githubFork/roundcubemail.git

			@@ -6,7 +6,7 @@
			\| \|
			\| This file is part of the RoundCube Webmail client \|
			\| Copyright (C) 2005, RoundCube Dev, - Switzerland \|
			\| All rights reserved. \|
			\| Licensed under the GNU GPL \|
			\| \|
			\| PURPOSE: \|
			\| Provide database supported session management \|
			@@ -38,15 +38,14 @@
			{
			global $DB, $SESS_CHANGED;

			$sql_result = $DB->query(sprintf("SELECT vars, UNIX_TIMESTAMP(changed) AS changed
			FROM %s
			WHERE sess_id='%s'",
			get_table_name('session'),
			$key));
			$sql_result = $DB->query("SELECT vars, ip, ".$DB->unixtimestamp('changed')." AS changed
			FROM ".get_table_name('session')."
			WHERE sess_id=?",
			$key);

			if ($sql_arr = $DB->fetch_assoc($sql_result))
			{
			$SESS_CHANGED = $sql_arr['changed'];
			$SESS_CHANGED = mktime(); //$sql_arr['changed'];

			if (strlen($sql_arr['vars']))
			return $sql_arr['vars'];
			@@ -60,32 +59,32 @@
			function sess_write($key, $vars)
			{
			global $DB;

			$sql_result = $DB->query(sprintf("SELECT 1
			FROM %s
			WHERE sess_id='%s'",
			get_table_name('session'),
			$key));

			$sql_result = $DB->query("SELECT 1
			FROM ".get_table_name('session')."
			WHERE sess_id=?",
			$key);

			if ($DB->num_rows($sql_result))
			{
			session_decode($vars);
			$DB->query(sprintf("UPDATE %s
			SET vars='%s',
			changed=NOW()
			WHERE sess_id='%s'",
			get_table_name('session'),
			$vars,
			$key));
			$DB->query("UPDATE ".get_table_name('session')."
			SET vars=?,
			changed=now()
			WHERE sess_id=?",
			$vars,
			$key);
			}
			else
			{
			$DB->query(sprintf("INSERT INTO %s
			(sess_id, vars, created, changed)
			VALUES ('%s', '%s', NOW(), NOW())",
			get_table_name('session'),
			$key,
			$vars));
			$DB->query("INSERT INTO ".get_table_name('session')."
			(sess_id, vars, ip, created, changed)
			VALUES (?, ?, ?, now(), now())",
			$key,
			$vars,
			$_SERVER['REMOTE_ADDR']);


			}

			return TRUE;
			@@ -97,17 +96,16 @@
			{
			global $DB;

			$DB->query(sprintf("DELETE FROM %s
			WHERE sess_id='%s'",
			get_table_name('session'),
			$key));
			// delete session entries in cache table
			$DB->query("DELETE FROM ".get_table_name('cache')."
			WHERE session_id=?",
			$key);

			$DB->query("DELETE FROM ".get_table_name('session')."
			WHERE sess_id=?",
			$key);

			// also delete session entries in cache table
			$DB->query(sprintf("DELETE FROM %s
			WHERE session_id='%s'",
			get_table_name('cache'),
			$key));

			rcmail_clear_session_temp($key);
			return TRUE;
			}

			@@ -118,11 +116,10 @@
			global $DB;

			// get all expired sessions
			$sql_result = $DB->query(sprintf("SELECT sess_id
			FROM %s
			WHERE UNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(created) > %d",
			get_table_name('session'),
			$maxlifetime));
			$sql_result = $DB->query("SELECT sess_id
			FROM ".get_table_name('session')."
			WHERE ".$DB->unixtimestamp('now()')."-".$DB->unixtimestamp('changed')." > ?",
			$maxlifetime);

			$a_exp_sessions = array();
			while ($sql_arr = $DB->fetch_assoc($sql_result))
			@@ -131,19 +128,22 @@

			if (sizeof($a_exp_sessions))
			{
			// delete session cache records
			$DB->query("DELETE FROM ".get_table_name('cache')."
			WHERE session_id IN ('".join("','", $a_exp_sessions)."')");

			// delete session records
			$DB->query(sprintf("DELETE FROM %s
			WHERE sess_id IN ('%s')",
			get_table_name('session'),
			join("','", $a_exp_sessions)));

			// also delete session cache records
			$DB->query(sprintf("DELETE FROM %s
			WHERE session_id IN ('%s')",
			get_table_name('cache'),
			join("','", $a_exp_sessions)));
			$DB->query("DELETE FROM ".get_table_name('session')."
			WHERE sess_id IN ('".join("','", $a_exp_sessions)."')");
			}

			// remove session specific temp dirs
			foreach ($a_exp_sessions as $key)
			rcmail_clear_session_temp($key);

			// also run message cache GC
			rcmail_message_cache_gc();

			return TRUE;
			}