harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

a few issues: block public not blocking mod_cal, typo in sql for one clone file sync operation, fix_system_urls not catching cached contact photos, extend sessionhandler expiration when remember_me is enabled as the stored session is expiring long before the browser session.

Browse Source
This commit is contained in:
redmatrix
2016-04-10 16:56:08 -07:00
parent c0bdcfedeb
commit abfbe9c937
7 changed files with 50 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
Zotlabs/Web/Session.php
View File

@@ -13,6 +13,8 @@ namespace Zotlabs\Web;
class Session {
private static $handler = null;
function init() {
$gc_probability = 50;
@@ -26,6 +28,7 @@ class Session {
*/
$handler = new \Zotlabs\Web\SessionHandler();
self::$handler = $handler;
$x = session_set_save_handler($handler,true);
if(! $x)
@@ -67,26 +70,28 @@ class Session {
function new_cookie($time) {
function new_cookie($xtime) {
$newxtime = (($xtime> 0) ? (time() + $xtime) : 0);
$old_sid = session_id();
session_regenerate_id(false);
q("UPDATE session SET sid = '%s' WHERE sid = '%s'",
dbesc(session_id()),
dbesc($old_sid)
);
if(self::$handler) {
$v = q("UPDATE session SET sid = '%s' WHERE sid = '%s'",
dbesc(session_id()),
dbesc($old_sid)
);
}
else
logger('no session handler');
if (x($_COOKIE, 'jsAvailable')) {
if ($time) {
$expires = time() + $time;
} else {
$expires = 0;
}
setcookie('jsAvailable', $_COOKIE['jsAvailable'], $expires);
setcookie('jsAvailable', $_COOKIE['jsAvailable'], $newxtime);
}
setcookie(session_name(),session_id(),$expires);
setcookie(session_name(),session_id(),$newxtime);
}

7
Zotlabs/Web/SessionHandler.php
View File

@@ -35,7 +35,12 @@ class SessionHandler implements \SessionHandlerInterface {
return false;
}
$expire = time() + $this->session_expire;
// Can't just use $data here because we can't be certain of the serialisation algorithm
if($_SESSION && array_key_exists('remember_me',$_SESSION) && intval($_SESSION['remember_me']))
$expire = time() + (60 * 60 * 24 * 365);
else
$expire = time() + $this->session_expire;
$default_expire = time() + 300;
if($this->session_exists) {