diff options
| author | thomascube <thomas@roundcube.net> | 2006-09-07 18:54:37 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2006-09-07 18:54:37 +0000 |
| commit | e170b4b7f85767703293116c95d9e02020b1c99a (patch) | |
| tree | b9b708c37c1016709fcb3314039d2137c99e26f4 /program/include | |
| parent | d656f1ca71de0ec88da9ac84987bdeb44e371ccf (diff) | |
Some bugfixes and session expiration stuff
Diffstat (limited to 'program/include')
| -rw-r--r-- | program/include/main.inc | 96 | ||||
| -rw-r--r-- | program/include/session.inc | 2 |
2 files changed, 62 insertions, 36 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index ae7d50b9f..0d3cf82bb 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -39,40 +39,12 @@ function rcmail_startup($task='mail') // check client $BROWSER = rcube_browser(); - // load config file - include_once('config/main.inc.php'); - $CONFIG = is_array($rcmail_config) ? $rcmail_config : array(); - - // load host-specific configuration - rcmail_load_host_config($CONFIG); - - $CONFIG['skin_path'] = $CONFIG['skin_path'] ? unslashify($CONFIG['skin_path']) : 'skins/default'; - - // load db conf - include_once('config/db.inc.php'); - $CONFIG = array_merge($CONFIG, $rcmail_config); - - if (empty($CONFIG['log_dir'])) - $CONFIG['log_dir'] = $INSTALL_PATH.'logs'; - else - $CONFIG['log_dir'] = unslashify($CONFIG['log_dir']); - - // set PHP error logging according to config - if ($CONFIG['debug_level'] & 1) - { - ini_set('log_errors', 1); - ini_set('error_log', $CONFIG['log_dir'].'/errors'); - } - if ($CONFIG['debug_level'] & 4) - ini_set('display_errors', 1); - else - ini_set('display_errors', 0); - + // load configuration + $CONFIG = rcmail_load_config(); // set session garbage collecting time according to session_lifetime if (!empty($CONFIG['session_lifetime'])) - ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']+2)*60); - + ini_set('session.gc_maxlifetime', ($CONFIG['session_lifetime']) * 120); // prepare DB connection require_once('include/rcube_'.(empty($CONFIG['db_backend']) ? 'db' : $CONFIG['db_backend']).'.inc'); @@ -80,7 +52,7 @@ function rcmail_startup($task='mail') $DB = new rcube_db($CONFIG['db_dsnw'], $CONFIG['db_dsnr'], $CONFIG['db_persistent']); $DB->sqlite_initials = $INSTALL_PATH.'SQL/sqlite.initial.sql'; $DB->db_connect('w'); - + // we can use the database for storing session data if (!$DB->is_error()) include_once('include/session.inc'); @@ -129,6 +101,44 @@ function rcmail_startup($task='mail') } +// load roundcube configuration into global var +function rcmail_load_config() + { + global $INSTALL_PATH; + + // load config file + include_once('config/main.inc.php'); + $conf = is_array($rcmail_config) ? $rcmail_config : array(); + + // load host-specific configuration + rcmail_load_host_config($conf); + + $conf['skin_path'] = $conf['skin_path'] ? unslashify($conf['skin_path']) : 'skins/default'; + + // load db conf + include_once('config/db.inc.php'); + $conf = array_merge($conf, $rcmail_config); + + if (empty($conf['log_dir'])) + $conf['log_dir'] = $INSTALL_PATH.'logs'; + else + $conf['log_dir'] = unslashify($conf['log_dir']); + + // set PHP error logging according to config + if ($conf['debug_level'] & 1) + { + ini_set('log_errors', 1); + ini_set('error_log', $conf['log_dir'].'/errors'); + } + if ($conf['debug_level'] & 4) + ini_set('display_errors', 1); + else + ini_set('display_errors', 0); + + return $conf; + } + + // load a host-specific config file if configured function rcmail_load_host_config(&$config) { @@ -169,15 +179,24 @@ function rcmail_auth_hash($sess_id, $ts) function rcmail_authenticate_session() { $now = mktime(); - $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time'])); + $valid = ($_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['auth_time']) || + $_COOKIE['sessauth'] == rcmail_auth_hash(session_id(), $_SESSION['last_auth'])); // renew auth cookie every 5 minutes (only for GET requests) if (!$valid || ($_SERVER['REQUEST_METHOD']!='POST' && $now-$_SESSION['auth_time'] > 300)) { + $_SESSION['last_auth'] = $_SESSION['auth_time']; $_SESSION['auth_time'] = $now; setcookie('sessauth', rcmail_auth_hash(session_id(), $now)); } - + + if (!$valid) + write_log('timeouts', + "REQUEST: " . var_export($_REQUEST, true) . + "\nEXPECTED: " . rcmail_auth_hash(session_id(), $_SESSION['auth_time']) . + "\nOR LAST: " . rcmail_auth_hash(session_id(), $_SESSION['last_auth']) . + "\nSESSION: " . var_export($_SESSION, true)); + return $valid; } @@ -353,11 +372,15 @@ function load_gui() $javascript .= "$JS_OBJECT_NAME.set_env('$js_config_var', '" . $CONFIG[$js_config_var] . "');\n"; } } + + // don't wait for page onload. Call init at the bottom of the page (delayed) + $javascript_foot = "if (window.call_init)\n call_init('$JS_OBJECT_NAME');"; if (!empty($GLOBALS['_framed'])) $javascript .= "$JS_OBJECT_NAME.set_env('framed', true);\n"; - $OUTPUT->add_script($javascript); + $OUTPUT->add_script($javascript, 'head'); + $OUTPUT->add_script($javascript_foot, 'foot'); $OUTPUT->include_script('common.js'); $OUTPUT->include_script('app.js'); $OUTPUT->scripts_path = 'program/js/'; @@ -1802,6 +1825,9 @@ function console($msg) function write_log($name, $line) { global $CONFIG; + + if (!is_string($line)) + $line = var_export($line, true); $log_entry = sprintf("[%s]: %s\n", date("d-M-Y H:i:s O", mktime()), diff --git a/program/include/session.inc b/program/include/session.inc index 00ca29915..dc7714777 100644 --- a/program/include/session.inc +++ b/program/include/session.inc @@ -45,7 +45,7 @@ function sess_read($key) if ($sql_arr = $DB->fetch_assoc($sql_result)) { - $SESS_CHANGED = mktime(); //$sql_arr['changed']; + $SESS_CHANGED = $sql_arr['changed']; if (strlen($sql_arr['vars'])) return $sql_arr['vars']; |