summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2011-03-08 08:40:47 +0000
committeralecpl <alec@alec.pl>2011-03-08 08:40:47 +0000
commitc294eaa3f27ca5f38101eb4a1692111ac0ee82f8 (patch)
tree30d6e36f28536a15041d6b418377ff3a7daac5e4
parentfb061aaecead8248d1a5cc43cc9593832d7bbdc0 (diff)
- Performance improvement: Remove redundant DELETE query (for old session deletion) on login
Diffstat
-rw-r--r--CHANGELOG1
-rw-r--r--index.php6
-rw-r--r--program/include/rcube_session.php12
3 files changed, 11 insertions, 8 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 1336e96fd..8ea4aed53 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Remove redundant DELETE query (for old session deletion) on login
- Get around unreliable rand() and mt_rand() in session ID generation (#1486281)
- Fix some emails are not shown using Cyrus IMAP (#1487820)
- Fix handling of mime-encoded words with non-integral number of octets in a word (#1487801)
diff --git a/index.php b/index.php
index 1b1522683..6ebc48e3d 100644
--- a/index.php
+++ b/index.php
@@ -98,7 +98,9 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
$RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])) {
// create new session ID
$RCMAIL->session->remove('temp');
- $RCMAIL->session->regenerate_id();
+ // regenerate the session, don't destroy the current session
+ // it was destroyed already by $RCMAIL->kill_session() above
+ $RCMAIL->session->regenerate_id(false);
// send auth cookie if necessary
$RCMAIL->session->set_auth_cookie();
@@ -110,7 +112,7 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
$query = array();
if ($url = get_input_value('_url', RCUBE_INPUT_POST)) {
parse_str($url, $query);
-
+
// prevent endless looping on login page
if ($query['_task'] == 'login')
unset($query['_task']);
diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php
index 0fc444256..1fa331753 100644
--- a/program/include/rcube_session.php
+++ b/program/include/rcube_session.php
@@ -205,15 +205,15 @@ class rcube_session
/**
* Generate and set new session id
+ *
+ * @param boolean $destroy If enabled the current session will be destroyed
*/
- public function regenerate_id()
+ public function regenerate_id($destroy=true)
{
- // delete old session record
- $this->destroy(session_id());
- $this->vars = false;
+ session_regenerate_id($destroy);
- session_regenerate_id(false);
- $this->key = session_id();
+ $this->vars = false;
+ $this->key = session_id();
return true;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-16 21:35:28 +0000