From 8e528fd7bf2e2bd1e20c7e7de5eefb26bf6b19d9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 23 May 2012 14:09:57 -0400
Subject: [PATCH] hide_blockquote - a new plugin for hiding citation blocks
---
program/include/rcube_session.php | 57 +++++++++++++++++++++++++++++----------------------------
1 files changed, 29 insertions(+), 28 deletions(-)
diff --git a/program/include/rcube_session.php b/program/include/rcube_session.php
index 7c60973..53042b3 100644
--- a/program/include/rcube_session.php
+++ b/program/include/rcube_session.php
@@ -5,9 +5,12 @@
| program/include/rcube_session.php |
| |
| This file is part of the Roundcube Webmail client |
- | Copyright (C) 2005-2011, The Roundcube Dev Team |
+ | Copyright (C) 2005-2012, The Roundcube Dev Team |
| Copyright (C) 2011, Kolab Systems AG |
- | Licensed under the GNU GPL |
+ | |
+ | Licensed under the GNU General Public License version 3 or |
+ | any later version with exceptions for skins & plugins. |
+ | See the README file for a full license statement. |
| |
| PURPOSE: |
| Provide database supported session management |
@@ -40,7 +43,6 @@
private $vars = false;
private $key;
private $now;
- private $prev;
private $secret = '';
private $ip_check = false;
private $logging = false;
@@ -325,27 +327,19 @@
/**
- * Cleanup session data before saving
- */
- public function cleanup()
- {
- // current compose information is stored in $_SESSION['compose'], move it to $_SESSION['compose_data_<ID>']
- if ($compose_id = $_SESSION['compose']['id']) {
- $_SESSION['compose_data_'.$compose_id] = $_SESSION['compose'];
- $this->remove('compose');
- }
- }
-
-
- /**
* Register additional garbage collector functions
*
* @param mixed Callback function
*/
- public function register_gc_handler($func_name)
+ public function register_gc_handler($func)
{
- if ($func_name && !in_array($func_name, $this->gc_handlers))
- $this->gc_handlers[] = $func_name;
+ foreach ($this->gc_handlers as $handler) {
+ if ($handler == $func) {
+ return;
+ }
+ }
+
+ $this->gc_handlers[] = $func;
}
@@ -388,6 +382,7 @@
public function kill()
{
$this->vars = false;
+ $this->ip = $_SERVER['REMOTE_ADDR']; // update IP (might have changed)
$this->destroy(session_id());
rcmail::setcookie($this->cookiename, '-del-', time() - 60);
}
@@ -522,7 +517,6 @@
// valid time range is now - 1/2 lifetime to now + 1/2 lifetime
$now = time();
$this->now = $now - ($now % ($this->lifetime / 2));
- $this->prev = $this->now - ($this->lifetime / 2);
}
/**
@@ -593,15 +587,22 @@
$this->log("IP check failed for " . $this->key . "; expected " . $this->ip . "; got " . $_SERVER['REMOTE_ADDR']);
if ($result && $this->_mkcookie($this->now) != $this->cookie) {
- // Check if using id from previous time slot
- if ($this->_mkcookie($this->prev) == $this->cookie) {
- $this->set_auth_cookie();
+ $this->log("Session auth check failed for " . $this->key . "; timeslot = " . date('Y-m-d H:i:s', $this->now));
+ $result = false;
+
+ // Check if using id from a previous time slot
+ for ($i = 1; $i <= 2; $i++) {
+ $prev = $this->now - ($this->lifetime / 2) * $i;
+ if ($this->_mkcookie($prev) == $this->cookie) {
+ $this->log("Send new auth cookie for " . $this->key . ": " . $this->cookie);
+ $this->set_auth_cookie();
+ $result = true;
+ }
}
- else {
- $result = false;
- $this->log("Session authentication failed for " . $this->key . "; invalid auth cookie sent");
- }
- }
+ }
+
+ if (!$result)
+ $this->log("Session authentication failed for " . $this->key . "; invalid auth cookie sent; timeslot = " . date('Y-m-d H:i:s', $prev));
return $result;
}
--
Gitblit v1.9.1