mirror of
https://github.com/wallabag/wallabag.git
synced 2024-12-16 18:30:17 +01:00
Merge pull request #581 from mariroz/fix-session-livetime
fix of issue under nginx and php-fpm
This commit is contained in:
commit
028e34b6c4
6
inc/3rdparty/Session.class.php
vendored
6
inc/3rdparty/Session.class.php
vendored
@ -51,7 +51,7 @@ class Session
|
|||||||
public static function init($longlastingsession = false)
|
public static function init($longlastingsession = false)
|
||||||
{
|
{
|
||||||
//check if session name is correct
|
//check if session name is correct
|
||||||
if ( session_id() && session_id()!=self::$sessionName ) {
|
if ( (session_id() && !empty(self::$sessionName) && session_name()!=self::$sessionName) || $longlastingsession ) {
|
||||||
session_destroy();
|
session_destroy();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -71,7 +71,7 @@ class Session
|
|||||||
session_set_cookie_params(self::$longSessionTimeout, $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
session_set_cookie_params(self::$longSessionTimeout, $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
session_set_cookie_params('', $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
session_set_cookie_params(0, $cookiedir, $_SERVER['HTTP_HOST'], $ssl, true);
|
||||||
}
|
}
|
||||||
//set server side valid session timeout
|
//set server side valid session timeout
|
||||||
//WARNING! this may not work in shared session environment. See http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime about min value: it can be set in any application
|
//WARNING! this may not work in shared session environment. See http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime about min value: it can be set in any application
|
||||||
@ -183,7 +183,7 @@ class Session
|
|||||||
|| (self::$disableSessionProtection === false
|
|| (self::$disableSessionProtection === false
|
||||||
&& $_SESSION['ip'] !== self::_allIPs())
|
&& $_SESSION['ip'] !== self::_allIPs())
|
||||||
|| time() >= $_SESSION['expires_on']) {
|
|| time() >= $_SESSION['expires_on']) {
|
||||||
self::logout();
|
//self::logout();
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -14,9 +14,7 @@ require_once 'inc/poche/global.inc.php';
|
|||||||
|
|
||||||
# Start session
|
# Start session
|
||||||
Session::$sessionName = 'poche';
|
Session::$sessionName = 'poche';
|
||||||
if ( !isset($_GET['login']) ) {
|
Session::init();
|
||||||
Session::init();
|
|
||||||
}
|
|
||||||
|
|
||||||
# Start Poche
|
# Start Poche
|
||||||
$poche = new Poche();
|
$poche = new Poche();
|
||||||
@ -122,6 +120,7 @@ if (Session::isLogged()) {
|
|||||||
} else {
|
} else {
|
||||||
$tpl_file = Tools::getTplFile('login');
|
$tpl_file = Tools::getTplFile('login');
|
||||||
$tpl_vars['http_auth'] = 0;
|
$tpl_vars['http_auth'] = 0;
|
||||||
|
Session::logout();
|
||||||
}
|
}
|
||||||
|
|
||||||
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
|
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
|
||||||
|
Loading…
Reference in New Issue
Block a user