From 569701d7002e71fbf76e9acaa6c83e5bee90b411 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Thu, 17 Mar 2011 10:17:08 -0400
Subject: [PATCH] - Handle properly situation when uploaded attachment file is too big

---
 program/include/rcube_session.php |   61 +++++++++++++++++++-----------
 1 files changed, 38 insertions(+), 23 deletions(-)

diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php
index 55c2e14..8c7adb3 100644
--- a/program/include/rcube_session.php
+++ b/program/include/rcube_session.php
@@ -50,14 +50,10 @@
   public function __construct($db, $lifetime=60)
   {
     $this->db = $db;
-    $this->lifetime = $lifetime;
     $this->start = microtime(true);
     $this->ip = $_SERVER['REMOTE_ADDR'];
 
-    // valid time range is now - 1/2 lifetime to now + 1/2 lifetime
-    $now = time();
-    $this->now = $now - ($now % ($this->lifetime / 2));
-    $this->prev = $this->now - ($this->lifetime / 2);
+    $this->set_lifetime($lifetime);
 
     // set custom functions for PHP session management
     session_set_save_handler(
@@ -196,6 +192,19 @@
 
 
   /**
+   * Cleanup session data before saving
+   */
+  public function cleanup()
+  {
+    // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data']
+    if ($_SESSION['compose']) {
+      $_SESSION['compose_data'][$_SESSION['compose']['id']] = $_SESSION['compose'];
+      $this->remove('compose');
+    }
+  }
+
+
+  /**
    * Register additional garbage collector functions
    *
    * @param mixed Callback function
@@ -209,27 +218,15 @@
 
   /**
    * Generate and set new session id
+   *
+   * @param boolean $destroy If enabled the current session will be destroyed
    */
-  public function regenerate_id()
+  public function regenerate_id($destroy=true)
   {
-    // delete old session record
-    $this->destroy(session_id());
+    session_regenerate_id($destroy);
+
     $this->vars = false;
-
-    $randval = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-
-    for ($random = '', $i=1; $i <= 32; $i++) {
-      $random .= substr($randval, mt_rand(0,(strlen($randval) - 1)), 1);
-    }
-
-    // use md5 value for id
-    $this->key = md5($random);
-    session_id($this->key);
-
-    $cookie   = session_get_cookie_params();
-    $lifetime = $cookie['lifetime'] ? time() + $cookie['lifetime'] : 0;
-
-    rcmail::setcookie(session_name(), $this->key, $lifetime);
+    $this->key  = session_id();
 
     return true;
   }
@@ -257,6 +254,7 @@
    */
   public function kill()
   {
+    $this->vars = false;
     $this->destroy(session_id());
     rcmail::setcookie($this->cookiename, '-del-', time() - 60);
   }
@@ -365,12 +363,29 @@
     return unserialize( 'a:' . $items . ':{' . $serialized . '}' );
   }
 
+
+  /**
+   * Setter for session lifetime
+   */
+  public function set_lifetime($lifetime)
+  {
+      $this->lifetime = max(120, $lifetime);
+
+      // valid time range is now - 1/2 lifetime to now + 1/2 lifetime
+      $now = time();
+      $this->now = $now - ($now % ($this->lifetime / 2));
+      $this->prev = $this->now - ($this->lifetime / 2);
+  }
+
   /**
    * Setter for keep_alive interval
    */
   public function set_keep_alive($keep_alive)
   {
     $this->keep_alive = $keep_alive;
+    
+    if ($this->lifetime < $keep_alive)
+        $this->set_lifetime($keep_alive + 30);
   }
 
   /**

--
Gitblit v1.9.1