip 
			AND session_user_id = '$user_id'";

#
#-----[ FIND ]---------------------------------------------
# around line 210
	$SID = 'sid=' . $session_id;

# 
#-----[ REPLACE WITH ]---------------------------------------
# 
	$SID = $user_id > 0 ? 'sid=' . $session_id : '';

#
#-----[ FIND ]---------------------------------------------
# around line 288
				$SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';

# 
#-----[ REPLACE WITH ]---------------------------------------
# 
				$SID = $userdata['user_id'] > 0 ? (($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '') : '';

#
#-----[ FIND ]---------------------------------------------
# around line 340
	//
	// If we reach here then no (valid) session exists. So we'll create a new one,
# 
#-----[ BEFORE, ADD ]---------------------------------------
# 
	elseif(empty($sessiondata))
	{
		// try to login guest
		$sql = "SELECT u.*, s.*
			FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
			WHERE s.session_ip = '$user_ip' 
				AND s.session_user_id = " . ANONYMOUS . "
				AND u.user_id = s.session_user_id 
					LIMIT 0, 1";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
		}

		$userdata = $db->sql_fetchrow($result);

		if ( isset($userdata['user_id']) )
		{
			if ( $current_time - $userdata['session_time'] > 60 )
			{
				$sql = "UPDATE " . SESSIONS_TABLE . " 
					SET session_time = $current_time, session_start = $current_time, session_page = 0
					WHERE session_id = '" . $userdata['session_id'] . "'";
				if ( !$db->sql_query($sql) )
				{
					message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
				}
			}
			return $userdata;
		}
	}

# 
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ 
# 
# EoM 

To download it as .mod file click here.

Mod updated for phpBB 2.0.15

[Xxh2kxX]

hey thanks for this mod ..

i need to know iam use this mod .

Code: Select all

#-----[ OPEN  ]------------------------------------------ 
includes/sessions.php 

#-----[ FIND ]------------------------------------------ 
   global $SID; 

if ( !empty($SID) && !preg_match('#sid=#', $url) ) 

#-----[ REPLACE WITH ]------------------------------------------ 
   global $SID, $HTTP_SERVER_VARS; 

   if ( !empty($SID) && !preg_match('sid=', $url) && !strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'] ,'Googlebot') && !strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'] ,'slurp@inktomi.com')) 

# 
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ 
# 
# EoM

if i add this also is there any problem ?

Thankyou

[Arty]

$SID will be empty so those both if() will return false instead of true. you'll need to remove "!empty($SID) && " from those if()'s

[Arty]

updated to 0.02

when user loggs in session id stays the same and with this algorythm it might cause problem when several users try to share same session id with different user ids. so i changed query to reuse user's old session when logged in instead of changing guest session.

[Einstein]

And guests won't have more than one session from same ip.

How does this MOD behave when there are two different computers behind a NAT? One session for both?

[Arty]

If both users are guests then one session for both users.

If at least one of those users logged in then every user will have separate session.

[Arty]

This mod works. Now google spiders my forum correctly. Here is proof: http://www.google.com/search?q=phpbb+si ... 8&oe=utf-8 (that forum is slightly modified - it also adds style id to urls that is not part of this mod, but it works same was for googlebot as this mod)

So i guess i'll put it in validation soon when i'll make sure that there are no bugs.

[Darlantan]

does anonymous posting work if browser has cookies turned off?

[Shoshan.net]

Hi.

There's something with this Mod.
I am logged in automatically, which means, even if I close the browser and open a new one I will still be logged in. Now, after installing this Mod, whenever I close the browser and open a new one to go to the board, I have to log in again. What could it be?
Nice Mod!

[Arty]

Darlantan: yes, guests can post even without cookies.

Shoshan.net: works for me. try clearing your cookies for that domain

[Shoshan.net]

Shoshan.net: works for me. try clearing your cookies for that domain

What I want is to always be logged in and it's not happening. What could it be?

[agiacosa]

Thanks for this. I will try it this weekend and report back. There is so much confusion about this topic that I very much appreciate you doing this.

[Arty]

Shoshan.net: works for me. try clearing your cookies for that domain

What I want is to always be logged in and it's not happening. What could it be?

It could be old incorrect cookies set for incorrect path. Try clearing cookies.

[Shoshan.net]

I cleared all cookies before and no, it's not happening.

[Arty]

Sorry, i don't know what can be causing it. This mod doesn't change autologin code and autologin works for me on modded forums.