From 42de33c7dee0dc48e54d317eefd4dac18c317e42 Mon Sep 17 00:00:00 2001 From: Thomas Bruederli Date: Wed, 5 Jun 2013 09:10:08 +0200 Subject: Add option to use PHP's native session save handlers --- program/include/rcmail.php | 2 +- program/lib/Roundcube/rcube.php | 3 +-- program/lib/Roundcube/rcube_session.php | 40 +++++++++++++++++++++++++++++++-- 3 files changed, 40 insertions(+), 5 deletions(-) (limited to 'program') diff --git a/program/include/rcmail.php b/program/include/rcmail.php index 89f2f9647..a7ddb1e2a 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -746,7 +746,7 @@ class rcmail extends rcube // before closing the database connection, write session data if ($_SERVER['REMOTE_ADDR'] && is_object($this->session)) { - session_write_close(); + $this->session->write_close(); } // write performance stats to logs/console diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php index 4471acec0..4e3f8fcf4 100644 --- a/program/lib/Roundcube/rcube.php +++ b/program/lib/Roundcube/rcube.php @@ -457,7 +457,6 @@ class rcube ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid'); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); - ini_set('session.serialize_handler', 'php'); ini_set('session.cookie_httponly', 1); // use database for storing session data @@ -471,7 +470,7 @@ class rcube // start PHP session (if not in CLI mode) if ($_SERVER['REMOTE_ADDR']) { - session_start(); + $this->session->start(); } } diff --git a/program/lib/Roundcube/rcube_session.php b/program/lib/Roundcube/rcube_session.php index dedde2284..4e0682749 100644 --- a/program/lib/Roundcube/rcube_session.php +++ b/program/lib/Roundcube/rcube_session.php @@ -42,6 +42,7 @@ class rcube_session private $secret = ''; private $ip_check = false; private $logging = false; + private $storage; private $memcache; @@ -59,11 +60,14 @@ class rcube_session $this->set_lifetime($lifetime); // use memcache backend - if ($config->get('session_storage', 'db') == 'memcache') { + $this->storage = $config->get('session_storage', 'db'); + if ($this->storage == 'memcache') { $this->memcache = rcube::get_instance()->get_memcache(); // set custom functions for PHP session management if memcache is available if ($this->memcache) { + ini_set('session.serialize_handler', 'php'); + session_set_save_handler( array($this, 'open'), array($this, 'close'), @@ -79,7 +83,9 @@ class rcube_session true, true); } } - else { + else if ($this->storage != 'php') { + ini_set('session.serialize_handler', 'php'); + // set custom functions for PHP session management session_set_save_handler( array($this, 'open'), @@ -92,6 +98,22 @@ class rcube_session } + /** + * Wrapper for session_start() + */ + public function start() + { + session_start(); + + // copy some session properties to object vars + if ($this->storage == 'php') { + $this->key = session_id(); + $this->ip = $_SESSION['__IP']; + $this->changed = $_SESSION['__MTIME']; + } + } + + public function open($save_path, $session_name) { return true; @@ -115,6 +137,20 @@ class rcube_session } + /** + * Wrapper for session_write_close() + */ + public function write_close() + { + if ($this->storage == 'php') { + $_SESSION['__IP'] = $this->ip; + $_SESSION['__MTIME'] = time(); + } + + session_write_close(); + } + + /** * Read session data from database * -- cgit v1.2.3