From 06dc9838e0327c9472cbd3f353b40317eba0ecef Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 16 Sep 2011 13:53:35 -0400
Subject: [PATCH] Fix session race conditions when composing new messages

---
 CHANGELOG                             |    1 +
 program/steps/mail/attachments.inc    |    2 +-
 program/steps/mail/compose.inc        |    4 ++--
 program/include/rcube_json_output.php |    1 +
 program/steps/mail/func.inc           |    4 ++--
 program/include/rcube_session.php     |    6 +++---
 program/steps/mail/sendmail.inc       |    2 +-
 7 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index a7d7522..f6ab58b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix session race conditions when composing new messages
 - Fix encoding of LDAP contacts identifiers (#1488079)
 - jQuery 1.6.4
 - Make date/time format user configurable; drop 'date_today' config option
diff --git a/program/include/rcube_json_output.php b/program/include/rcube_json_output.php
index ade9cc0..e0a29c1 100644
--- a/program/include/rcube_json_output.php
+++ b/program/include/rcube_json_output.php
@@ -219,6 +219,7 @@
      */
     public function send()
     {
+      sleep(6);
         $this->remote_response();
         exit;
     }
diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php
index c1d9b9c..27cf694 100644
--- a/program/include/rcube_session.php
+++ b/program/include/rcube_session.php
@@ -321,9 +321,9 @@
    */
   public function cleanup()
   {
-    // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data']
-    if ($_SESSION['compose']) {
-      $_SESSION['compose_data'][$_SESSION['compose']['id']] = $_SESSION['compose'];
+    // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data_<ID>']
+    if ($compose_id = $_SESSION['compose']['id']) {
+      $_SESSION['compose_data_'.$compose_id] = $_SESSION['compose'];
       $this->remove('compose');
     }
   }
diff --git a/program/steps/mail/attachments.inc b/program/steps/mail/attachments.inc
index 4674034..ffb1642 100644
--- a/program/steps/mail/attachments.inc
+++ b/program/steps/mail/attachments.inc
@@ -25,7 +25,7 @@
 }
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GPC);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 if (!$_SESSION['compose']) {
   die("Invalid session var!");
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 7e8a26f..4307c36 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -29,7 +29,7 @@
 $MESSAGE = NULL;
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GET);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 // Nothing below is called during message composition, only at "new/forward/reply/draft" initialization or
 // if a compose-ID is given (i.e. when the compose step is opened in a new window/tab).
@@ -39,7 +39,7 @@
   if ($COMPOSE_ID)
     raise_error(array('code' => 500, 'type' => 'php',
       'file' => __FILE__, 'line' => __LINE__,
-      'message' => "Invalid session"), true, true);
+      'message' => "Invalid compose ID"), true, true);
 
   $_SESSION['compose'] = array(
     'id' => uniqid(mt_rand()),
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 98040e9..36b18ce 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1430,12 +1430,12 @@
  */
 function rcmail_compose_cleanup($id)
 {
-  if (!isset($_SESSION['compose_data'][$id]))
+  if (!isset($_SESSION['compose_data_'.$id]))
     return;
 
   $rcmail = rcmail::get_instance();
   $rcmail->plugins->exec_hook('attachments_cleanup', array('group' => $id));
-  unset($_SESSION['compose_data'][$id]);
+  $rcmail->session->remove('compose_data_'.$id);
 }
 
 
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index f81c152..7850859 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -27,7 +27,7 @@
 $savedraft = !empty($_POST['_draft']) ? true : false;
 
 $COMPOSE_ID = get_input_value('_id', RCUBE_INPUT_GPC);
-$_SESSION['compose'] = $_SESSION['compose_data'][$COMPOSE_ID];
+$_SESSION['compose'] = $_SESSION['compose_data_'.$COMPOSE_ID];
 
 /****** checks ********/
 

--
Gitblit v1.9.1