From 88ca38a3561c8ee4688b4c1e430dee1756af45e4 Mon Sep 17 00:00:00 2001 From: thomascube Date: Wed, 2 Feb 2011 18:24:14 +0000 Subject: Keep rcube_session->lifetime and keep_alive in sync --- program/include/rcmail.php | 1 + program/include/rcube_session.php | 23 ++++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) (limited to 'program/include') diff --git a/program/include/rcmail.php b/program/include/rcmail.php index ab2c16172..c2ca51aea 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -768,6 +768,7 @@ class rcmail // login succeeded if (is_object($user) && $user->ID) { $this->set_user($user); + $this->session_configure(); // set session vars $_SESSION['user_id'] = $user->ID; diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php index 55c2e1443..7384af39c 100644 --- a/program/include/rcube_session.php +++ b/program/include/rcube_session.php @@ -50,14 +50,10 @@ class rcube_session public function __construct($db, $lifetime=60) { $this->db = $db; - $this->lifetime = $lifetime; $this->start = microtime(true); $this->ip = $_SERVER['REMOTE_ADDR']; - // valid time range is now - 1/2 lifetime to now + 1/2 lifetime - $now = time(); - $this->now = $now - ($now % ($this->lifetime / 2)); - $this->prev = $this->now - ($this->lifetime / 2); + $this->set_lifetime($lifetime); // set custom functions for PHP session management session_set_save_handler( @@ -365,12 +361,29 @@ class rcube_session return unserialize( 'a:' . $items . ':{' . $serialized . '}' ); } + + /** + * Setter for session lifetime + */ + public function set_lifetime($lifetime) + { + $this->lifetime = max(120, $lifetime); + + // valid time range is now - 1/2 lifetime to now + 1/2 lifetime + $now = time(); + $this->now = $now - ($now % ($this->lifetime / 2)); + $this->prev = $this->now - ($this->lifetime / 2); + } + /** * Setter for keep_alive interval */ public function set_keep_alive($keep_alive) { $this->keep_alive = $keep_alive; + + if ($this->lifetime < $keep_alive) + $this->set_lifetime($keep_alive + 30); } /** -- cgit v1.2.3