SmrSession: allow active session for each game

engine/Default/game_play_processing.php

@@ -1,7 +1,7 @@
 <?php
 
 // register game_id
-SmrSession::$game_id = $var['game_id'];
+SmrSession::updateGame($var['game_id']);
 
 $player =& SmrPlayer::getPlayer(SmrSession::$account_id, $var['game_id']);
 $player->updateLastCPLAction();

lib/Default/SmrSession.class.inc

@@ -245,14 +245,27 @@ class SmrSession {
 					' WHERE session_id=' . self::$db->escapeString(self::$session_id) . (USING_AJAX ? ' AND last_sn='.self::$db->escapeString(self::$lastSN) : '') . ' LIMIT 1');
 		}
 		else {
-			self::$db->query('DELETE FROM active_session WHERE account_id = ' . self::$db->escapeNumber(self::$account_id) . ' LIMIT 1');
+			self::$db->query('DELETE FROM active_session WHERE account_id = ' . self::$db->escapeNumber(self::$account_id) . ' AND game_id = ' . self::$db->escapeNumber(self::$game_id));
 			self::$db->query('INSERT INTO active_session (session_id, account_id, old_account_id, game_id, last_accessed, session_var) VALUES(' . self::$db->escapeString(self::$session_id) . ',' . self::$db->escapeNumber(self::$account_id) . ',' . self::$db->escapeNumber(is_numeric(self::$old_account_id)?self::$old_account_id:0) . ',' . self::$db->escapeNumber(self::$game_id) . ',' . self::$db->escapeNumber(TIME) . ',' . self::$db->escapeBinary($compressed) . ')');
 			self::$generate = false;
 		}
 		// This takes us back to the standard database if we had to change it.
 		$db = new SmrMySqlDatabase();
 	}
 
+	/**
+	 * Updates the `game_id` attribute of the session and deletes any other
+	 * active sessions in this game for this account.
+	 */
+	public static function updateGame($gameID) {
+		if (self::$game_id == $gameID) {
+			return;
+		}
+		self::$game_id = $gameID;
+		self::$db->query('DELETE FROM active_session WHERE account_id = ' . self::$db->escapeNumber(self::$account_id) . ' AND game_id = ' . self::$game_id);
+		self::$db->query('UPDATE active_session SET game_id=' . self::$db->escapeNumber(self::$game_id) . ' WHERE session_id=' . self::$db->escapeString(self::$session_id));
+	}
+
 	public static function updateSN() {
 		self::$db = new SmrSessionMySqlDatabase();
 		if(!USING_AJAX)

lib/Default/smr.inc

@@ -525,14 +525,12 @@ function do_voodoo() {
 			$account->log(LOG_TYPE_GAME_ENTERING, 'Player left game '.SmrSession::$game_id);
 
 		// reset game id
-		SmrSession::$game_id = 0;
-		SmrSession::update();
+		SmrSession::updateGame(0);
 
 		forward(create_container('skeleton.php', 'game_play.php', $var));
 	}
 	else if($var['url'] == 'logoff_preprocessing.php') {
-		SmrSession::$game_id = 0;
-		SmrSession::update();
+		SmrSession::updateGame(0);
 
 		// log?
 		$account->log(LOG_TYPE_LOGIN, 'logged off from '.getIpAddress());

lib/Login/loginSmarty.php

@@ -10,8 +10,8 @@
 if(count($loginNews)>0)
 	$template->assign('LoginNews',$loginNews);
 
-
-$db->query('SELECT count(*) AS active_sessions FROM active_session WHERE account_id!=0 AND last_accessed > '.$db->escapeNumber(TIME - SmrSession::TIME_BEFORE_EXPIRY));
+// Users can have a session for each open game, so only count unique accounts
+$db->query('SELECT count(DISTINCT account_id) AS active_sessions FROM active_session WHERE account_id!=0 AND last_accessed > '.$db->escapeNumber(TIME - SmrSession::TIME_BEFORE_EXPIRY));
 $db->nextRecord();
 $template->assign('ActiveSessions',$db->getField('active_sessions'));